Annual Report to Parliament: Access to Information Act and Privacy Act 2009 - 2010

Author: Published under the authority of the Minister of Indian and Northern Affairs and Northern Development and Federal Interlocutor for Métis and Non-Status Indians
Date: 2010

Annual Report to Parliament: Access to Information Act 2009-2010
ISBN: 978-1-100-16922-4
QS-6220-056-BB-A1

PDF Version    (810 Kb, 25 Pages)

Annual Report to Parliament: Privacy Act 2009-2010
ISBN: 978-1-100-16923-1
QS-6220-078-BB-A1

PDF Version    (808 Kb, 31 Pages)

 


Table of Contents




Report on the Access to Information Act

Introduction

The right of access by the Canadian public to records under the control of government institutions is perceived as an essential element of our system of democracy. Canadians require access to a wide range of information about government. There is a compelling public interest in openness, and to ensure that the government is fully accountable for its goals and that its performance can be measured against these goals. The Access to Information Act  was established in 1983 to ensure that Canadian citizens, permanent residents, or any person or corporation present in Canada has a right to access information that is contained in government records. It ensures the government's commitment to openness and transparency by respecting both the spirit and requirements of the Access to Information Act, its Regulations and its related policy instruments. It further plays a role in facilitating democracy by providing access to records containing the information required to participate in the democratic process; and ensuring that public office holders and public servants are accountable.

The Government of Canada further acknowledges the importance of facilitating access to records by requiring government institutions to make every reasonable effort to assist applicants. The government must ensure a high standard of care for records under its control, with sound information management playing a key role in facilitating the ability to exercise the right of access under the Act.

Indian and Northern Affairs Canada (INAC) is committed to being open and accountable to the Canadian Public. The Access to Information Act provides INAC with an opportunity to showcase the diligence and effort that the Access to Information and Privacy (ATIP) Directorate has placed into making requests for government information a faster and more efficient process. INAC is striving to not only comply with the Access to Information Act, but to build policies and procedures that make inherent responsibilities simple to follow and easy to understand. By clearly defining roles and responsibilities related to the Access to Information Act and remaining open and transparent with the public, INAC will ensure that it conforms with the Federal Accountability Act 's provision of "duty to assist" requestors seeking departmental records.

About Indian and Northern Affairs Canada

Shaped by centuries of history, the responsibilities of Indian and Northern Affairs Canada (INAC) are complex and wide ranging. There are challenges to meet regarding not only the relationships between the Government of Canada and Canada's Aboriginal people, but the geography of the landscape and the remoteness of many Aboriginal communities presents a challenge in providing access and equality of services.

INAC is committed to supporting Aboriginal people (First Nations, Inuit and Métis) and Northerners in their efforts to improve social well-being and economic prosperity; develop healthier, more sustainable communities; and participate more fully in Canada's political, social and economic development – to the benefit of all Canadians.

Under the Indian Affairs and Northern Development Act  and the Indian Act , INAC negotiates, implements and manages extensive land claims and disputes. INAC delivers services such as education, housing, community infrastructure and social support to Status Indians on reserves along with other regulatory duties. It is through these mandates and responsibilities that INAC hopes to realize the vision of strong, self-sufficient northern people and Aboriginal communities.

While helping to shape and manage the relationships between Canada and its Aboriginal people, it is important to recognize that INAC is the lead federal department for two-fifths of Canada's land mass. Northern Canada is situated atop an abundance of natural resources. There is both great interest and concern in the political and environmental management of these resources. This means that INAC will have a significant role to play in Canada's economic future.

Departmental Mandate

Indian and Northern Affairs Canada (INAC) is responsible for two separate yet equally important mandates: Indian and Inuit Affairs and Northern Development. This broad mandate is derived largely from the Department of Indian Affairs and Northern Development Act, the Indian Act and, territorial acts and legal obligations arising from section 91(24) of the Constitution Act . The Department is responsible for administering more than 50 statutes in total. Consequently, INAC's mandate is complex and its responsibilities encompass a broad spectrum of programs.

The Department is responsible for meeting the Government of Canada's obligations and commitments to First Nations, Inuit and Métis and for fulfilling the federal government's constitutional responsibilities in the North.

The Minister of Indian Affairs and Northern Development is also the Federal Interlocutor for Métis and Non-Status Indians. The Federal Interlocutor's role is to provide a point of contact between the Government of Canada and Métis, Non-Status Indians and urban Aboriginal peoples. The goal of this relationship is to advocate for and work with off-reserve Aboriginal Canadians in order to achieve equal services to those living on reserves.

Indian and Northern Affairs Canada and the Access to Information and Privacy Directorate

The Access to Information and Privacy (ATIP) Directorate reports to the Corporate Secretary who is directly accountable to the Deputy Head and is a member of the Senior Management Committee. The Directorate is essentially comprised of two groups, Access and Privacy.

The ATIP Directorate is responsible for the coordination and implementation of policies, guidelines and procedures to ensure departmental compliance with the Access to Information Act and the Privacy Act . Indian and Northern Affairs Canada (INAC) has taken a proactive approach to the administration of these responsibilities. The ATIP Directorate provides workshop presentations, training courses and awareness sessions designed to increase knowledge and understanding of Access to Information and Privacy issues and concerns across the Department. A priority for INAC is strengthening its accountability with respect to access and privacy and the management of its information holdings as well as personal information holdings.

To this end, INAC has instituted a new ATIP case management system called the AccessPro Case Management/AccessPro Redaction system. INAC is excited to implement this system as it will greatly speed up the process to respond to requests for information while reducing the burden to report and at the same time remaining compliant with current legislative practices. The system, therefore, helps to optimize time management and available resources so that INAC can assist requesters with ease and efficiency.

Mission and Goals

The essence of the Directorate's mission is to provide access to departmental information and to ensure protection of its personal information holdings. These are the core services the Directorate. In recent years, the Directorate has created a Privacy Policy Division which provides advice and guidance on the collection, use and disclosure of personal information through the framework of the Privacy Impact Assessment Policy instituted in the year 2002 by the federal government.

The primary and most cost effective strategic actions relevant to achieving the role of improving access to information and the protection of personal information involves increasing the effective use of human resources, electronic information and communications technology.

The most important strengths of the ATIP Directorate are its human resources. The Directorate is composed of employees that have extensive specialized knowledge in this field. As well, the Directorate has entry level positions to allow new staff to acquire the necessary knowledge and skills to eventually hold senior level positions. The Directorate has undergone a human resources restructuring this past year. It is now designed in a three–team structure with Senior ATIP Advisors as Team Leaders. This enables the team leaders to consecrate more time to their team members in a smaller setting.

The Directorate has a compliment of 30 staff members. Management is presently reviewing this compliment to ensure that it reflects the business requirements of the Directorate.

The most significant non–human resource of the Directorate is the case management system used to process ATIP requests. This past fiscal year a new system was implemented. Entitled AccessPro Suite and AccessProRedaction, this system not only manages requests, it also provide reports on the activities conducted through the system. The fabric of information technology allows the staff of the Directorate to execute it responsibilities under the various legislation and respective polices.

Access to Information and Information Management

INAC recognizes that public accountability is a fundamental aspect to good business management. As such, the department is committed to disclosing information to foster openness and transparency while at the same time seeking a balance with the need for maintaining confidentiality of information.

Departmental employees need to be aware of his/her responsibility in providing access to departmental records under the Access to Information Act and Privacy Act.

Access to information is achieved by effective information management. A strong relationship between those who provide information access to records and those who are responsible for the management of our departmental information will improve the manner in which we respond to requests. The ability to access the department's information holdings in an efficient manner depends on knowing what information exists, where it is located and how well it is managed.

To this effect, the Access to Information and Privacy Directorate has established a closer working relationship with the department's Corporate Information Management (CIM) Directorate. This has assisted the ATIP Directorate to identify, and share with the CIM Directorate, those program areas within INAC which may require improvement in the management of their information holdings.

