ARCHIVED - Privacy Act: Annual Report to Parliament 2011-2012

Archived information

This Web page has been archived on the Web. Archived information is provided for reference, research or record keeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Author: Aboriginal Affairs and Northern Development Canada
Date: 2012
QS #: QS-3656-000-EE-A1
Catalog: R1-44/2012E-PDF
ISSN: 1929-5057

PDF Version   (2,203 Kb, 39 Pages)




Table of Contents




I. Introduction

The purpose of the Privacy Act (PA) is to protect the personal information of individuals held by federal institutions, and to provide individuals with a right of access to that information.

This report, prepared and submitted to Parliament pursuant to section 72 of the Act, describes the activities of Aboriginal Affairs and Northern Development Canada (AANDC) that support compliance with privacy legislation. The report details the activities and accomplishments of AANDC's Access to Information and Privacy (ATIP) Directorate, including highlights such as:

Our Department

AANDC supports Aboriginal peoples (First Nations, Inuit and Métis) and Northerners in their efforts to:

AANDC is the federal department primarily responsible for meeting the Government of Canada's obligations and commitments to First Nations, Inuit and Métis, and for fulfilling the federal government's constitutional responsibilities in the North. AANDC's overall mandate and wide-ranging responsibilities are shaped by centuries of history and unique demographic and geographic challenges. The mandate is derived from the Constitution Act 1982, the Indian Act, the Department of Indian Affairs and Northern Development Act, territorial Acts, treaties, comprehensive claims and self-government agreements, as well as various other statutes affecting Aboriginal people and the North.

Most of the department's programs, representing a majority of its spending, are delivered through partnerships with First Nation and Aboriginal communities and federal-provincial or federal-territorial agreements. AANDC also works with urban Aboriginal people, Métis and non-status Indians (many of whom live in rural areas) through the Office of the Federal Interlocutor.


Return to Table of Contents




II. Organization

ATIP Directorate at AANDC

The ATIP Directorate is responsible for the administration of requests made under the Act. It was established within the Corporate Secretariat and reports to the Corporate Secretary, who is directly accountable to the Deputy Head and is a member of the AANDC Senior Management Committee (SMC). The Directorate also coordinates and implements policies, guidelines and procedures to ensure departmental compliance with the Act. Workshop presentations, training courses and awareness sessions designed to increase access to information and privacy capacity across the Department are also provided by the Directorate.

The Directorate is comprised of two sections, the Operations and Privacy Policy. While the Operations Unit handles incoming requests for record review, the Privacy Policy Unit's role is to provide critical privacy advice to new initiatives, resulting in changes that will improve privacy protection in departmental programs. Policies and procedures continue to be established to ensure that privacy is considered throughout the life cycle of AANDC's programs and that informed policy decisions are made concerning the collection and use of personal information.

The AANDC Privacy Policy Unit provides advice and guidance to the Department on a number of topics:

  1. Conducting departmental Privacy Impact Assessments (PIAs)
  2. Advising on permissible disclosures of personal information pursuant to subsection 8(2) of the PA
  3. Including and using appropriate PA Statements on Data Collection Instruments (DCIs) Example: forms, surveys, etc.
  4. Updating Info Source and instructing in the preparation and registration of Personal Information Banks (PIBs) and their related Classes of Records (CORs)
  5. Educating and promoting awareness of privacy and privacy-related issues throughout the Department
  6. Meeting the requirements of the PA and its related policies regarding the sharing of personal information when preparing Memoranda of Understanding (MOUs)

The Privacy Policy Unit comprises the following positions:

During the 2011-2012 reporting period, the Privacy Policy Unit was challenged by staff turnover resulting in an almost completely vacant unit.


Return to Table of Contents




III. Delegation Order

Under section 73 of the Act [Note 1], the Minister's authority is delegated to departmental officials in order to administer the Act within AANDC.

At the outset of the reporting period, a delegation order dated November 3, 2010 was still in effect following the Department's recent transition to Minister John Duncan (Appendix A). This delegation order designated the following positions as having the authority to administer the PA:

A new delegation order was signed by Minister Duncan on August 30, 2011 (Appendix B). Under section 73 of the Act, the order delegates full authority and responsibility for the PA to the same positions as above, as well as to the Associate Deputy Minister and the Deputy Minister.


