Privacy Act
Annual Report

Notice

The Public Service Commission has moved since this document was first published and therefore the address and telephone numbers indicated may no longer be accurate. Please consult the Contact Us page for up-to-date contact information.


April 1, 2010 to March 31, 2011

Table of contents

Introduction

The Privacy Act (R.S., 1985, c. P-21) was proclaimed on July 1, 1983.

The Privacy Act (the "Act") extends to individuals the right to access information about them that is held by the government. This is, however, subject to specific and limited exceptions.

The Act also protects individuals' privacy by preventing others from accessing their personal information and by giving individuals substantial control over the collection, use and disclosure of personal information.

Section 72 of the Act requires that the head of every federal government institution shall prepare an Annual Report, for submission to Parliament, on the administration of the Act within the institution during each fiscal year.

This Annual Report provides a summary of the management and administration of the Privacy Act within the Public Service Commission of Canada (PSC) for the fiscal year 2010-2011.

Additional copies

Additional copies of this report can be obtained by writing to:

Access to Information and Privacy Office
Public Service Commission of Canada
L'Esplanade Laurier
300 Laurier Avenue West
West Tower
Ottawa, Ontario
K1A 0M7

Or by communicating with us via e-mail:

CFP.AIPRP-ATIP.PSC@cfp-psc.gc.ca

Or by calling:

Telephone: 613-995-9032
Fax: 613-996-4337

The PSC's Privacy Act Annual Report is also available on the PSC Web site.


Part I — General information on the Public Service Commission

1.1 Mission, vision and values - striving for excellence

The Public Service Commission (PSC) is dedicated to building a public service that strives for excellence. We protect merit, non-partisanship and the use of both official languages while ensuring respect for the values of access, fairness, transparency and representativeness.

We recruit talented Canadians from across the country to the public service. We continually renew our recruitment services to meet the needs of a modern and innovative public service.

1.2 Values guiding the Public Service Commission's actions

In serving Parliament and Canadians, the PSC is guided by and proudly adheres to the following organizational values:

  • Integrity in our actions;
  • Fairness in our decisions;
  • Respect in our relationships; and
  • Transparency in our communications.

1.3 Responsibilities

On behalf of Parliament, the PSC safeguards the integrity of staffing and the non-partisan nature of the public service. In this respect, the PSC works closely with government but is independent from ministerial direction and is accountable to Parliament.

The PSC is mandated to:

  • Administer the provisions of the Public Service Employment Act (PSEA) that are related to the political activities of employees and deputy heads;
  • Oversee the integrity of the staffing system and ensure non-partisanship. This oversight role includes maintaining and interpreting data on the public service, carrying out audits that provide assurance and make recommendations for improvements and conducting investigations that can lead to corrective action in the case of errors or problems; and
  • Appoint, or provide for the appointment of, persons to or from within the public service. This has been delegated to departments and agencies. The PSC provides staffing and assessment functions and services to support staffing in the public service.

1.4 Public Service Commission's strategic outcome and Program Activity Architecture

PSC strategic outcome:

To provide Canadians with a highly competent, non partisan and representative public service, able to provide service in both official languages, in which appointments are based on the values of access, fairness, transparency and representativeness

The PSC Program Activity Architecture consists of one strategic outcome and four program activities.

Program Activity 1.1.0 — Appointment Integrity and Political Impartiality

The Appointment Integrity and Political Impartiality activity is focused on independently safeguarding merit and non-partisanship in the federal public service. This activity includes developing and advancing strategic policy positions and directions; conducting policy research; establishing PSC policies and standards; providing advice, interpretation and guidance; and administering delegated and non-delegated authorities.

Program Activity 1.2.0 — Oversight of Integrity in Staffing

The Oversight of Integrity in Staffing activity provides an accountability regime for the implementation of the appointment policy and regulatory framework for safeguarding the integrity of public service staffing and ensuring that staffing is free from political influence. This activity includes monitoring departments' and agencies' staffing performance and compliance with legislative requirements; conducting audits and studies; carrying out investigations; and reporting to Parliament on the integrity of public service staffing.