Highlights

Indian and Northern Affairs Canada (INAC) support and emphasize a culture of openness in the efficient processing of access requests. It is actively committed to transparency through compliance with the Access to Information Act and its corporate policies and procedures on the subject. Over the 2009-2010 fiscal year, INAC made progress in working towards a solution-oriented culture that relies on efficient processing of access requests, and building education and awareness on access to information throughout the Department. In doing so, the Access to Information and Privacy (ATIP) Directorate is pleased to present the following highlights:

Completed ATI Requests

The ATIP Directorate is pleased to report that it was successful in completing almost 90% of formal requests it received under the Access to Information Act within the legislated time frame of thirty (30) days. Cooperation, education, and fostering positive relationships with programs is paramount to the successful and timely processing of requests, and the ATIP Directorate continues to build on this obligation.

Implementation of New ATIP Case Management and Redaction Software

INAC has instituted a new ATIP case management system entitled AccessPro Case Management / AccessPro Redaction. The use of this system will improve the response time in processing of requests while reducing the burden to report and, at the same time, remaining compliant with current legislative practices. The system will therefore help to optimize time management and available resources so that INAC can assist requesters with ease and efficiency.

Management and Use of Electronic Mail (Email)

Beyond the immediate business requirements, INAC employees must abide by the Access to Information Act and the Privacy Act in relation to the management and use of email. INAC has effectively implemented strong information management practices to educate the Department on their responsibilities for the management of emails. This includes avoiding duplication of email correspondence in subject files, ensuring that emails are relevant to the subject matter, identifying records of business activities, creating folders to contain similar e-mail messages, deleting e-mail messages which are no longer required in a timely fashion and filing or archiving messages in the appropriate tracking systems. INAC's proactive support to this initiative has ensured a decrease in the volume of pages of Access to Information Requests and has improved INAC's information management practices as a whole.

Education and Training

Educating staff on the Access to Information Act, its implications on the Department and its functions are of paramount importance to Indian and Northern Affairs Canada (INAC). As a large part of the INAC mandate is related to building strong relationships with Aboriginal people (First Nations, Inuit and Métis) and Northerners, it is important that staff are sensitive to the needs of the people they serve.

It has become clear in recent years that the ability to access government records is of great interest and concern to the public. Openness, accountability and speed of service, with regard to requestors' right of access to government records, are some of the key areas of focus in INAC's educational training on the Access to Information Act.

When understanding the Access to Information Act, staff are better able to handle requests for records and respond with confidence and efficiency. INAC has made it a priority to train staff on understanding and implementing the policies and procedures related to the Access to Information Act.

Altogether INAC has run 20 Access to Information and Privacy (ATIP) training sessions in the 2009-2010 fiscal year. Twelve (12) of the ATIP sessions were conducted in English and eight (8) sessions were conducted in French. Each session averaged approximately three hours in length. INAC has succeeded in training more than 200 staff on ATIP protocols during the 2009-2010 fiscal year.

Ultimately, staff training will continue to improve INAC's capacity to meet their legislative obligations including the "duty to assist" requestors.

Delegated Authorities

Under section 73 of the Access to Information Act, the Minister's authority is delegated to enable the Department to meet its legislated requirements as well as to exercise its powers. Responsibility for all sections of the Acts has been delegated to the Corporate Secretary and to the Departmental Access to Information and Privacy Coordinator (Director) within the Corporate Secretariat. Certain staff are also delegated to carry out specific administrative functions. The Department's Delegation Orders for the Access to Information Act can be found at "Appendix C".

Information Holdings

A description of the classes of institutional records held by the department can be found in the following Info Source publications for 2009-2010: Sources of Federal Government Information and Sources of Federal Employee Information.

Info Source can be accessed online.

Reading Room

A reading room is available for individuals wanting to review departmental records publications, and other materials. The room is situated in the departmental library and individuals can contact library personnel for use of the facility.

The department library is located at:

10 Wellington Street
Gatineau, Québec
K1A 0H4
Telephone: 819-997-8205
Fax: 819-953-5491

Definitions for the Disposition of Access to Information Requests

All Disclosed - All of the information requested was disclosed to the applicant without the application of exemptions and/or exclusions.

Disclosed in Part - Only a portion of the information requested was disclosed because the remainder was exempt and/or excluded.

Nothing Disclosed (Excluded) - There was no disclosure as all of the information requested qualified for exclusion under Section 68 or Section 69 of the Access to Information Act or Section 69 or Section 70 of the Privacy Act.

Nothing Disclosed (Exempt) - There was no disclosure because all of the information requested qualified for an exemption.

Unable to Process - This category includes requests that are not accounted for elsewhere, such as requests made under the wrong legislation, requests where there was not sufficient information to locate any relevant information, requests for records that are not under the control of the institution, or requests for which no identifiable records exist.

Abandoned by the Applicant - A request is considered abandoned when the applicant formally withdraws it or when the applicant does not respond to a notice that the request will be closed if not responded to within 30 days.

Transferred - This refers to requests filed under the Access to Information Act that were transferred to another government institution with "greater interest". The receiving institution will account for the request under "Received during reporting period".

Treated Informally - Requests are treated informally when it has been determined that, through consultation with the applicant, processing a formal request can be discontinued in favour of providing the information informally, i.e. outside the Access to Information Act. A request treated in this manner is not considered to have been abandoned.

Requests Under the Access to Information Act

Between April 1, 2009 and March 31, 2010, the Department received three hundred ten (310) requests for information under the Access to Information Act. In addition, one hundred twenty (120) requests were carried over from the previous fiscal year, for a total of four hundred thirty (430) requests. During the reporting period three hundred thirty (330) were processed and one hundred (100) active files will be carried over to the next reporting period. The annual statistical report on the operations of the Access to Information Act can be found under "Appendix A".

Sources

The breakdown of sources for the Access to Information Act requests received during the reporting period from April 1, 2009 and March 31, 2010 are illustrated below in Figure 1.

Media
51
Academia
7
Business
97
Organization
44
Public
111

Total
310

Detailed description for breakdown of sources

Disposition of Completed Requests

The disposition of completed requests under the Access to Information Act for the 2009-2010 reporting period is illustrated below. (See Figure 2):

All Disclosed
88
Disclosed in Part
132
Nothing Disclosed (Excluded)
3
Nothing Disclosed (Exempt)
5
Unable to Process
35
Abandoned by the Applicant
60
Transferred
5
Treated Informally
2

Total
330

Detailed description for Disposition of Completed Requests

Fees and Costs

For the 2009-2010 reporting period, the Department collected $9,895.20 in fees for reproduction, searching and preparation costs, and waived $5,511.20 in fees. The ATIP Directorate incurred an estimated $1,000,000.00 in salary and $150,000.00 in administrative costs to administer the Access to Information Act. These costs do not include the resources expended by the program areas of the Department to meet the requirements of the Act.

Consultations With Other Institutions

When a request contains records that are of interest to another institution, the Access to Information and Privacy Coordinator of that institution is consulted. Indian and Northern Affairs Canada was consulted in one hundred twenty three (123) cases in the 2009-2010 reporting period.

Complaints and Investigations

During the 2009-2010 reporting period twenty nine (29) complaints against the Department were filed with the Office of the Information Commissioner of Canada in relation to the procession of requests under the Act. Thirty two (32) complaints were carried over from the last fiscal year. As such twenty nine (29) investigations were completed and thirty two (32) will be carried over to the next reporting period. Of the twenty nine (29) completed investigations, the Information Commissioner of Canada concluded that eleven (11) complaints were not substantiated, eleven (11) complaints were resolved, and seven (7) complaints were discontinued. None of the complaints were considered to be founded.

Summary of Key Issues Regarding Complaints and Investigations

The Access to Information Act was established in 1983 to ensure that Canadian citizens, permanent residents, or any person or corporation present in Canada has a right to access information that is contained in government records. It ensures the government's commitment to openness and transparency by respecting both the spirit and requirements of the Access to Information Act, its Regulations and its related policy instruments.

A complaint can be filed against Indian and Northern Affairs Canada (INAC) under the Access to Information Act when a person feels that their right to access permissible records has been violated. INAC pursues an investigation of every complaint to an end point of either resolution or the complainant no longer wishing to pursue the matter. The resulting investigation is to be performed in a timely manner: thirty (30) days or sixty (60) days if an extension is granted. The resolution to the investigation will either occur through current policies and procedures or it may shed light on policies and procedures that need to be updated to better serve the public.