Return to Table of Contents




IV. Interpretation of the Statistical Report

This year marks the first time government institutions used an expanded form for statistical reporting. AANDC's Statistical Report was submitted to the Treasury Board Secretariat (TBS) on April 30, 2012 (Appendix C). The Report details various aspects of the requests AANDC received and processed during the period of April 1, 2011 to March 31, 2012. Many federal institutions are observing an increase in requests received under the Privacy Act as well as greater scrutiny of their performance with respect to legislation. AANDC undoubtedly experienced this upward trend when it received 162 more requests than the previous fiscal year, or a 239% increase in volume.

Part 1. Requests under the Privacy Act

In 2011-12, AANDC received 237 requests under the Act in addition to the 15 requests carried over from the previous year, totaling 252 requests. The ATIP Directorate completed 222 requests and will carry 30 requests over into the 2012-2013 fiscal year.

Part 2. Requests closed during the reporting period

2.1 Disposition and completion time

AANDC was able to disclose records, either in their entirety or in part, 150 times (67.6%) out of the total 222 requests closed during the reporting period. In these cases, the majority of requests (104, or 69.3%) took less than 30 days to complete (Table 2.1).

Table 2.1. Disposition and completion time of requests made under the Privacy Act

  Completion Time
Disposition of requests 1 to 15 days 16 to 30 days 31 to 60 days 61 to
120 days
121 to 180 days 181 to 365 days More than
365 days
Total
7 9 5 1 1 0 0 23
Disclosed in part 6 82 26 10 0 3 0 127
All exempted 1 0 0 0 1 0 0 2
All excluded 0 0 0 0 0 0 0 0
No records exist 12 30 7 0 1 0 0 50
Request transferred 0 0 0 0 0 0 0 0
Request abandoned 14 3 3 0 0 0 0 20
Total 40 124 41 11 3 3 0 222

2.2 Exemptions

The provision under section 26 of the Act (personal information) was the most commonly used exemption during the reporting period and was applied in 114 requests (Table 2.2). The exemption under section 27 was applied three times to exempt personal information that is subject to solicitor-client privilege.

Table 2.2. Number of requests closed where exemption provisions were invoked

Section Number of requests Section Number of requests Section Number of requests
18(2) 0 22(1)(a)(i) 1 23(a) 0
19(1)(a) 0 22(1)(a)(ii) 0 23(b) 0
19(1)(b) 0 22(1)(a)(iii) 0 24(a) 0
19(1)(c) 0 22(1)(b) 1 24(b) 0
19(1)(d) 1 22(1)(c) 1 25 0
19(1)(e) 0 22(2) 0 26 114
19(1)(f) 0 22.1 0 27 3
20 0 22.2 0 28 0
21 0 22.3 0  
Total: 121

2.3 Exclusions

No exclusion provisions were applied to requests that were closed in 2011-2012.

2.4 Format of information released

Over the course of the reporting period, there was an increasing emphasis on the retrieval and disclosure of records in electronic formats (Table 2.4). As of Q2, the vast majority of responses were provided to the requester in CD-ROM format. In exceptional cases where the scanning of records rendered portions difficult to read, paper copies were provided in keeping with the duty to assist. In total, AANDC conveyed response packages electronically in 144 (96.0%) requests where records were disclosed.

Table 2.4. Format of information released

Disposition Paper Electronic Other Formats
All disclosed 2 21 0
Disclosed in part 4 123 0
Total 6 144 0

2.5 Complexity

As part of the new Statistical Report format, several factors affecting the complexity of requests were also captured.

2.5.1 Relevant pages processed and disclosed

In 2011-2012, the ATIP Directorate retrieved and reviewed 41,950 pages of records under the control of the Department (Table 2.5.1). Approximately one-third (13,315 pages or 31.7%) of these records were disclosed partially or in their entirety.

In some cases, backlog requests were abandoned by the requester, either because they were no longer interested or because they agreed to open a new request with a revised scope.

Table 2.5.1. Relevant pages processed and disclosed

Disposition of requests Number of pages processed Number of pages disclosed Number of requests
All disclosed 1,901 773 23
Disclosed in part 40,014 12,542 127
All exempted 27 0 2
All excluded 0 0 0
Request abandoned 8 0 20
Total 41,950 13,315 172
2.5.2 Relevant pages processed and disclosed by size of requests

Where records were retrieved in response to a request, 120 (69.8%) of these requests required 100 pages of processing or less (Table 2.5.2). Conversely, the ATIP Directorate also processed several higher volume requests: seven requests required the review of between 501 and 1,000 pages while five requests required processing up to 5,000 pages.