Program Activity 1.3.0 — Staffing Services and Assessment

The Staffing Services and Assessment activity develops and maintains systems that link Canadians and public servants seeking employment opportunities in the federal public service with hiring departments and agencies. It provides assessment-related products and services in the form of research and development, consultation, assessment operations and counselling for use in recruitment, selection and development throughout the federal public service. This activity also includes delivering staffing services, programs and products to departments and agencies, to Canadians and to public servants, through client service units located across Canada.

Program Activity 2.1.0 — Internal Services

The Internal Services program activity develops and monitors corporate management planning frameworks and policies related to the Management Accountability Framework, finance, human resources (HR) management, information technology, communications and other administrative and support services; provides central services, legal services and systems in support of all PSC programs, including the offices of the President and Commissioners; and formulates and implements policies, plans, guidelines, standards, processes and procedures to support the decision-making process of the Commission.

The Program Activity Architecture structure illustrated below allows the PSC to effectively pursue its mandate and contribute to the achievement of the PSC's strategic outcome.
Strategic outcome Program activities Program
Sub-Activities
To provide Canadians with a highly competent, non-partisan and representative public service, able to provide service in both official languages, in which appointments are based on the values of access, fairness, transparency and representativeness 1.1.0 Appointment Integrity and Political Neutrality 1.1.1 Policy, Regulation and Exclusion Approval Orders

1.1.2 Delegated Appointment Authorities

1.1.3 Non-delegated Authorities

1.1.4 Political Activities
1.2.0 Oversight of Integrity of Staffing 1.2.1 Monitoring

1.2.2 Audit, Evaluation and Studies

1.2.3 Investigations
1.3.0 Staffing Services and Assessment 1.3.1 Staffing Service

1.3.2 Assessment
2.1.0 Internal Services

(These services contribute to all program activities.)
2.1.1 Governance and Management Support

2.1.2 Resource Management Services

2.1.3 Asset Management Services

Part II: Report on the Privacy Act

1. Organization of delegation and activities

1.1 Delegation Order

Under section 3 of the Privacy Act (the "Act"), the President of the Commission is designated as the head of the government institution for purposes of the administration of the Act.

Pursuant to section 73 of the Act, deputy heads may delegate any of their powers, duties or functions under the Act by signing an order authorizing one or more officers or employees of the institution, who are at the appropriate level, to exercise or perform the powers, duties or functions of the head specified in the order.

Within the Public Service Commission (PSC), this delegation instrument continues to be based on a centralized process with the Secretary General, Commission Secretariat, who is also the PSC's Access to Information and Privacy (ATIP) Coordinator, having full delegated authority under the Act. An excerpt of the Delegation of Authority approved by the President is enclosed at Appendix A.

1.2 The Access to Information and Privacy Coordinator

The PSC has a single ATIP Coordinator who is responsible and accountable for the development, coordination and implementation of effective policies, guidelines, systems and procedures to enable the efficient processing of requests under the Act.

The Coordinator is also responsible for related policies, systems and procedures emanating from the Act.

The activities of the Coordinator include:

  • Processing requests made under the Act;
  • Acting as spokesperson for the PSC in dealings with the Treasury Board Secretariat (TBS), the Office of the Privacy Commissioner and other government departments and agencies on matters related to the Act;
  • Responding to consultation requests submitted by other federal institutions for PSC documents;
  • Reviewing information collection in accordance with the Government Policy on Information Collection and Public Opinion Research;
  • Preparing the annual report to Parliament and other statutory reports, as well as other material that may be required by central agencies;
  • Developing policies, procedures and guidelines for the orderly implementation of the Act by the PSC;
  • Promoting awareness to ensure the PSC's responsiveness to the obligations of the Act;
  • Monitoring the PSC's compliance with the Act, regulations and relevant procedures and policies; and
  • Providing advice and awareness sessions to PSC employees on the provisions of the Act and TBS policies and their impact on various program initiatives.

1.3 The Access to Information and Privacy Office

The ATIP Office administers the provisions of the Act for the PSC. The Manager of the ATIP Office reports to the ATIP Coordinator, who, in turn, reports to the Vice President, Legal Affairs Branch of the PSC. The ATIP Office operates with one analyst to manage the requests received within the PSC. During the course of this reporting period, the ATIP Office hired a junior officer on a casual basis for scanning and data entry. The analyst is responsible for processing Privacy Act requests and consultations and responding to complaints. The analyst is also responsible for the re-alignment of the PSC's Info Source chapter, and helps with the statistics reports in preparation for Executive Management Committees and the end of Year Annual Report to Parliament.