Every complaint that INAC receives is pursued diligently. INAC's commitment to comply with the Access to Information Act and willingness to work with the public to uphold their rights has led to continual improvements in efficiency and ability to assist requestors.

Table 1 outlines a summary of the resolutions for completed requests during the 2009-2010 reporting period.

Table 1. Summary of Key Issues

Deemed Refusal – (delay beyond the 30 day time limit)  6 
Time Extension – institution informed requestor of extra time necessary to process your request  2 
Fees – fee assessment to produce records is not justified  3 
Miscellaneous – any reason not listed  2 
Refusal 69 – exclude Cabinet confidences  3 
Refusal (Exemption) – records or portions of records withheld from access  8 
Refusal General – any other reason  5 

Summary of Select Cases

Photocopy Fees

In July of 2007 a request was made for an estimate of photocopy fees for the release of 989 pages of records. A response was generated indicating that a fee of $197.80 would result from the production of these records. Previously the requestor stated to have received records via CD at no charge.

The requestor then filed a complaint against Indian and Northern Affairs Canada (INAC) as payment for such records had not previously been instituted and the data could previously be received in a medium of choice (CD, electronic, paper.)

Upon investigation it was revealed that INAC no longer delivered this kind of sensitive information via CD or any other electronic format as the insecurities of these redacted forms of information have been revealed. Furthermore, if the complainant had not wished to pay the stipulated fee for the photocopied records, a number of alternate options had been presented. These included abandoning the request, revising the request, viewing the records at a local office free of charge or paying the fee and having the documents delivered.

In April of 2009 the complaint was deemed not substantiated as the complainant had the option of viewing the records for no charge at a convenient location and paying only for photocopies of the records that the complainant deemed necessary.

This case demonstrates INAC's true commitment to upholding the confidentiality and sensitivity of records held by the Department. Although records were previously available by electronic means or by CD it has become apparent that these methods of information transfer are not secure. The change in procedure is not intended to increase difficulty in requesting information but instead to protect sensitive information held within the documentation.

Control of Records and Detailed Requests

A person detailed a request for specific records relating to a school and the documentation was not provided. Indian and Northern Affairs Canada (INAC) had appropriately responded to the requestor by informing the person that the records could not be found as they were under control of a third party, the administrators of the program. INAC is only required to provide access to records that are under its control.

A complaint was then filed by the requestor indicating that a specific document had not been provided when requested. Investigation of the request revealed that the complainant had not requested the specific document in question. The complainant was then informed that in order to receive the document it would be necessary to file a request for it.

Due to the fact that INAC was operating within outlined policy and procedure the complaint was deemed not substantiated.

This case aids in outlining the obligation placed upon the requestor to contact the appropriate authority to exercise their right of access and to be specific regarding their needs.

Delays and Extensions

In June of 2008 a request for information was made giving thirty days to respond, but the request required clarification. This extended the due date thirty days from when INAC requested the clarification. This took place a number of times and to that effect the due date to complete the response was extended a number of times. At one point INAC passed the time limit to respond. Soon after, INAC provided the requestor with a partial release of information.

It was after this point that the requestor filed a complaint regarding the delays in responding to the request. Within thirty four days of receiving the complaint INAC provided a second partial release of information to complete the request.

The investigation of the complaint revealed that INAC had difficulties retrieving the documentation related to the request and, as INAC was also installing the new Access to Information case management system, AccessPro Case Management/AccessPro Redaction, there were delays. Delays were furthered by the fact that there was a shortage of staff.

Because the complainant did eventually receive the documents requested the complaint was considered resolved. Delays were essentially caused by the instatement of new staff and improvements to systems and operations. Although this case illustrates an issue with providing a timely response, it demonstrates INAC's commitment to improving departmental policies, procedures and operating systems to better serve the public.






Appendix A

(See "Appendix B" for Supplemental Reporting Requirements for 2009-2010)

Report on the Access to Information Act

Institution Indian and Northern Affairs Canada
Reporting Period 04/01/2009 to 03/31/2010
Source
Media 51
Academia 7
Business 97
Organization 44
Public 111

I Requests under the Access to Information Act
Received during reporting period 310
Outstanding from previous period 120
Total 430
Completed during reporting period 330
Carried forward 100

II Disposition of requests completed
1. All disclosed 88
2. Disclosed in part 132
3. Nothing disclosed (excluded) 3
4. Nothing disclosed (exempt) 5
5. Transferred 5
6. Unable to process 35
7. Abandoned by applicant 60
8. Treated informally 2
Total 330

III Exemptions invoked
S. 13(1)(a) 1
  (b) 0
  (c) 7
  (d) 1
S. 14 10
S. 15(1) International rel. 2
  Defence 5
  Subversive activities 0
S. 16(1)(a) 2
  (b) 0
  (c) 4
  (d) 0
S. 16(2) 0
S. 16(3) 0
S. 17 2
S. 18(a) 2
  (b) 0
  (c) 0
  (d) 3
S. 19(1) 97
S. 20(1)(a) 0
  (b) 69
  (c) 45
  (d) 23
S. 21(1)(a) 43
  (b) 26
  (c) 32
  (d) 4
S. 22 3
S. 23 34
S. 24 4
S. 26 0

IV Exclusions cited
S. 68(a) 4
  (b) 0
  (c) 0
S. 69(1)(a) 2
  (b) 1
  (c) 0
  (d) 2
  (e) 6
  (f) 0
  (g) 19

V Completion time
30 days or under 151
31 to 60 days 76
61 to 120 days 51
121 days or over 52

VI Extensions
  30 days or under 31 days or over
Searching 57 21
Consultation 25 41
Third Party 11 29
Total 93 91

VII Translations
Translations requested 0
Translations prepared
English to French 0
French to English 0

VIII Method of Access
Copies given 219
Examination 1
Copies and examination 0

IX Fees
Net fees collected
Application fees $1,405.00
Reproduction $2,890.80
Searching $5,599.40
Preparation $0.00
Computer processing $0.00
Total $9,895.20

Fees waived No. of times $
$25.00 or under 46 $255.20
Over $25.00 30 $5,256.20

X Costs
Financial (all reasons)
Salary $ 1,000,000.00
Administration (O and M) $ 150,000.00
Total $ 1,150,000.00
Person year utilization (all reasons)
Person year (decimal format) 16.00





Appendix B

In addition to the reporting requirements addressed in the TBS Statistical Report (see "Appendix A"), institutions are required to report supplemental information.

INAC's Supplemental Reporting Requirements are as follows:

Supplemental Reporting Requirements
Access to Information Act
Part III – Exemptions Invoked
Section 13
Subsection 13(e) 0
Section 14
Subsections 14(a) 5
  14(b) 0
Part IV – Exclusions Cited
Subsection 69.1 (1) 0






Appendix C


Minister of Indian Affairs and
Northern Development and Federal Interlocutor
for Métis and Non-Status Indians

Ottawa, Canada K1A 0H4

Access to Information Act - Delegation Order

Pursuant to the powers of designation conferred upon me by Section 73 of the Access to Information Act, the persons exercising the functions or positions of Corporate Secretary, Corporate Secretariat (position number 12294), and the departmental Access to Information and Privacy Coordinator (position number 62185) and their respective successors, including in their absence, a person or officer designated in writing to act in the place of the holder of any such functions or positions are hereby designed to exercise those powers, duties or functions of the Minister as the Head of the government institution under the Act, and as set out in the attached Schedule A.

The departmental Access to Information and Privacy Senior Advisors (position numbers 62364, 12590, 12061 and 12058) and their respective successors, including in her/his absence, a person or officer designated in writing as being authorized to act in the place of the holder of any such function or position, are hereby designated to exercise those powers, duties or functions of the Minister as the Head of the government institution under the Act, and as set out in the attached Schedule B.