Table 2.5.2. Relevant pages processed and disclosed by size of requests

  Less than 100
pages processed
101-500
pagesprocessed
501-1000
pages processed
1001-5000
pages processed
More than 5000 pages processed
Disposition Requests Pages disclosed Requests Pages disclosed Requests Pages disclosed Requests Pages disclosed Requests Pages disclosed
All disclosed 19 193 3 520 1 60 0 0 0 0
Disclosed in Part 79 1,109 37 4,604 6 1,901 5 4,928 0 0
All exempted 2 0 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0 0 0
Abandoned 20 0 0 0 0 0 0 0 0 0
Total 120 1,302 40 5,124 7 1,961 5 4,928 0 0
2.5.3 Other complexities

In four cases, the ATIP Directorate required external consultations before completing the privacy request (Table 2.5.3).

Table 2.5.3. Other complexities related to requests closed during reporting period

Disposition Consultation required Legal advice sought Interwoven information Other Total
All disclosed 0 0 0 0 0
Disclosed in part 4 0 0 0 4
All exempted 0 0 0 0 0
All excluded 0 0 0 0 0
Abandoned 0 0 0 0 0
Total 4 0 0 0 4

2.6 Deemed refusals

AANDC incurred several deemed refusals in the first half of the reporting period, including five late privacy requests that were carried over from the previous year. All deemed refusals were completed before the end of 2011-2012.

2.6.1 Reasons for not meeting statutory deadline

The primary reason for not meeting statutory deadlines was due to excessive workload within the ATIP Directorate. During Q1 and Q2, the Directorate was in the midst of staff turnover as well as its strategy to eliminate all outstanding deemed refusals. While completing these backlog requests as swiftly as possible, the Directorate received an increase in the number of new access to information and privacy requests. In fact, in Q1 alone there were as many new formal privacy requests received in three months as there were during the entire 2010-2011 fiscal year. As such, 17 files, five of which were already late at the start of 2011-2012, were completed after their deadline (Table 2.6.1).

Table 2.6.1. Reasons for not meeting statutory deadline

  Principle Reason
Number of requests closed past the statutory deadline Workload External consultation Internal consultation Other
17 17 0 0 0
2.6.2 Number of days past deadline

Of the 17 deemed refusals reported during 2011-2012, nine were completed after their extended deadline (Table 2.6.2). For the remaining eight requests, no extensions had been taken (three of these requests were carried over from 2010-2011).

Table 2.6.2. Number of days requests were closed past their statutory deadline

Number of days past deadline Number of requests past deadline where no extension was taken Number of requests past deadline where an extension was taken Total
1 to 15 days 2 2 4
16 to 30 days 2 4 6
31 to 60 days 0 0 0
61 to 120 days 2 1 3
121 to 180 days 2 1 3
181 to 365 days 0 1 1
More than 365 days 0 0 0
Total 8 9 17

2.7 Requests for translation

In 2011-2012, there were three occasions where responsive records were translated from English to French at the request of the applicant.

Table 2.7. Requests for translation

Translation Requests Accepted Refused Total
English to French 3 0 3
French to English 0 0 0
Total 3 0 3

Part 3. Disclosures under subsection 8(2)

AANDC is permitted to disclose personal information under subsection 8(2) of the Act (see Section V for more detail). Under paragraph 8(2)(e), personal information may be disclosed "to and investigative body […] for the purpose of enforcing any law of Canada or a province or carrying out a lawful investigation…". In 2011-2012, AANDC made 96 disclosures within this context. The ATIP Directorate also disclosed personal information verifying Indian status on four occasions under 8(2)(m), "where, in the opinion of the head of this institution, (i) the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or (ii) disclosure would clearly benefit the individual to whom the information relates". On each of these 4 occasions, AANDC notified the Privacy Commissioner of Canada, as required by section 8.

Table 3. Disclosures of personal information permissible under subsection 8(2)

Paragraph 8(2)(e) Paragraph 8(2)(m) Total
96 4 100

Part 4. Requests for correction of personal information and notations

During the reporting period, there were no requests for correction of personal information and notations.