During more than half of the fiscal year, the ATIP Manager was replaced by counsel from PSC's Legal Services. In addition to providing legal advice and guidance to the ATIP Office on the application of the Act, the ATIP Manager/Counsel assisted the Offices of primary interest within the PSC in the delivery of their program and activities having an Access to Information Act component.

2. Summary of Access to Information and Privacy Office activities

2.1 Development of a Privacy Management Framework

In recognition of the importance of privacy, the PSC developed a Privacy Management Framework (PMF). In keeping with the fundamentals of privacy, the objective of the PMF is to outline the way in which the PSC structures itself through policies and procedures to distribute privacy responsibilities, coordinate privacy work, manage privacy risks and ensure compliance with both the Access to Information Act and Privacy Act.

The PMF was approved by the Executive Management Committee in March 2011. A Privacy Impact Assessment Strategy, a component of the PMF, was approved in April 2011. The PMF included the development of a governance model, to clearly identify privacy responsibilities within the corporate structure of the PSC, and a PSC specific Privacy Policy.

In addition guidance documents for employees further enhance the awareness of privacy concerns among PSC employees. Such documents include the following:

  • Code of Fair Information Practices
  • Privacy Protocol for use of personal information for non-administrative purposes
  • Privacy Guidelines for Collection, Retention, Use and Disposal of Personal Information

The PSC also adopted a framework for managing privacy breaches which includes the following:

  • Policy for Privacy Breaches
  • Procedures for Managing Privacy Breaches

The PSC also developed the PSC Guide on Completing Privacy Impact Assessments which will facilitate and support the PSC's respect of the Directive on Privacy Impact Assessments which came into effect on April 1, 2010.

The ATIP Office intranet site has been updated and is the primary vehicle for communicating the PMF with PSC employees. In addition, the ATIP Office plans to deliver additional training for PSC employees, which will cover the PMF, to further enhance their knowledge of privacy issues.

The ATIP Office also enhanced its office procedures to ensure that ATIP analysts are informed of their obligations and responsibilities in the administration of requests under the Access to Information Act and Privacy Act. This included the adoption of the ATIP Office Process and Compliance Manual and various documents and procedures that will assist analysts.

2.2 Management Accountability Framework

The PSC is committed to the continuous improvement of its management fundamentals and continues to use the results of the most recent Management Accountability Framework (MAF) assessment as a benchmark. As part of the MAF, the Info Source introduction has been ever greened to reflect the PSC's Program Activity Architecture (PAA).

The PSC has extensively reviewed its Info Source chapter and followed the TBS requirements and careful attention was paid to ensure the PSC complied with the instructions of the 2010 Implementation Report. Over the course of the reported period, the PSC had submitted for final approval eight Personal Information Banks. The PSC will continue renewing its Info Source chapter to align the classes of records and personal information banks to reflect the PSC's updated PAA.

2.3 Internal Advice and training

Internal Advice

In addition to processing Access to Information Act and Privacy Act requests, the ATIP Office provides general advice to PSC managers and employees regarding a variety of issues and questions related to both Acts.

The ATIP Office also responds to questions from PSC employees and managers regarding the application of various policies and practices related to access to information and privacy.

In addition the ATIP Office is involved in numerous PSC initiatives such as:

  • Providing advice on project initiation forms such as Threat and Risk Assessments, Statement of Sensitivity, and Risk Analysis and Impact Documents;
  • Answering questions related to the protection of personal information in MOUs, Information Sharing Agreements, and Contracts;
  • Assisting program areas in drafting of Privacy Notice Statements;
  • Reviewing audit reports and other documents prior to publication to ensure that personal information is released in accordance with the Privacy Act.

The ATIP Office Manager is also member of PSC Working Groups and Working Group Sub-Committees and offers advice related to privacy and protection of personal information in the context of these committees' activities.

Training

The ATIP Office provided general training on the provisions of the Access to Information Act and the Privacy Act and their impact on PSC programs and initiatives.

The ATIP Office also participated in 7 orientation sessions where information was provided to approximately 100 new PSC employees regarding obligations under the Act.

2.4 Tracking system and imaging software

During the reporting period, the ATIP office updated its AccessPro Case Management System software to the newest version available from the supplier. This software application and data resides on a more stable server.