___________________________________________
Minister of Indian Affairs and Northern Development

Dated at Gatineau, the 26th of May, 2008

Schedule A - Department Of Indian Affairs And Northern Development Schedule To Delegation Order

Designation Pursuant To Section 73 Of The Access To Information Act

Sections and Powers, Duties or Functions
6
Advise requestors that we need additional information to proceed with their request

7(a)
Give written notice to requestor that we can proceed with the request

8(1)
Transfer request to another institution or accept transfer from another institution

9
Extend time limits

10
Refuse to acknowledge or deny the existence of records

11
Charge additional fees

12(2)(3)
Provide access in alternate format

13
Exempt information obtained in confidence

14
Exempt information pertaining to federal-provincial affairs

15
Exempt information pertaining to international affairs and/or defence

16
Exempt information pertaining to law enforcement and investigations

17
Exempt information pertaining to the safety of individuals

18
Exempt information pertaining to the economic interests of Canada

19
Exempt personal information

20
Exempt or disclose third party information

21
Exempt information pertaining to advice, decision-making processes of government plans and positions etc.

22
Exempt information pertaining to testing procedures or audits

23
Exempt information pertaining to solicitor-client privilege

24
Exempt information subject to statutory prohibitions or other Acts of Parliament

25
Sever information

26
Exempt information to be published within 90 days

27(1)(4)
Notify third parties of their rights to provide communications/representations regarding the disclosure of their records

28
Receive third party representations; make a decision as to whether to disclose the record or part thereof; and, notify third party of the right to appeal to the Federal Court

29(1)
Disclose information on Information Commissioner during an investigation

33
Advise the Information Commissioner of any third party involvement

35(2)
Make representations to the Information Commissioner during an investigation

37(4)
Release information to complainant

43(1)
Issue a notice to a third party of an application for Court review

44(2)
issue a notice to an applicant that a third party has applied for Court review

52
Request special rules for hearings

69
Exclude Cabinet Confidences

71
Inspect and exempt information in manuals

72(1)
Prepare Annual Report to Parliament

77
Carry out responsibilities conferred to the Head of institution by the regulations made under section 77 which are not included in the above

Schedule B - Department Of Indian And Northern Development Schedule To Delegation Order

Designation Pursuant To Section 73 Of The Access To Information Act

Sections and Powers, Duties or Functions
6
Advise requestors that we need additional information to proceed with their request

7(a)
Give written notice to requestors that we can proceed with their request

8(1)
transfer request to another institution or accept transfer from another institution

9
Extend time limits

11
Charge additional fees

27(1)(4)
Notify third parties of their rights to provide comments/representations regarding the disclosure of their records

28
Receive third party representations; make a decision as to whether to disclose the record or part thereof; and, notify third party of right to appeal to Federal Court

33
Advise the Information Commissioner of any third party involvement

35(2)
Make representations to the Information Commissioner during an investigation

43(1)
Issue a notice to a third party of an application for Court review

44(2)
Issue a notice to an applicant that a third party has applied for Court review






Report on the Privacy Act

Introduction

In an age where information is so abundant, readily available and requested, it has become increasingly important to define and protect personal information. The management of personal information has become a key issue among Canadian citizens. The Privacy Act  was established in 1983 to address these specific concerns. The purpose of the Privacy Act, along with its companion legislation the Access to Information Act , is "to extend the present laws of Canada that protect the privacy of individuals with respect to personal information about themselves held by a government institution and that provide individuals with a right of access to that information". Essentially the Privacy Act can be considered a code of ethics created for federal government institutions with regard to the management of the personal information received, collected and disclosed. It governs not only the collection, use and disclosure of personal information but also the right of Canadians to access their information.

Indian and Northern Affairs Canada (INAC) has a role to play in the protection of individuals' personal information. INAC works with the Aboriginal people (First Nations, Inuit and Métis) and Northerners to build strong relationships and a strong Canada. Part of building relationships is instilling trust and confidence. By diligently updating policies and procedures to stay current with the roles and responsibilities set out in the Privacy Act, INAC is working to gain the trust and confidence of Aboriginal Canadians and the Canadian public in general. The INAC Access to Information and Privacy (ATIP) Directorate has formed the INAC Privacy Policy Unit which strives to promote openness, accountability and transparency in regard to efforts to comply with the roles and responsibilities inherent in the Privacy Act.

About Indian and Northern Affairs Canada

Shaped by centuries of history, the responsibilities of Indian and Northern Affairs Canada (INAC) are complex and wide ranging. There are challenges to meet regarding not only the relationships between the Government of Canada and Canada's Aboriginal people, but the geography of the landscape and the remoteness of many Aboriginal communities presents a whole new level of difficulty in providing access and equality of services.

INAC is committed to supporting Aboriginal people and Northerners in their efforts to improve social well-being and economic prosperity; develop healthier, more sustainable communities; and participate more fully in Canada's political, social and economic development – to the benefit of all Canadians.

Under the Indian Affairs and Northern Development Act  and the Indian Act , INAC negotiates, implements and manages extensive land claims and disputes. INAC delivers services such as education, housing, community infrastructure and social support to Status Indians on reserves along with other regulatory duties. It is through these mandates and responsibilities that INAC hopes to realize the vision of strong, self-sufficient Northern people and Aboriginal communities.

While helping to shape and manage the relationships between Canada and its Aboriginal people it is important to recognize that INAC is the lead federal department for two-fifths of Canada's land mass. Northern Canada is situated atop an abundance of natural resources. There is both great interest and concern in the political and environmental management of these resources. This means that INAC will have a significant role to play in Canada's economic future.

Departmental Mandate

Indian and Northern Affairs Canada (INAC) is responsible for two separate yet equally important mandates: Indian and Inuit Affairs and Northern Development. This broad mandate is derived largely from the Department of Indian Affairs and Northern Development Act, the Indian Act and, territorial acts and legal obligations arising from section 91(24) of the Constitution Act . The Department is responsible for administering more than 50 statutes in total. Consequently, INAC's mandate is complex and its responsibilities encompass a broad spectrum of programs.

The Department is responsible for meeting the Government of Canada's obligations and commitments to First Nations, Inuit and Métis and for fulfilling the federal government's constitutional responsibilities in the North.

The Minister of Indian Affairs and Northern Development is also the Federal Interlocutor for Métis and Non-Status Indians. The Federal Interlocutor's role is to provide a point of contact between the Government of Canada and Métis, Non-Status Indians and urban Aboriginal peoples. The goal of this relationship is to advocate for and work with off-reserve Aboriginal Canadians in order to achieve equal services to those living on reserves.

Indian and Northern Affairs Canada and the Access to Information and Privacy Directorate

The Access to Information and Privacy (ATIP) Directorate reports to the Corporate Secretary who is directly accountable to the Deputy Head and is a member of the Department's Senior Management Committee. The Directorate is essentially comprised of two groups, Access and Privacy.

The ATIP Directorate is responsible for the coordination and implementation of policies, guidelines and procedures to ensure departmental compliance with the Access to Information Act and the Privacy Act. Indian and Northern Affairs Canada (INAC) has taken a proactive approach to the administration of these responsibilities. The ATIP Directorate provides support to the Department in the processing of Access to Information and Privacy requests and provides workshop presentations, training courses and awareness sessions designed to increase knowledge and understanding of Access to Information and Privacy issues and concerns across the Department. A priority for INAC is strengthening its accountability with respect to privacy and the management of its personal information holdings.

To this end, INAC has also instituted a Privacy Policy Unit under the Access to Information and Privacy (ATIP) Directorate. The main purpose of the Privacy Policy Unit is to ensure that INAC is in a position to meet its obligations under the Privacy Act and related policies, as well as to assist in building privacy into its program management activities.

Indian and Northern Affairs Canada, Privacy Policy Unit

The INAC Privacy Policy Unit has provided critical privacy advice to new initiatives, resulting in changes that will improve privacy protection in departmental programs. Policies and procedures are being established to ensure that privacy is considered throughout the life cycle of INAC's processes and programs and that the fair information principles inform policy decisions concerning data collection and use.

The INAC Privacy Policy Unit provides advice and guidance to the Department on a number of topics;

  • Conducting Preliminary Privacy Impact Assessments (PPIAs)

  • Conducting Departmental Privacy Impact Assessments (PIAs)

  • Inclusion and use of appropriate Privacy Act Statements on Data Collection Instruments (DCIs) i.e.: Forms, Surveys, etc.

  • InfoSource

  • Instruction on the preparation and registration of Personal Information Banks (PIBs) and their related Classes of Records

  • Education and promotion of awareness of Privacy and Privacy-related issues throughout the Department

  • Meeting the requirements of the Privacy Act and its related policies regarding the sharing of personal information when preparing Memoranda of Understanding (MOUs)

The Privacy Policy Unit has been instrumental in making the Privacy Impact Assessment (PIA) process a focal point for privacy activities at INAC including developing a training session specifically designed to educate staff about the PIA process.