Part 5. Extensions

5.1 Reasons for extensions and disposition of requests

The most frequent reason for extending the statutory timeline of requests was due to interference with operations, pursuant to Section 15(a)(i) of the Act. These extensions were applied in 45 instances; the requests where these extensions were taken resulted in dispositions of 'All disclosed' or 'Disclosed in part' in 88.2% of cases. Extensions were also applied in situations where external consultations were required (4 occasions). In general, where an extension was taken under section of 15, the responsive records were either 'All disclosed' or 'Disclosed in part' 85.5% of the time.

Table 5.1. Reasons for extensions and disposition of requests

  15(a)(ii) Consultation  
Disposition of requests where an extension was taken 15(a)(i) Interference
with Operations
Section 70 Other 15(b) Translation
or conversation
All Disclosed 8 0 0 0
Disclosed in part 37 0 2 0
All exempted 0 0 0 0
All excluded 0 0 0 0
No records exist 3 0 2 0
Request abandoned 3 0 0 0
Total 51 0 4 0

5.2 Length of extensions

Nearly every extension applied during the reporting period (53 of 55, or 96.4%) was between 16 to 30 days in length (Table 5.2).

Table 5.2. Length of extensions

  15(a)(ii) Consultation  
Length of extension 15(1)(i) Interference
with Operations
Section 70 Other 15(b)
1 to 15 days 2 0 0 0
16 to 30 days 49 0 4 0
Total 51 0 4 0

Part 6. Consultations received from other institutions and organizations

During the reporting period, no consultation requests were received from other government institutions and organizations.

Part 7. Completion time of consultations on Cabinet confidences

During the reporting period, no consultations on the application of section 70 of the Act were sent to the Cabinet Confidences Section of the Privy Council Office.

Part 8. Resources related to the Privacy Act

8.1 Costs

In total, AANDC spent $729,683 on the administration of the PA in 2011-2012 (Table 8.1). This is a relatively small increase ($28,248 or 4.0%) from the $701,435 reported in 2010-2011. The ATIP Directorate devoted $554,520 in salary during the reporting period, which was $55,760 (9.1%) less than the amount spent in 2010-2011. To aid in the analysis and review of privacy requests during periods of high volume, $142,600 was spent on professional services contractors and consultants from temporary help agencies.

Table 8.1. Costs for the administration of the Privacy Act

Expenditures Amount
Salaries $554,520
Overtime $0
Goods and Services $175,163
Contracts for privacy impact assessments $0
Professional services contracts $142,600
Other $32,563
Total $729,683

8.2 Human Resources

The Privacy Policy Unit consisted of five full-time employees dedicated full-time to privacy activities, in addition to 13 full-time employees within the Operations Unit who were dedicated part-time to processing privacy requests (Table 8.2). Over 2011-2012, 10 consultants were hired – one was dedicated full-time to privacy activities while the other nine were split between access and privacy requests.

Table 8.2. Human resources dedicated to the administration of the Privacy Act

Resources Dedicated full-time to privacy Activities Dedicated part-time to privacy Activities Total
Full-time employees 5 13 18
Part-time and casual employees 0 1 1
Regional staff 0 0 0
Consultants and agency personnel 1 9 10
Students 0 0 0
Total 6 23 29

Return to Table of Contents




V. Disclosure of Personal Information

Personal information under the control of a government institution shall not, without the consent of the individual to whom it relates, be disclosed by the institution except in accordance with subsection 8(1) of the Act. Further to the 222 formal requests that were processed in 2011-2012, there were also disclosures of personal information made pursuant to the paragraphs under subsection 8(2) of the Act (Table V). The most frequent types of disclosure were under paragraphs 8(2)(e), 8(2)(f) and 8(2)(d), which accounted for 86.7% of the disclosures made during the reporting period. Under paragraph 8(2)(e), personal information may be disclosed "to an investigative body […] for the purpose of enforcing any law of Canada or a province or carrying out a lawful investigation…". Under paragraph 8(2)(f), personal information may be disclosed "under an agreement or arrangement between the Government of Canada […] and the government of a province [or territory] […] for the purpose of administering or enforcing any law or carrying out a lawful investigation. Under paragraph 8(2)(d), personal information may be disclosed "to the Attorney General of Canada for use in legal proceedings involving the Crown in right of Canada or the Government Canada".