2.5 Collection, use and disclosure of personal information

2.5.1 Personal Information Banks

Personal Information Banks (PIB) descriptions were created and/or updated for Info Source.

During this reporting period, the ATIP Office focused its efforts on 8 PIB descriptions on PSC program activities and systems for the 2010 Info Source publication:

  • Assessment Accommodation;
  • Mobility Provisions for Former Minister's Staff and Persons Formerly Employed at the Office of the Governor General's Secretary
  • Research and Development;
  • Administration of Political Activities Candidacy Requests;
  • Audits;
  • Assessment by the Personnel Psychology Centre;
  • Applicants, Inventories and referrals; and
  • Analytical Environment.

As part of its in-depth review and re-alignment of its Info Source chapter, the PSC is also working with program areas from the Staffing and Assessment Branch to merge related PIBs in order to simplify and streamline reporting within the PSC information holdings.

The PSC is also reviewing record retention policies and will provide updated information to TBS for review within the 2011-2012 reporting period.

2.5.2 Exempt banks

The PSC does not have any exempt banks. There were no denials of access under subsection 18(2) of the Act.

2.5.3. Disclosure under section 8(2)(m) of the Privacy Act

Personal information under the control of a government institution should not, without the consent of the individual to whom it relates, be disclosed by the institution except in accordance with subsection 8(2) of the Act.

Subsection 8(2) indicates that subject to any other Act of Parliament, personal information under the control of a government institution may be disclosed pursuant to the exceptions specified in applicable paragraphs 8(2)(a) to 8(2)(m) of the Act.

Paragraph 8(2)(m) of the Privacy Act concerns cases where, in the opinion of the head of the institution, the public interest in disclosure clearly outweighed any invasion of privacy that could result from the disclosure or where disclosure would clearly benefit the individual to whom the information relates.

In the reporting period, the PSC did not release any information under paragraph 8(2)(m) of the Act.

2.5.4 Review of documents

The ATIP Office reviews certain documents prior to release and project implementation.

Audit Reports

The ATIP Office routinely reviews audit reports prepared by the PSC prior to their release. This is to ensure that any decision by the PSC to release personal information found in an audit report is in the public interest and that Privacy Commissioner is informed, in accordance with section 8(5) of the Act. The ATIP Office reviewed 12 audit reports over the course of the reporting period.

Project Initiation Forms

In 2010-2011, the ATIP Office also routinely reviewed Informatics Technology Project Initiation Forms (PIF) to:

  • ensure privacy requirements are addressed in new technology initiatives;
  • determine if there are requirements for a Privacy Impact Assessment; and
  • ensure that personal information banks provide proper description.

The ATIP Office reviewed 25 PIFs over the course of the reporting period.

Privacy Notice Statements

The ATIP Office also reviewed and provided advice regarding updates to 10 Privacy Notice Statements for various program activities over the course of this reporting period.

3. Statistical report: interpretation

3.1 Requests under the Act

From April 1, 2010 to March 31, 2011, the PSC received 28 requests compared to 31 during the previous reporting period; representing a decrease of 10%. One of these requests generated over 15 000 pages for review. Given the number of pages, which on average is equivalent to an entire year's worth of Privacy Act related records to review, the PSC will not make its legislative deadline. Nevertheless, the PSC has already conducted a partial review and a partial disclosure of relevant records to the applicant. There was one request outstanding from 2009-2010.

In an attempt to increase and facilitate access, the PSC treats informally as many requests for information as possible.

The PSC completed 26 requests during the reporting period and carried forward three into the (2011-2012) reporting period. One of the three is the request mentioned above (containing over 15 000 pages for review). For a historical comparison of requests received and completed, see Appendix B.

3.2 Nature of requests

As in previous years, the 26 completed requests covered the entire gamut of the PSC's activities. More specifically, they pertained to the following categories:

  • Twelve requests (46 percent) related to staffing activities. For the most part, these requests were from individuals seeking personal information collected in the context of selection processes or regarding test results obtained during the assessment parts of selection processes; including Second Language Evaluation.
  • Ten requests (38.5 percent) were from individuals seeking information about themselves on various issues such as priority administration files, and political candidacy requests.
  • Four requests (15.5 percent) were from individuals seeking information contained in investigation and audit files.