The Privacy Policy Division, through establishment and functionality of its operations, been working to "operationalize" privacy awareness and best practices throughout INAC. It has made privacy an integral part of INAC's operations by working side-by-side on initiatives with the various directorates and components of INAC. As a result, the Privacy Policy Division has been able to embed privacy values into the culture and structure of INAC in order to ensure that, as INAC programs move forward to implementation, they have been carefully and thoroughly analyzed for their impact on personal privacy and, once implemented, are effective in protecting personal information.

One of the primary laws supporting the activities of the Privacy Policy Division is the Privacy Act. The Privacy Act, provides a code of fair information practices that governs the collection, maintenance, use, and dissemination of personal information by federal departments. Emanating from concerns about the ability to aggregate personal information -- due, in part, to advances in technology -- this law provides substantial notice, access, and redress rights for stakeholders. The law provides robust advance notice, through detailed "system of records" notices, about the creation of new technological or other systems containing personal information and carefully prescribed limits on the release of that information.

Part of the Federal Government's "Government on Line" (GOL)" and "E-Government" are particularly relevant to the Privacy Policy Division's function. The Federal Government mandates Privacy Impact Assessments through its PIA Policy when there are new collections of, or new technologies applied to, personally identifiable information.

Privacy Impact Assessments, or PIAs, are a third pillar of the privacy framework at the federal level, and reflect the growing reliance on technology to move data -- both in government spaces and on the Internet. With the addition of the privacy provisions of the "E-Government" to existing privacy protections, stakeholders now benefit from a comprehensive framework within which government considers privacy in the ordinary course of business.

To this effect, the Privacy Policy Division is working closer with program areas to ensure implementation of a rigorous PIA process, whereby every new technology use or acquisition is subject to a PIA. In the first several years of the Privacy Policy Division, much time was given to what may be described as "practical privacy." With limited resources and limited knowledge of privacy adherence within INAC, time was mainly spent assessing current privacy and government transparency and formulating a practical way forward for operationalizing privacy throughout INAC. The path chosen was to identify significant functional privacy areas. Such was done, in part, through a departmental "Privacy Review." As well, privacy professionals were hired to address functional objectives and to provide leadership at the Departmental level. Further staff requirements were met to assist the Department with privacy technology, privacy compliance, privacy policy, and disclosure policy.

The Privacy Policy Division has made significant progress in creating a strong foundation of privacy protections throughout INAC's programs, technologies, and policies in the past several years. In this regard, it will continue to educate INAC's employees on these matters.

One of the ongoing challenges is the everyday compliance with good privacy practices, including the need for privacy policies on INAC's websites, and the need to comply with all privacy laws. This compliance includes not just the Privacy Act, but all other pertinent laws and relevant policies, if they are applicable to INAC's programs or information sharing, including concerning employee information. The need for education and training is made all that much more clear by these examples and other areas, such as the legal mandate for Privacy Impact Assessments, to educate and remind our employees on compliance requirements and due care.

Consideration must be given to the role of INAC, vis-a-vis its main stakeholder, the Aboriginal Community, relevant to sharing their personal information and educating them on privacy. One of the most important policy challenges facing INAC is the sharing of personal information between the public and private sector (mainly the Aboriginal Community). This issue resonates with the Aboriginal Community and within INAC where the responsible handling of personal information is critical to the successful performance of its mandate. The Privacy Policy Division is all to familiar with the need to ensure the protection of its stakeholders' personal information.

This is why it is so important to have in place all necessary protections for personally-identifiable information. Even when actual Privacy Act violations are not found, it is nevertheless important that clear rules be in place to ensure that information sharing is done in a legitimate, respectful, and limited way.

Going forward, the challenge facing the Privacy Policy Division is to carefully navigate between the privacy and security concerns inherent in information sharing and to build a consensus on the responsible use of data so that we can further our efforts to enhance security while maintaining robust protections for personal information.

As mentioned earlier, the Privacy Policy Division has been instrumental in making the PIA process a focal point for privacy activities at INAC. By providing written and oral training in addition to specific guidance materials, the Privacy Division has enabled all programs to incorporate privacy into their fundamental program planning. From the initial drafting of a PIA to the final product, the Privacy division has provided PIA leadership to program areas and their components. The Privacy Policy Division has developed a publication to make the processing of a PIA simple. Additionally, the Privacy Policy Division reviews the PIAs, and provides advice on the need for their development, in connection with INAC rulemakings.

The Privacy Policy Division has provided critical privacy advice to new program initiatives, resulting in changes in many cases that will improve privacy protections within the various programs and for its stakeholders, including the Aboriginal Community.

Procedures are being well established to ensure that privacy is considered throughout the lifecycle of INAC's processes and programs and that fair information practices inform policy decisions concerning data collection and use.

One way to ensure that privacy is embedded into the culture of the Department is through a vigorous education and training program. The Privacy Policy Division recognizes the value and need for systematic privacy training at the Department and has developed a framework for a comprehensive program. The Privacy Policy Division has created and implemented privacy awareness training for all INAC employees and new hires. The primary goal of privacy awareness training is to ensure that employees are fully informed about how to handle personally identifiable information in a responsible and appropriate manner. The Privacy Policy Division has developed training modules that are tailored to individual groups within INAC to ensure a broad understanding of how privacy integrates with specific INAC programs so that it is addressed appropriately.

The Privacy Policy Division is making great strides in promulgating and addressing privacy issues within INAC. It is now an integral part of INAC's operations. Although more needs to be accomplished, it has embed privacy values into the culture and structure of the Department. The Privacy Policy Division is in the process of developing privacy policy for the Department and will continue to work hand-in-hand with it many stakeholders.

Highlights

Indian and Northern Affairs Canada (INAC) is proud to make strides in ensuring that privacy and the protection of personal information continues to be a priority and remains strong within the Department. Over the 2009-2010 fiscal year, INAC has proven its commitment to the importance of a robust privacy-sensitive culture throughout the Department. The following represents these highlights:

Addition of New Employees

The Privacy Policy Unit is pleased to announce the hiring of three (3) new team members. The addition of these staff assists in furthering the Privacy Policy Unit's effectiveness in responding to the privacy requirements of the Department while also maintaining a secure, healthy and respectful work environment for all employees of the Unit.

Implementation of New ATIP Case Management and Redaction Software

As the confidential nature of documents is of paramount importance to the protection of personal information, INAC has instituted a new ATIP case management system entitled AccessPro Case Management / AccessPro Redaction. The use of this system will increase the protection and privacy of personal information by severing sensitive information on documents in accordance with current legislation and optimizing document handling to speed up assistance to requestors. INAC is currently in the process of manually migrating existing Privacy files into this new system so that it may be used to its maximum capacity.

Support of the Treasury Board of Canada Secretariat – Privacy Impact Assessments

INAC is taking a proactive approach to privacy throughout the Department and has obtained guidance and support from the Treasury Board Secretariat to implement various Privacy policies and tools. To this end, the Privacy Policy Unit has developed tools to help program officials in conducting Privacy Impact Assessments (PIAs).

Support of the Treasury Board of Canada Secretariat – Info Source

The Privacy Policy Unit has also worked with Treasury Board to meet its requirements for Info Source – the annual publication containing information about the Government of Canada, its organization and information holdings. This includes conducting PIAs, and the development of Personal Information Banks (PIBs). The Privacy Policy Unit is committed to ensuring the accountability of programs within the department to register the personal information that it collects in order to remain compliant with Treasury Board policies and procedures.

Collaboration with the Office of the Privacy Commissioner of Canada

INAC has been participating with the Office of the Privacy Commissioner (OPC) to ensure thorough analysis while conducting Privacy Impact Assessments (PIAs). The cooperation between INAC and the OPC is particularly important as it ensures that privacy risks are completely understood by Departmental programs, and that solutions to privacy risks are identified and eliminated. Working with the OPC provides for a proactive and collaborative approach to mitigating potential risks and creating a privacy-sensitive culture within the Department.