Table V. Disclosures of personal information permissible under subsection 8(2) of the Privacy Act

Paragraph Number of Disclosures Percentage (%)
8(2)(a) 11 3.6
8(2)(b) 0 0
8(2)(c) 0 0
8(2)(d) 81 26.2
8(2)(e) 96 31.1
8(2)(f) 91 29.5
8(2)(g) 0 0
8(2)(h) 0 0
8(2)(i) 0 0
8(2)(j) 2 0.6
8(2)(k) 22 7.1
8(2)(l) 2 0.6
8(2)(m) 4 1.3
Total 309 100

Return to Table of Contents




VI. Other ATIP Directorate Functions

The ATIP Directorate also processes other types of files beyond formal requests submitted under the Act. These include informal requests from members of the public as well as various services provided internally to the Department.

Altogether, the Operations Unit processed 443 informal privacy-related requests. The most frequent type of request received over this reporting period has been requests for records pertaining to the Indian Residential Schools Settlement Agreement (including Common Experience Payment and Independent Assessment Process documents).

The Privacy Policy Unit handles a plethora of requests from internal clients within the Department, including policy questions, review DCIs and development of appropriate Privacy Statements, evaluation of existing MOUs and support in addressing and containing potential privacy breaches.


Return to Table of Contents




VII. Complaints and Investigations

During the 2011-2012 reporting period, five complaints were filed with the Office of the Privacy Commissioner of Canada (OPC) in relation to the processing of requests under the Act (Table VII.1 and Figure VII.1).

Table VII.1. Number of complaints received

Type of Complaint Number of Complaints
Delay 3
Exemption/Exclusion 1
Miscellaneous 1
Total 5

Figure VII.1. Percent distribution of complaint reasons

Upon investigation by the OPC, each of these five complaints were concluded to be well-founded and were resolved by AANDC before the close of the 2011-2012 fiscal year.


Return to Table of Contents




VIII. Privacy Impact Assessments

A PIA is a step-by-step evaluation of the flow of personal information held within a given program or service. This process enables the Department to determine whether new technologies, information systems, initiatives, and proposed programs or policies meet federal government privacy requirements.

During the 2011-2012 reporting period, the Privacy Policy Unit processed three preliminary PIAs and determined that a full-scale assessment was unnecessary for these particular cases (Table VIII.1). No PIAs were initiated during the reporting period.

Table VIII.1. Number of Privacy Impact Assessments Initiated and Completed

Privacy Impact Assessments Number of Privacy Impact Assessments
* A PIA is not considered to be completed until the final, approved copy including all eight sections outlined in Appendix C of the Directive has been sent to both the Office of the Privacy Commissioner and to the Information and Privacy Policy Division, Treasury Board Secretariat.
Privacy Impact Assessments initiated 0
Privacy Impact Assessments completed 0*

Return to Table of Contents




IX. 2011-2012 Points of Interest

Full Compliance with the Privacy Act

Despite a sharp incline in the number of requests received under the Act this year, combined with a large workload of new and backlog access to information requests, the ATIP Directorate was successful in achieving full compliance with the Act starting in Q3 and lowered AANDC's deemed refusal rate to 13.3% over the entire year (compared to a 44.3% rate in 2010-2011). AANDC is committed to maintaining this high level of compliance in 2012-2013 and senior management continues its strong support and leadership on this front.

Reconstitution of Privacy Policy Unit

In the first half of 2011-2012, the ATIP Directorate faced a number of staff departures that greatly affected the operations of the Privacy Policy Unit. Beginning in Q3, the Privacy Policy Unit was reconstituted by staffing vacant four key positions, including the team leader, two senior-level officer positions, one junior officer and administrative support. In Q4, a consultant was hired to review all MOUs between AANDC and other organizations related to the sharing of personal information. These MOUs will be validated and re-assessed during 2012-2013.

Info Source

To fulfill the requirements of Management Accountability Framework (MAF) Area of Management (AoM) 12.5 criteria, extensive effort was made to ensure all PIBs and CORs were updated and registered in accordance with TBS policy. In total, one new PIB was registered with TBS while 11 updates to pre-existing PIBs were approved by TBS during 2011-2012. The Department's 2010-2011 Info Source chapter was submitted to TBS on September 23, 2011 and met all mandatory requirements set out by TBS.

Development of Guidelines

Over the course of the reporting period, the Privacy Policy Unit established several key privacy policy guidelines (see Section X for further detail).

Education and Training

Educating staff on the Act as well as its implications on the Department and its functions are of paramount importance to AANDC.