The preferred method of access reported by the PSC, as well as by departments and agencies throughout the federal government, is to receive copies of government records as opposed to simply view them.

3.3 Inter-organizational consultations

The PSC received 6 requests for privacy consultations from other government departments and agencies. These requests amounted to a review of 111 pages of information. After a thorough review of the files, the PSC determined that for 4 of the 6 requests, the information pertaining to the PSC could be released in full, while information related to the other two requests could be disclosed in part.

The requests for consultation pertained to the Public Service Employment Act, information on staffing files, and other forms of assessment results as well as information related to PSC investigations.

The PSC itself consulted other government departments and agencies for 5 of its Privacy Act requests.

3.4 Informal review of information

Requesters may obtain access to their personal information on an informal basis by contacting the manager of the program area that controls the records. In these instances, the ATIP Office provides assistance and advice on an as-required basis. These requests are not reflected in the statistical report in Appendix C.

3.5 Disposition of requests completed

Of the 26 cases where the PSC completed the request, information was released either in whole or in part in 14 requests (53 percent).

3.5.1 All disclosed

In 8 of the 26 completed cases (30 percent), the applicants were provided with full access to the relevant records.

3.5.2 Disclosed in part

The PSC was compelled by the exemptive and exclusionary provisions of the Privacy Act to provide applicants partial access in 6 of the 26 completed cases, or (23 percent).

3.5.3 Nothing disclosed (exempted or excluded)

There were 2 instances (8 percent) in which the PSC was compelled by the exemptive and exclusionary provisions of the Privacy Act not to release information. These requests contained information on on-going investigations being conducted under the Public Service Employment Act.

3.5.4 Unable to process

After an initial review, the PSC was unable to process six requests (23 percent). In all of these instances, the PSC did not have any records relating to the request.

3.5.5 Abandoned by the applicant

Of the 26 completed privacy requests, two (8 percent) were considered to be abandoned by the applicant. Such an action may occur at any point in the processing of a request.

3.5.6 Transferred

Of the 26 requests only two (8 percent) were transferred to another government institution in 2010-2011.

3.6 Exemptions invoked

An individual's right of access to their personal information under the Act is limited by a number of exemptions specified in sections 18 through 28 of the legislation.

During the reporting period, the PSC invoked exemptions under s. 22(1)(c) of the Act in five requests; s. 26 of the Act in four requests and section 27 of the Act in two requests. Information about another individual (section 26 of the Act) accounts for the majority of the exemptions applied by the PSC.

For clarity purposes, if five different exemptions were used in one request, one exemption under each relevant section would be reported for a total of five exemptions. If the same exemption was used several times for the same request, it would be reported only once.

For a historical comparison of exemptions invoked see Appendix B, Table 2 which shows the types of exemptions invoked to refuse access for the reporting period as compared to previous reporting periods.

3.7 Exclusions invoked

Pursuant to section 69, the Act does not apply to material that is published or available for purchase, library or museum material preserved solely for public record, material deposited with Library and Archives Canada, as well as records considered to be confidences of the Queen's Privy Council of Canada pursuant to section 70 of the Act. Therefore, no exclusions were invoked by the PSC under section 69 or section 70 during the processing of privacy requests during the reporting period.

3.8 Extension of time limits

Of the 26 requests completed during the reporting period, 5 needed to be extended for 30 days or under in accordance with section 15 of the Privacy Act. In all these 5 cases, the PSC had to consult with other government departments.

3.9 Completion time

All of the 26 request completed, were completed within the prescribed legislative time frame.

Within the first thirty days, 21 (81 percent) requests were completed, while 5 (19 percent) requests were completed within 31 to 60 days.

3.10 Translations

There were no requests for the translation of information from one official language to another.

3.11 Method of access

All 14 requests in which information was released, the applicants received paper copies of the information.

It should be noted that the data in this section reflect only requests for which information was all disclosed or disclosed in part and therefore not those abandoned, etc.

3.12 Corrections and notations

There were no requests for the correction of personal information (as per section 12(2) of the Privacy Act).

3.13 Costs

The total salary costs associated with the privacy program were $126,586 and operations and maintenance costs were $13,445, for a combined total of $140,031. The associated full-time equivalent resources utilized were estimated at 1.25 for the 2010-2011 reporting period.