Education and Training

Indian and Northern Affairs Canada (INAC) recognizes a solemn duty to comply with the Privacy Act and works diligently to meet the obligations inherent in that duty. Great effort has been taken to make Privacy a priority across the Department. To this effect, INAC has administered a number of training sessions to increase awareness about the need for Privacy throughout the Department and to make it relevant for all staff.

Information sessions during 2008-2009 focused more on training at headquarters. Alternatively, the focus during the 2009-2010 fiscal year was to inform and educate staff about Privacy at the regional level.

Privacy 101 Training is an interactive educational session designed to provide participants with a sound understanding of the principals of Privacy. Some key elements include a discussion on the meaning of Privacy, an explanation of the Privacy Act and its purpose, and how Privacy relates to "me and my job". Special attention is paid to the Aboriginal people (First Nations, Inuit and Métis) and the management of their personal information. Understanding of the Privacy Act and the responsibilities inherent within the Act will increase compliance throughout the Department and build good relationships with the ATIP office.

Five (5) Privacy 101 Training sessions were administered in the 2009-2010 fiscal year, with 10-15 persons in attendance for each. As INAC has found this to be a successful and effective tool, Privacy 101 Training sessions will continue to be a staple in the education of the staff in the Department.

Info Source Training is a training program under development and will be delivered in the upcoming fiscal year. This training program is designed to educate INAC staff about Info Source, its use and its purpose. Key elements of this program include an introduction to Info Source, what publications are included, what are Classes of Records and Personal Information Banks and what are the roles and responsibilities that need to be taken into account when submitting a publication to Info Source.

PIA Training is a program under development to teach staff how to effectively determine if a Privacy Impact Assessment (PIA) needs to be conducted and, if so, how to go about completing the process. The key elements of this training program include defining a PIA and its purpose, how to determine if a PIA is necessary; policy requirements and principals to be followed while conducting a PIA, for example the principals derived from the Canadian Standards Association Code and the Personal Information Protection and Electronic Documents Act (PIPEDA) ; and the sharing of personal information with Aboriginal people. Current and future technologies will also be a feature of this training program. INAC currently provides this training to programs on an "as requested" basis, however plans are in place to make certain that this "core" training is implemented to all program officials in the 2011-2012 fiscal year.

Altogether INAC has run 20 Access to Information and Privacy (ATIP) training sessions in the 2009-2010 fiscal year. Twelve (12) of the ATIP sessions were conducted in English and eight (8) sessions were conducted in French. Each session averaged about three hours in length. INAC has succeeded in training more than 200 staff on ATIP protocols during the 2009-2010 fiscal year.

Ultimately, staff training will improve INAC's capacity to meet their legislative obligations including the "duty to assist" requestors.

Privacy Impact Assessments (PIAs)

A PIA is a step-by-step evaluation of the flow of personal information held within a given program or service. This process enables the Department to determine whether new technologies, information systems, initiatives, and proposed programs or policies meet federal government privacy requirements.

A PIA outlines salient points about new or existing personal information, including hard copy format or through technology systems, by answering questions about how the information and data will be maintained, what administrative controls will be in place, and how the decision to use the information was made.

The 10 Fair Privacy Principals (Accountability; Identifying Purposes; Consent; Limiting Collection; Limiting Use, Disclosure and Retention; Accuracy; Safeguards; Openness; Individual Access; and Challenging Compliance) are used as a guide to ensure that privacy is considered throughout the business redesign or project development cycle.

From the initiation of a PIA to the final product, the Privacy Policy Unit has provided direction to program offices and their components on the PIA process. Please refer to "Appendix B" to view a more comprehensive listing of the number of PIAs and Preliminary Privacy Impact Assessments (PPIAs) that INAC has been involved in during the 2009-2010 fiscal year.

In the 2009-2010 fiscal year, INAC has completed five (5) PIAs:

Privasoft Access Pro Case Management (APCM) & Access Pro Redaction (APR)

The Access Pro Case Management (APCM) system was developed by the Privasoft Corporation. It is an automated case management solution that gives institutions a flexible and easy-to-use system for managing requests for information and project details while demonstrating accountability and maintaining employee productivity in a secure environment. It is configurable to operate within regulatory legislation. The system allows users to track deadlines and prioritize tasks so that time-critical elements are handled first. The system therefore helps to optimize time management and available resources when responding to requests.

APCM's counterpart, the Access Pro Redaction (APR) is imaging software that is designed specifically for document handling. The software ensures data integrity while operating within legislative compliance by severing sensitive information from documents as the system is set to enforce compliance.

The Access to Information and Privacy (ATIP) Directorate for Indian and Northern Affairs Canada (INAC) administers both the Access to Information Act and the Privacy Act and to ensure the Institution's compliance with legislation. The ATIP Directorate also provides and manages distribution of promotional messages, workshop presentations, training courses, and awareness sessions to increase the knowledge and understanding of ATIP across the Department. ATIP will use the APCM and APR systems to better organize and facilitate these various duties.

First Nations and Inuit Transfer Payment System / Guaranteed Loan Management System (FNITP/GLMS)

Transfer payments are made to First Nations governments / Inuit communities to enable the delivery of essential services to their respective communities. Currently the collection of personal information and reporting are managed through a paper based system whereby individuals in a number of regional offices enter information into various regional and national databases to satisfy the Treasury Board requirements on Policy on Transfer Payments and INAC's internal accountability, performance and evaluation requirements.

The First Nations and Inuit Transfer Payment (FNITP) system will help to centralize and modernize current business processes. Through individual agreements INAC will collect personal information from Administering Organizations and Regional INAC offices. Once the information has been entered an authorized user may then log onto a Virtual Private Network (VPN) and conduct the transfer payments. INAC will now be able to report on these activities through the FNITP system. This technology will significantly reduce the reporting burden associated with the current management process for funding arrangements.

The Guaranteed Loan Management System (GLMS) project will provide an integrated corporate system within the FNITP system that will provide the capability to manage both the program (Housing and Economical Development) and financial components that make up the Ministerial Loan Guarantee (MLG) business process.

First Nation Child and Family Services (Saskatchewan) (FNCFS)

The goal of INAC's First Nations Child and Family Services (FNCFS) program is to support First Nations communities in providing culturally sensitive child welfare services comparable to those available to other provincial residents in similar circumstances. The FNCFS program is one of many INAC programs and services dedicated to individual and family well-being.

The FNCFS System is a redesign of the current Indian Child and Family Services (ICFS) legacy application into a web based application to meet established INAC information system standards. The redesign will also improve management of maintenance costs and ensure that the system complies with Canada's Federal Government software standards. The new system will implement fixes to current issues; provide improved reporting capabilities and data entry and include user training.

Trust Fund Management System (TFMS)

The Trust Fund Management System (TFMS) is a sub-ledger of Oasis, the departmental financial system. The System maintains all the detailed financial information for trust accounts which arise from the Crown's fiduciary obligations towards First Nations. The system supports the Resolution and Individual Affairs Sector in fulfilling their responsibilities to safeguard trust funds for First Nations and individuals.

The TFMS will integrate new legislative requirements and support some user requirements the old system was incapable of supporting. This will streamline existing business and result in cost savings due to a reduced need for maintenance and support.

The functionality of TFMS does not allow for the tracking of activities by users who simply view populated screens, but it will track transactions and use of the system for logged on users for audit purposes.

The TFMS is used to manage Indian Monies in Trust. It contains both financial and non-financial (account) information. The responsibilities and authorities as outlined by the Indian Act allow the Minister to manage the Indian Monies as a fiduciary obligation (Statutory obligation of the Minister's fiduciary responsibilities to collect, receive and hold money for the use and benefit of Indians or bands and to manage and expend Indian Monies in accordance with the Indian Act.)

Nominal Roll System (NRS)

The Nominal Roll System (NRS) is an internal report related to Indian and Northern Affairs Canada's (INAC's) mandate and responsibilities. The NRS is used to co-ordinate programs relevant to the education of First Nations and Inuit students.

The NRS currently gathers data elements used to track students and their eligibility for funding. It also tracks the number of high-cost special First Nation education students that live on reserves, the schools they attend (provincial, band-operated, private, federal) and their communities.

The system tracks user activities and is used by INAC's Headquarters and Regional employees, who need the information either to enter data or perform reports.