It has become clear in recent years that the collection and privacy of personal information is of great interest and concern to the Canadian public. Transparency, accountability and speed of service with respect to providing individuals with access to their own personal information are some of the key areas of focus in AANDC's training efforts.

With a solid understanding of the Act, staff is better able to recognize what is personal information and make informed policies decisions and changes to processes. As such, AANDC has made it a priority to train staff on understanding and implementing the TBS policies and procedures related to the PA and meet the acceptable criteria for institutional ATIP capacity set out within MAF AoM 12.6.

In total, the ATIP Directorate held 59 training sessions (over 800 employees, including headquarters and regional offices) on both the Access to Information Act and Privacy Act as part of its AANDC-wide training plan.


Return to Table of Contents




X. Changes to the Organization, Policies, Guidelines and Procedures

Organization Changes

As described above, several key positions were staffed during the reporting period. The Directorate still faces the challenge of filling certain vacant positions within the Privacy Policy Unit, but there were no integral changes to the organizational structure overall.

Revised Privacy Guidelines

Upon its reconstitution, the Privacy Policy Unit revised and re-established several key procedures and guidelines related to its business. Guidelines for the processing of permissible disclosures under subsection 8(2) of the Act, Privacy Statements, and PIAs were all revised to facilitate consistency throughout the Department as well as timely service to the clients of the Privacy Policy Unit. In addition, departmental Info Source and Privacy Breach guidelines were developed to aid AANDC's program areas in their responsibilities related to collecting and protecting personal information.

Procedural Changes

AANDC implemented the following procedural changes during the reporting period:

Updated Accountability Reporting to Senior Management

As an accountability measure within the Department, the ATIP Directorate produces a monthly report to Senior Management Committee (SMC) indicating sector and regional office performance with respect to the retrieval of records. This report was revised in Q3 for greater accuracy and tracks the number of on-time and late retrieval responses per month. The report also captures workload and performance trends over multiple months and fiscal years.

Internal Advisory Process

In Q4, the ATIP Directorate revised its internal advisory process and mapped out the critical processes involved in completing formal requests. This pathway denotes the key roles, actions and timeframes that Departmental staff is responsible for in responding to a request under the Act. This pathway was approved by the Associate Deputy Minister and circulated to Senior Management Committee Members.

Sector Sign-off

At the request of senior management, the ATIP Directorate implemented a process to ensure all callouts for records were signed off at the ADM level. In this way, AANDC has ensured that the set of records provided by each sector is complete and benefits from high level recommendations.

5 and 7 Day Reminder System

Integrated into the critical pathway of formal requests is a reminder system to advise sectors of their impending due dates for record retrieval. When the ATIP Directorate tasks a sector with retrieving records that are relevant to a request, the sector is given seven calendar days to complete an Impact Statement and provide these records. During this timeframe, the Intake Unit will send email reminders to sector ATIP Liaison Officers (ALOs) on the fifth and seventh days to ensure that ALOs are aware of approaching deadlines.

Monday Management Meetings

At the beginning of each week, the management team of the ATIP Directorate meets to focus on upcoming files, ensuring that requests are on track and that impending releases are completed within the statutory deadline.


Return to Table of Contents




Appendix A - Order of Delegation of the Privacy Act dated November 3, 2010.

Privacy Act - Delegation Order

Pursuant to the powers of designation conferred upon me by Section 73 of the Privacy Act, the persons exercising the functions or positions of Corporate Secretary, Corporate Secretariat (position number 12294), and the departmental Access to Information and Privacy Coordinator / Manager (position number 62185) and their respective successors, including in their absence, a person or officer designated in writing to act in the place of the holder of any such functions or positions are hereby designated to exercise those powers, duties or functions of the Minister as the Head of the government institution under the Act, and as set out in the attached Schedule A.

The departmental Access to Information and Privacy Senior Advisors (position numbers 62364, 12590 and 12061) and their respective successors, including in her/his absence, a person or officer designated in writing as being authorized to act in the place of the holder of any such function or position, are hereby designated to exercise those powers, duties or functions of the Minister as the Head of the government institution under the Act, and as set out in the attached Schedule B.