4. Complaints

4.1 Number of complaints

The Office of the Privacy Commissioner (OPC) received two complaints regarding Privacy Act requests addressed to and received by the PSC during the reporting period. The OPC carried forward one investigation from the 2009-2010 reporting period.

4.2 Nature of complaints

Both complaints addressed to and received by the PSC during the reporting period were related to allegations of inappropriate applied exemptions and missing records.

4.3 Complaints closed — not well founded

During the 2010-2011 reporting period, the OPC closed three complaints (one outstanding from the previous reporting period which was an allegation of missing records). In all three instances, the OPC considered the complaints not well founded. Their investigations revealed that the PSC did not have any other records related to the requests and that exemptions invoked were considered appropriate.

At the end of the 2010-2011 reporting period, there were no outstanding complaints from the OPC.

5. Privacy Impact Assessments

TBS approved the Privacy Impact Assessment (PIA) Policy with an effective date of May 2, 2002. The goal of the Policy is to allow government institutions to identify whether a program or a service delivery initiative, involving the collection, use or disclosure of personal information as defined in the Act, complies with privacy principles. The Policy also aims to avoid or mitigate any identifiable risks to privacy.

The ATIP Office Manager provides advice and guidance to PSC managers throughout the PIA process, including the review of PIA reports and liaison with the OPC.

Although no new or completed PIAs were conducted during the fiscal reporting period, there were however, a total of 7 PSC programs in which PIAs were either being discussed and/or were at different stages of initiation/completion. Furthermore, as identified in appendix D of this report, one Privacy Impact Assessment was forwarded to the Office of the Privacy Commissioner. This PIA provided an updated version of the original PIA on the Public Service Resourcing System from 2005 and represented a major undertaking for the organization. A working subcommittee was formed in order to address the mitigating measures identified in the PIA action plan. This committee met and still meets on average every six to eight weeks. Also of note, is the ongoing update to another legacy system called the Analytical Environment (to be finalized over the course of the next reporting period). Both of these systems represent a large volume of personal information being managed as part of two major activities under the Public Service Employment Act mandate.

The assessments and the results of the PIAs are currently not available to the public. However, any requests about these PIAs will be duly processed, at which time the ATIP Office will determine which portions of the PIAs can be made publicly available.

The ATIP Office has updated both its Intranet and Internet sites and it is expected that PSC PIA summaries will be published on these sites in the near future.

Of note, in the 2009-2010 Office of the Privacy Commissioner's (OPC) Annual Report on Privacy, the PSC was cited in the Privacy Impact Assessment (PIA) section of their report regarding the PSC's Political Impartiality Monitoring Approach (PIMA) PIA.

The report stated the following:

  • PIMA “… a program that would cross-reference government databases of current and former public servants with candidate lists in federal, provincial and municipal election campaigns...”
  • “…would also monitor the Internet, including media outlets, personal websites and social networking sites such as Facebook, for signs of potentially inappropriate political activity by public servants.”

The report further stated that the PSC had a mandate to ensure an impartial public service, however concerns were raised that this initiative could potentially yield an ongoing and unlimited database about the opinions, political affiliations, personal causes, hobbies, religious affiliations and group memberships of past and present public servants, deputy heads and Governor in Council appointees.

In response to these statements, the PSC indicated to the OPC that in monitoring the political activities of public servants, the PSC never intended to create/collect the masses of information that the OPC was suggesting in their annual report. The PSC did not, does not, nor will it have an ongoing, unlimited database as mentioned in the OPC report. This being said, the PSC is revising its Political Activities Monitoring Approach, and in the event the activity ends up collecting personal information, the PSC will consider the requirements under the PIA Directive accordingly.

Appendix

Appendix A — Delegation Instrument

Privacy Act — Delegation Order

Pursuant to section 73 of the Privacy Act, the President of the Public Service Commission of Canada hereby designates the Secretary General Commission Secretariat or in his or her absence, the Manager of the Access to Information and Privacy Office or a Senior ATIP Analyst, Legal Service Branch, to exercise or perform any of the powers, duties or functions of the Head of the government institution vested in him by the Privacy Act.