In the past fiscal year, INAC completed one (1) PPIA:

Secure Certificate of Indian Status (SCIS)

A Privacy Impact Assessment (PIA) was conducted in November 2002 on the Indian Registry System / Secure Certificate of Indian Status (IRS/SCIS). This PPIA updated the information evaluated during the initial PIA.

Applying for Indian Status is a multi step process. Once a person who is entitled has been registered as an Indian they may apply for a Secure Certificate of Indian Status (SCIS) commonly referred to as a Status Card or Treaty Card. Operating in combination, the Indian Registry System (IRS) and SCIS record approximately 120,000 life events (births, marriages, etc.) entered annually.

The new SCIS, as proposed, will afford status Indians greater ease of border transit into Canada in the future, in particular because Canadian Border Services Agency (CBSA) regards the new design for the SCIS as meeting current document integrity standards. A direct link from INAC's IRS database to CBSA systems could be developed. This process will provide CBSA with the necessary data to support electronic validation of the SCIS at time of border crossing using the Machine Readable Zone.

Delegated Authorities

Under section 73 of the Privacy Act, the Minister's authority is delegated to enable the Department to meet its legislated requirements as well as to exercise its powers. Responsibility for all sections of the Acts has been delegated to the Corporate Secretary and to the Departmental Access to Information and Privacy Coordinator (Director) within the Corporate Secretariat. Certain staff are also delegated to carry out specific administrative functions. The Department's Delegation Orders for the Privacy Act can be found at "Appendix C".

Information Holdings

A description of the classes of institutional records held by the department can be found in the following Info Source publications for 2009-2010: Sources of Federal Government Information and Sources of Federal Employee Information.

Info Source can be accessed online.

Reading Room

A reading room is available for individuals wanting to review departmental records publications, and other materials. The room is situated in the departmental library and individuals can contact library personnel for use of the facility.

The department library is located at:

10 Wellington Street
Gatineau, Québec
K1A 0H4
Telephone: 819-997-8205
Fax: 819-953-5491

Data Matching

Data Matching is an activity involving the comparison of personal information from different sources, including sources within the same government institution, for administrative or non-administrative purposes. The data matching activity that is established can be systematic or recurring and can also be conducted on a periodic basis when deemed necessary. Data matching includes the disclosure or sharing of personal information with another organization for data matching purposes.

Indian and Northern Affairs Canada (INAC) is pleased to report that there were no data matching activities undertaken in 2009-2010.

Definitions for the Disposition of Privacy Requests

All Disclosed - All of the information requested was disclosed to the applicant without the application of exemptions and/or exclusions.

Disclosed in Part - Only a portion of the information requested was disclosed because the remainder was exempt and/or excluded.

Nothing Disclosed (Excluded) - There was no disclosure as all of the information requested qualified for exclusion under Section 68 or Section 69 of the Access to Information Act or Section 69 or Section 70 of the Privacy Act.

Nothing Disclosed (Exempt) - There was no disclosure because all of the information requested qualified for an exemption.

Unable to Process - This category includes requests that are not accounted for elsewhere, such as requests made under the wrong legislation, requests where there was not sufficient information to locate any relevant information, requests for records that are not under the control of the institution, or requests for which no identifiable records exist.

Abandoned by the Applicant - A request is considered abandoned when the applicant formally withdraws it or when the applicant does not respond to a notice that the request will be closed if not responded to within 30 days.

Transferred - This refers to requests filed under the Access to Information Act that were transferred to another government institution with "greater interest". The receiving institution will account for the request under "Received during reporting period".

Requests Under the Privacy Act

Between April 1, 2009 and March 31, 2010, the Department received forty two (42) requests for information under the Privacy Act. In addition, seven (7) requests were carried over from the previous fiscal year, for a total of forty nine (49) requests. During the reporting period forty one (41) were processed and eight (8) active files will be carried over to the next reporting period. The annual statistical report on the operation of the Privacy Act can be found at "Appendix A".

Disposition of Completed Requests

The disposition of completed requests is as follows (see Figure 1 below):

All Disclosed
5
Disclosed in Part
26
Nothing Disclosed (Excluded)
0
Nothing Disclosed (Exempt)
0
Unable to Process
7
Abandoned by the Applicant
2
Transferred
1

Total
41

Detailed description for Disposition of Completed Requests

Disclosure of Personal Information

Personal information under the control of a government institution shall not, without the consent of the individual to whom it relates, be disclosed by the institution except in accordance with subsection 8(1) of the Privacy Act.

Further to the formal forty-nine (49) requests received under the Privacy Act, as indicated above, there are permissible disclosures of personal information under subsection 8(2) of the Privacy Act which may be disclosed without the consent of the individual to whom the information pertains (see Figure 2 below). These disclosures constitute five hundred thirty two (532) requests and their breakdown is identified in the following paragraphs.

Paragraph 8(2)(a)

Personal information may be disclosed "for the purpose for which the information was obtained or compiled by the institution or for a use consistent with that purpose."

Under this paragraph of the Privacy Act, five (5) requests were received and treated.

Paragraph 8(2)(b)

Personal information may be disclosed "for any purpose in accordance with any Act of Parliament or any regulation made thereunder that authorizes its disclosure."

Under this paragraph of the Privacy Act, zero (0) requests were received and treated.

Paragraph 8(2)(c)

Personal information may be disclosed "for the purpose of complying with a subpoena or warrant issued or order made by a court, […] for the purpose of complying with rules of court relating to the production of information."

Under this paragraph of the Privacy Act, one (1) request was received and treated.

Paragraph 8(2)(d)

Personal information may be disclosed "to the Attorney General of Canada for use in legal proceedings involving the Crown in right of Canada or the Government of Canada."

Under this paragraph of the Privacy Act, forty three (43) requests were received and treated.

Paragraph 8(2)(e)

Personal information may be disclosed "to an investigative body […] for the purpose of enforcing any law of Canada or a province or carrying out a lawful investigation…"

Under this paragraph of the Privacy Act, one hundred seventy four (174) requests were received and treated.

Paragraph 8(2)(f)

Personal information may be disclosed "under an agreement or arrangement between the Government of Canada […] and the government of a province [or territory] […] for the purpose of administering or enforcing any law or carrying out a lawful investigation."

Under this paragraph of the Privacy Act, two hundred twenty (220) requests were received and treated.

Paragraph 8(2)(g)

Personal information may be disclosed "to a member of Parliament for the purpose of assisting the individual to whom the information relates in resolving a problem."

Under this paragraph of the Privacy Act, zero (0) requests were received and treated.

Paragraph 8(2)(j)

Personal information may be disclosed "to any person or body for research or statistical purposes if the head of the government is satisfied that the purpose for which the information is disclosed cannot reasonably be accomplished unless the information is provided in a form that would identify the individual to whom it relates and obtains from the person or body a written undertaking that no subsequent disclosure of the information will be made in a form that could reasonably be expected to identify the individual to whom it relates."

Under this paragraph of the Privacy Act, twelve (12) requests were received and treated.

Paragraph 8(2)(k)

Personal information may be disclosed "to any association of aboriginal peoples, Indian band, government institution or part thereof, or to any person acting on behalf of such association, band, institution or part thereof, for the purpose of researching or validating the claims, disputes or grievances of any of the aboriginal peoples of Canada."

Under this paragraph of the Privacy Act, seventy three (73) requests were received and treated.

Paragraph 8(2)(m)

Personal information may be disclosed "for any purpose where, in the opinion of the head of the institution, (i) the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or (ii) disclosure would clearly benefit the individual to whom the information relates."

Under this paragraph of the Privacy Act, zero (0) requests were received and treated.

Detailed description for Disclosure of Personal Information

Complaints and Investigations

During the 2009-2010 reporting period seven (7) complaints against the Department were filed with the Office of the Information Commissioner of Canada in relation to the procession of requests under the Privacy Act. One (1) complaint was carried over from the last fiscal year. As such two (2) investigations were completed and six (6) will be carried over to the next reporting period. Of the two (2) completed investigations, the Information Commissioner of Canada concluded that one (1) complaint was not substantiated and one (1) complaint was resolved. There were no discontinued complaints and none of the complaints were considered to be founded.