___________________________________________
Minister of Indian Affairs and Northern Development

Dated at Gatineau, the 3rd of November, 2010

SCHEDULE A

DEPARTMENT OF INDIAN AFFAIRS AND NORTHERN DEVELOPMENT SCHEDULE TO DELEGATION ORDER

DESIGNATION PURSUANT TO SECTION 73 OF THE PRIVACY ACT

Sections and Powers, Duties or Functions
8(2)
Disclose personal information without the consent of the individual to whom it relates

8(4)
Keep copies of requests made under 8(2)(e), keep records of information disclosed pursuant to such requests and to make those records available to Privacy Commissioner

8(5)
Notify the Privacy Commissioner in writing of disclosure under paragraph 8(2)(m)

9(1)
Retain a record of use of personal information

9(4)
Notify the Privacy Commissioner of consistent use of personal information and update index accordingly

10
Include personal information in personal information banks

11(a)
Publish annually an index of all personal information banks and their respective contents

11(b)
Publish annually an index of all personal information held by the institution which is not part of a bank

14
Respond to request for access, within statutory deadline; give access or give notice

15
Extend time limit and notify applicant

16
Where access is refused

17(2)(b)
Language of access or alternative format of access

17(3)(b)
Access to personal information in alternative format

18(2)
May refuse to disclose information contained in an exempt bank

19(1)
Shall refuse to disclose information obtained in confidence from another government

19(2)
May disclose any information referred to in 19(1) if the other government consents to the disclosure or makes the information public

20
May refuse to disclose information injurious to federal-provincial affairs

21
May refuse to disclose information injurious to international affairs and/or defence

22
May refuse to disclose information injurious to law enforcement and investigation

23
May refuse to disclose information injurious to security clearances

24
May refuse to disclose information collected by the Canadian Penitentiary Service, the National Parole Service or the National Parole Board

25
May refuse to disclose information injurious to which could threaten the safety of individuals

26
May refuse to disclose information about other individuals, and shall refuse to disclose such information where disclosure is prohibited under section 8

27
May refuse to disclose information subject to solicitor-client privilege

28
May refuse to disclose information relating to an individual's physical or mental health where disclosure is contrary to the best interests of the individual

31
Receive notice of investigation by the Privacy Commissioner

33(2)
Make representations to the Privacy Commissioner during an investigation

35(1)
Receive the Privacy Commissioner's report of findings of the investigation and give notice of action taken

35(4)
Give complainant access to information after 35(1)(b) notice

36(3)
Receive Privacy Commissioner's report of findings of investigation of exempt

37(3)
Receive report of Privacy Commissioner's findings after compliance investigation where the institution has not complied with sections 4 to 8

51(2)(b)
Request that matter be heard and determined in National Capital Region

51(3)
Request and be given right to make representations in Section 51 hearing

72(1)
Prepare Annual Report to Parliament

77
Carry out responsibilities conferred on the head of the institution by the regulations made under section 77 which are not included above

SCHEDULE B

DEPARTMENT OF INDIAN AFFAIRS AND NORTHERN DEVELOPMENT SCHEDULE TO DELEGATION ORDER

DESIGNATION PURSUANT TO SECTION 73 OF THE PRIVACY ACT

Sections and Powers, Duties or Functions
10
Include personal information in personal information banks

11(a)
Publish annually an index of all personal information banks and their respective contents

11(b)
Publish annually an index of all personal information held by the institution which is not part of a bank

15
Extend time limit and notify applicant

31
Receive notice of investigation by the Privacy Commissioner

Return to Table of Contents




Appendix B - Order of Delegation of the Privacy Act dated August 30, 2011

Privacy Act - Delegation Order

Pursuant to the powers of designation conferred upon me by Section 73 of the Privacy Act, the persons exercising the functions or positions of Deputy Minister (position number 00001), Associate Deputy Minister (position number 00000006), Deputy Minister's office, Corporate Secretary (position number 12294), Corporate Secretariat, and the departmental Access to Information and Privacy Coordinator/Director (position number 20003872) and their respective successors, including in their absence, a person or officer designated in writing to act in the place of the holder of any such functions or positions are hereby designated to exercise those powers, duties or functions of the Minister as the Head of the government institution under the Act, and as set out in the attached Schedule A.

The departmental Access to Information and Privacy Senior Advisors (position numbers 62364, 12590 and 12061) and their respective successors, including in her/his absence, a person or officer designated in writing as being authorized to act in the place of the holder of any such function or position, are hereby designated to exercise those powers, duties or functions of the Minister as the Head of the government institution under the Act, and as set out in the attached Schedule B.