Maria Barrados
President

June 7, 2010
Date

Appendix B - Historical Comparisons

Table 1 - Requests
  2002-2003 2003-2004 2004-2005 2005-2006 2006-2007 2007-2008 2008-2009 2009-2010 2010-2011
Requests received 41 27 43 41 36 30 39 31 28
Requests completed 41 27 43 39 35 33 41 30 26

Table 2 - Exemptions invoked
  2002-2003 2003-2004 2004-2005 2005-2006 2006-2007 2007-2008 2008-2009 2009-2010 2010-2011
22(1)(a) 0 0 0 1 1 0 2 0 0
22(1)(b) 0 0 0 1 0 4 0 1 0
22(1)(c) 0 0 0 0 0 0 0 0 5
24 0 0 2 1 1 1 0 0 0
25 0 0 1 0 0 0 0 0 0
26 41 27 43 41 36 30 9 10 4
27 15 8 19 11 15 10 2 4 2

Appendix C — 2010-2011 Annual Privacy Act Statistical Report

Report on the Privacy Act 2010-2011

Institution: Public Service Commission of Canada
Reporting period: 2009-04-01 — 2010-03-31

I. Requests under the Privacy Act

Received during reporting period: 28
Outstanding from previous period: 1
Total: 29
Completed during reporting period: 26
Carried forward: 3

II. Disposition of request completed

  1. All disclosed: 8
  2. Disclosed in part: 6
  3. Nothing disclosed (excluded): 0
  4. Nothing disclosed (exempt): 2
  5. Unable to process: 6
  6. Abandoned by applicant: 2
  7. Transferred: 2

Total: 26

III. Exemptions invoked

S. Art. 18(2): 0
S. Art. 19(1)(a): 0
(b): 0
(c): 0
(d): 0
S. Art. 20: 0
S. Art. 21: 0
S. Art. 22(1)(a): 0
(b): 0
(c): 5
S. Art. 22(2): 0
S. Art. 23(a): 0
(b):
S. Art. 24: 0
S. Art. 25: 0
S. Art. 26: 4
S. Art. 27: 2
S. Art. 28: 0
IV. Exclusions cited
S. Art. 69(1)(a): 0
(b): 0
S. Art. 70(1)(a): 0
(b): 0
(c): 0
(d): 0
(e): 0
(f): 0

V. Completion time
30 days or under: 21
31 to 60 days: 5
61 to 120 days: 0
121 days or over: 0

VI. Extentions

30 days or under
Interference with operations: 0
Consultation: 5
Translation: 0
Total: 5

31 days or over
Interference with operations: 0
Consultation: 0
Translation: 0
Total: 0

VII. Translations

Translations requested: 0

Translations prepared

English to French: 0
French to English: 0

VIII. Method of access

Copies given: 14
Examination: 0
Copies and examination: 0

IX. Corrections and notation

Corrections requested: 0
Corrections made: 0
Notation attached: 0

X. Costs

Financial (all reasons)
Salary: $126,586
Administration (O&M) : $13,445
Total: $140,031

Person year utilization (all reasons)
Person year (decimal format): 1.25

Appendix D - Additional Reporting Requirements

Additional Reporting Requirements — Privacy Act

Treasury Board Secretariat is monitoring compliance with the Privacy Impact Assessment (PIA) Policy (which came into effect on May 2, 2002) and the Directive on Privacy Impact Assessment (which takes effect April 1, 2010) through a variety of means. Institutions are therefore required to report the following information for this reporting period. Note that because some institutions are using the Core PIA as outlined in the Directive in advance of the implementation deadline, they will not have Preliminary PIAs to report.

Indicate the number of:

  • Preliminary Privacy Impact Assessments initiated -0
  • Preliminary Privacy Impact Assessments completed -0
  • Privacy Impact Assessments initiated -0
  • Privacy Impact Assessments completed -0
  • Privacy Impact Assessments forwarded to the Office of the Privacy Commissioner (OPC) - 1

PSC Note: Although no new of completed PIAs during the fiscal reporting period, there are however, a total of 7 PSC programs in which PIAs are either being discussed and/or are at different stages of initiation /completion.

Part III — Exemptions invoked

  • Paragraph 19(1)(e) - 0
  • Paragraph 19(1)(f) - 0
  • Subsection 22.1 - 0
  • Subsection 22.2 - 0
  • Subsection 22.3 - 0

Part IV — Exclusions cited

  • Subsection 69.1 - 0
  • Subsection 70.1 - 0