Summary of Key Issues Regarding Complaints and Investigations

Indian and Northern Affairs Canada (INAC) endeavours to respect the rights of Canadians to access their personal information while at the same time protect it with appropriate safeguards from those who would access or use it improperly. A complaint against INAC can be raised under the Privacy Act when an individual feels that their privacy rights have been violated by the Department. When a complaint is received it must then be investigated to determine the validity of the complaint and, should the complaint be founded, a resolution must occur. The resolution will either be resolved through current policies and procedures or it may shed light on policies and procedures that need to be updated to better serve the public. INAC proudly reports that only two (2) privacy complaints were received during the 2009-2010 reporting period. As stated in the previous section ("Complaints and Investigations") neither of the complaints was considered founded.

Summary of a Select Case

In November 2009 a complainant reported to INAC that when she had petitioned for access to her personal information she only received part of the information that she had requested and that INAC had failed and refused to provide her with all of the documentation that she had requested.

The complainant made numerous phone calls to the Office of Integrity, Values and Conflict Resolution and felt that there should have been related documents for each of those phone calls. She also alleged that her personal information was shared by the Office of Integrity, Values and Conflict Resolution with a Senior Human Resources Advisor and that she wanted the recorded documentation on this exchange.

As privacy and confidentiality of personal information is required by the Privacy Act to protect individuals, INAC removes the names from records related to phone calls so that they can be used for general and statistical purposes, but not to identify an individual. The same standard holds true for conversations regarding cases with other groups within INAC; situations are discussed but names are not disclosed thereby preventing any privacy breaches.

An investigation revealed that the complainant had, in fact, received the requested documents in their entirety as information pertaining to the calls and the discussion were not retrievable. Her right to access her personal information was not denied and the complaint was considered not well-founded.






Appendix A

Report on the Privacy Act

Institution Indian and Northern Affairs Canada
Reporting Period 04/01/2009 to 03/31/2010

I Requests under the Privacy Act
Received during reporting period 42
Outstanding from previous period 7
Total 49
Completed during reporting period 41
Carried forward 8

II Disposition of requests completed
1. All disclosed 5
2. Disclosed in part 26
3. Nothing disclosed (excluded) 0
4. Nothing disclosed (exempt) 0
5. Unable to process 7
6. Abandonned by applicant 2
7. Transferred 1
Total 41

III Exemptions invoked
S. 18(2) 0
S. 19(1)(a) 5
  (b) 0
  (c) 0
  (d) 0
S. 20 0
S. 21 0
S. 22(1)(a) 0
  (b) 1
  (c) 0
S. 22(2) 0
S. 23(a) 0
  (b) 0
S. 24 0
S. 25 0
S. 26 21
S. 27 8
S. 28 0

IV Exclusions cited
S. 69(1)(a) 0
  (b) 0
S. 70(1)(a) 0
  (b) 0
  (c) 0
  (d) 0
  (e) 0
  (f) 0

V Completion time
30 days or under 13
31 to 60 days 12
61 to 120 days 14
121 days or over 2

VI Extensions
  30 days or under 31 days or over
Interference with operations 15 0
Consultation 2 0
Translation 2 0
Total 19 0

VII Translations
Translations requested 0
Translations prepared
English to French 0
French to English 0

VIII Method of Access
Copies given 31
Examination 0
Copies and examination 0

IX Corrections and notation
Corrections requested 0
Corrections made 0
Notation attached 0

X Costs
Financial (all reasons)
Salary $200,000.00
Administration (O and M) $20,000.00
Total $220,000.00
Person year utilization (all reasons)
Person year (decimal format) 4.00





Appendix B

Supplemental Reporting Requirements for 2009-2010 Privacy Act
Treasury Board Secretariat is monitoring compliance with the Privacy Impact Assessment (PIA) Policy (which came into effect on May 2, 2002) through a variety of means. Institutions are therefore required to report the following information for this reporting period.
Preliminary Privacy Impact Assessments Initiated 3
Preliminary Privacy Impact Assessments Completed 1
Privacy Impact Assessments Initiated 7
Privacy Impact Assessments Completed 5
Privacy Impact Assessments forwarded to the Office of the Privacy Commissioner (OPC): 6






Appendix C


Minister of Indian Affairs and
Northern Development and Federal Interlocutor
for Métis and Non-Status Indians

Ottawa, Canada K1A 0H4

Privacy Act - Delegation Order

Pursuant to the powers of designation conferred upon me by Section 73 of the Privacy Act, the persons exercising the functions or positions of Corporate Secretary, Coporate Secretariat (position number 12294), and the departmental Access to Information and Privacy Coordinator/Manager (position number 62185) and their respective successors, including in their absence, a person or officer designated in writing to act in the place of the holder of any such functions or positions are hereby designated to exercise those powers, duties or functions of the Minister as the Head of the government institution under the Act, and as set out in the attached Schedule A.

The departmental Access to Information and Privacy Senior Advisors (position numbers 62364, 125590, 12061 and 12058) and their respective successors, including in her/his absence, a person or officer designated in writing as being authorized to act in the place of the holder of any such function or position, are hereby designated to exercise those powers, duties or functions of the Minister as the Head of the government institution under the Act, and as set out in the attached Schedule B.


___________________________________________
Minister of Indian Affairs and Northern Development

Dated at Gatineau, the 26th of May, 2008

Schedule A - Department Of Indian And Northern Development Schedule To Delegation Order

Designation Pursuant To Section 73 Of The Privacy Act

Sections and Powers, Duties or Functions
8(2)
Disclose personal information without the consent of the individual to whom it relates

8(4)
Keep copies of requests made under 8(2)(e), keep records of information disclosed pursuant to such requests and to make those records available to Privacy Commissioner

8(5)
Notify the Privacy Commissioner in writing of disclosure under paragraph 8(2)(m)

9(1)
Retain a record of use of personal information

9(4)
Notify the Privacy Commissioner of consistent use of personal information and update index accordingly

10
Include personal information in personal information banks

11(a)
Publish annually and index of all personal information held by the institution which is not part of a bank

14
Respond to request for access, within statutory deadline: give access or give notice

15
Extend time limit and notify applicant

16
Where access is refused

17(2)(b)
Language of access or alternative format of access

17(3)(b)
Access to personal information in alternative format

18(2)
May refuse to disclose information contained in an exempt bank

19(1)
Shall refuse to disclose information obtained in confidence from another government

19(2)
May disclose any information referred to in 19(1) if the other government consents to the disclosure or makes the information public

20
May refuse to disclose information injurious to federal-provincial affairs

21
May refuse to disclose information injurious to international affairs and/or defence

22
May refuse to disclose information injurious to law enforcement and investigation

23
May refuse to disclose information injurious to security clearances

24
May refuse to disclose information collected by the Canadian Penitentiary Service, the National Parole Service or the National Parole Board

25
May refuse to disclose information injurious to which could threaten the safety of individuals

26
May refuse to disclose information about other individuals, and shall refuse to disclose such information where disclosure is prohibited under section 8

27
May refuse to disclose information subject to solicitor-client privilege

28
May refuse to disclose information relating to an individual's physical or mental health were disclosure is contrary to the best interests of the individual

31
Receive notice of investigation by the Privacy Commissioner

33(2)
Make representations to the Privacy Commissioner during an investigation

35(1)
Receive the Privacy Commissioner's report of findings of the investigation and give notice of action taken

35(4)
Give compliant access to information after 35(1)(b) notice

36(3)
Receive Privacy Commissioner's report of findings of investigation of exempt

37(3)
Receive report of Privacy Commissioner's findings after compliance investigation where the institution has not complied with sections 4 to 8

51(2)(b)
Request that matter be heard and determined in National Capital Region

51(3)
Request and be given right to make representations in Section 51 hearing

72(1)
Prepare Annual Report to Parliament

77
Carry out responsibilities conferred on the head of the institution by the regulations made under section 77

Schedule B - Department Of Indian And Northern Development Schedule To Delegation Order

Designation Pursuant To Section 73 Of The Privacy Act

Sections and Powers, Duties or Functions
10
Include personal information in personal information banks

11(a)
Publish annually an index of all the personal information banks and their respective contents

11(b)
Publish annually an index of all personal information held by the institution which is not part of a bank

15
Extend time limit and notify applicant

31
Receive notice of investigation by the Privacy Commissioner