___________________________________________
Minister of Indian Affairs and Northern Development

Dated at Gatineau, the 30 of August, 2011

SCHEDULE A

DEPARTMENT OF INDIAN AFFAIRS AND NORTHERN DEVELOPMENT SCHEDULE TO DELEGATION ORDER

DESIGNATION PURSUANT TO SECTION 73 OF THE ATIA

Sections and Powers, Duties or Functions
8(2)
Disclose personal information without the consent of the individual to whom it relates

8(4)
Keep copies of requests made under 8(2)(e), keep records of information disclosed pursuant to such requests and to make those records available to Privacy Commissioner

8(5)
Notify the Privacy Commissioner in writing of disclosure under paragraph 8(2)(m)

9(1)
Retain a record of use of personal information

9(4)
Notify the Privacy Commissioner of consistent use of personal information and update index accordingly

10
Include personal information in personal information banks

11(a)
Publish annually an index of all personal information banks and their respective contents

11(b)
Publish annually an index of all personal information held by the institution which is not part of a bank

14
Respond to request for access, within statutory deadline; give access or give notice

15
Extend time limit and notify applicant

16
Where access is refused

17(2)(b)
Language of access or alternative format of access

17(3)(b)
Access to personal information in alternative format

18(2)
May refuse to disclose information contained in an exempt bank

19(1)
Shall refuse to disclose information obtained in confidence from another government

19(2)
May disclose any information referred to in 19(1) if the other government consents to the disclosure or makes the information public

20
May refuse to disclose information injurious to federal-provincial affairs

21
May refuse to disclose information injurious to international affairs and/or defence

22
May refuse to disclose information injurious to law enforcement and investigation

23
May refuse to disclose information injurious to security clearances

24
May refuse to disclose information collected by the Canadian Penitentiary Service, the National Parole Service or the National Parole Board

25
May refuse to disclose information injurious to which could threaten the safety of individuals

26
May refuse to disclose information about other individuals, and shall refuse to disclose such information where disclosure is prohibited under section 8

27
May refuse to disclose information subject to solicitor-client privilege

28
May refuse to disclose information relating to an individual's physical or mental health were disclosure is contrary to the best interests of the individual

31
Receive notice of investigation by the Privacy Commissioner

33(2)
Make representations to the Privacy Commissioner during an investigation

35(1)
Receive the Privacy Commissioner's report of findings of the investigation and give notice of action taken

35(4)
Give compliant access to information after 35(1)(b) notice

36(3)
Receive Privacy Commissioner's report of findings of investigation of exempt

37(3)
Receive report of Privacy Commissioner's findings after compliance investigation where the institution has not complied with sections 4 to 8

51(2)(b)
Request that matter be heard and determined in National Capital Region

51(3)
Request and be given right to make representations in Section 51 hearing

72(1)
Prepare Annual Report to Parliament

77
Carry out responsibilities conferred on the Head of the institution by the regulations made under section 77 which are not included above

SCHEDULE B

DEPARTMENT OF INDIAN AND NORTHERN DEVELOPMENT SCHEDULE TO DELEGATION ORDER

DESIGNATION PURSUANT TO SECTION 73 OF THE ACCESS TO INFORMATION ACT

Sections and Powers, Duties or Functions
10
Include personal information in personal information banks

11(a)
Publish annually an index of all the personal information banks and their respective contents

11(b)
Publish annually an index of all personal information held by the institution which is not part of a bank

15
Extend time limit and notify applicant

31
Receive notice of investigation by the Privacy Commissioner

Return to Table of Contents




APPENDIX C: AANDC 2011-2012 Statistical Report on the Administration of the Privacy Act.

Reporting period: 4/1/2011 to 31-Mar-2012. Click here to view the complete form  .

Part 1 - Requests under the Access to Information Act

Part 2 - Requests closed during the reporting period

Part 3 - Disclosures under subsection 8(2)

Part 4 - Requests for correction of personal information and notations

Part 5 - Extensions

Part 6 - Consultations received from other institutions and organizations

Part 7 - Completion time of consultations on Cabinet confidences

Part 8 - Resources related to the Access to Information Act

VIII. Privacy Impact Assessments


Return to Table of Contents




Footnotes:

  1. Access to Information Act, R.S.C., 1985, c. P-21, p. 46. (return to source paragraph)
Date modified: