Annual Report of the Privacy Act 2012-2013
The Privacy Act protects the privacy of Canadian citizens and permanent residents against the unauthorized use and disclosure of personal information about themselves held by a government institution. It also provides individuals with a right of access to that information and the right to correct inaccurate personal information. In addition, the Privacy Act legislates how the government collects, stores, disposes, uses and discloses personal information.
Section 72 of the Privacy Act requires that the Head of every federal government institution submit an annual report to Parliament on the administration of this Act over the fiscal year. This report describes how the Correctional Service Canada (CSC) fulfilled its privacy responsibilities during the reporting period covering 2012-2013.
Our reporting Head, the Minister of Public Safety, has delegated the administration of the Privacy Act, including the reporting of the Annual Report, to the Commissioner of CSC.
Chapter I – Report on the Privacy Act
About Correctional Service Canada
The Correctional Service of Canada was formed in 1979 through the amalgamation of the Canadian Penitentiary Service and the Parole Board of Canada. CSC has the fundamental obligation to contribute to public safety by actively encouraging and assisting offenders to become law-abiding citizens, while exercising reasonable, safe, secure and humane control.
It does this by operating under the rule of law, in particular the Correctional and Conditional Release Act (CCRA), which provides its legislative framework. The Commissioner of CSC has the authority, extending from the CCRA, to issue directives, procedures and guidelines to carry out the agency’s operations.
CSC contributes to public safety by administering court-imposed sentences for offenders sentenced to two years or more. This involves managing institutions (penitentiaries) of various security levels and supervising offenders on different forms of conditional release, while assisting them in become law-abiding citizens. CSC also administers post-sentence supervision of offenders with Long Term Supervision Orders for up to 10 years.
CSC works closely with its Public Safety Portfolio partners, including the Royal Canadian Mounted Police (RCMP), the Parole Board of Canada (PBC), the Canada Border Services Agency (CBSA), the Canadian Security Intelligence Service (CSIS), and three review bodies, including the Office of the Correctional Investigator (OCI).
In consideration of CSC’s mandate, the agency collects and retains a substantial amount of personal information.
As reported upon in the departmental 2012-2013 Report on Plans and Priorities, CSC has been faced with a number of complex challenges that has impacted on its operations over the past few years – including the ATIP Division. CSC has an offender population that has more extensive histories of violence and violent crimes; previous youth and adult convictions; affiliations with gangs and organized crime; higher rates of infection of Hepatitis C and Human Immunodeficiency Virus(HIV); a disproportionate representation of First Nations; Métis and Inuit offenders; serious substance abuse histories and related problems; and serious mental health disorders.
In addition, CSC has undergone a number of recent criminal justice legislative changes such as the Truth in Sentencing Act, the Tackling Violent Crime Act, the Abolition of Early Parole Act, and the Safe Streets and Communities Act. As a result of these changes, the ATIP Division has not only been called upon to process more complex Privacy requests, but has been involved in a number of working groups to ensure that privacy is paramount in any new programs or major changes to existing programs.
The Access to Information and Privacy Division
The Access to Information and Privacy Division (ATIP) reports to the Director General of Rights, Redress and Resolution, under the Policy Sector, and is responsible for the overall administration of the Access to Information Act and the Privacy Act. In addition, each sector, region, institution, parole office and community correctional centre has an Access to Information and Privacy liaison who assists the national ATIP Division in administering its overall responsibilities. The ATIP Division has a total of 54 full-time equivalents which are comprised of:
Managers of Operations – ATI
Junior Information Officer
Team Leaders – Privacy
Junior information Officers
The ATIP Division continues to process a large number of both formal and informal privacy requests, including a large backlog of Indian Residential School Settlement (IRSS) Claim requests.
The ATIP Division also processes a significant number of informal privacy requests in response to employee requests, Workers’ Compensation Board (WCB) claims, Department of Justice (DOJ), and other provincial court cases and provides internal assistance to CSC officials within institutions, Regional Headquarters and National Headquarters. These can be extremely time-consuming and are frequently urgent. The ATIP Division’s workload is such that most of these informal reviews are handled by the Policy and Training Unit and the Management Team.
Highlights & Accomplishments
Training & Awareness
The Policy and Training Unit (PTU) plays a fundamental role in developing and delivering training to employees at National Headquarters, Regional Headquarters and in the Institutions across Canada, as well as the ATIP staff, on Access to Information and Privacy related matters.
During this reporting period, the ATIP Division focused on delivering ATIP Awareness training to the sectors and the regions in order to ensure CSC employees have an understanding of ATIP and the importance of their role in the process. Regional ATIP Liaisons also delivered training sessions within their regions. Employees were trained from various areas of CSC, including:
- Health Services
- Community Engagement
- Offender Redress
- Executive Secretariat
- Wardens and Deputy Wardens
- National Monitoring Centre
- Performance Management
- Security Intelligence Analysts
- Access to Information and Privacy
- Correctional Managers
- Administrative Assistants
- Chiefs of Administration
- Managers of Assessment and Intervention
- Parole Officers
- Labour Relations
- Staff Training Coordinators
- Sentence Administration Staff
- Case Management Staff
A total of 522 employees received ATIP training at NHQ and in the regions this reporting period.
The Policy and Training Unit continues to offer training to Regional ATIP Liaisons and provide advice and answer questions and concerns regarding training, policy and guidelines, interpretations of the Act, etc. through its GEN-NHQ Policy and Training email account. This continues to be a very useful tool.
Policies, Guidelines, and Procedures
The PTU spent this year continuing its review of its policies and procedures to ensure they were compliant and reflected the most current information. This included the revision of the Privacy Impact Assessment Checklist, Privacy Breach Guidelines and Privacy Risk Assessment template, as well as the development of the Privacy Breach and Privacy Impact Assessment ATIP Bulletins.
Two new tools were created during this reporting period:
- ATIP Resource Toolkit – an electronic tool designed to support the development of ATIP staff by providing a centralized location for policies, procedures and other ATIP-related documents, and
- Privacy Request Checklist – a tool that serves as a guide to staff when processing formal privacy requests in order to ensure each request goes through the proper steps from beginning to end.
Following feedback from Treasury Board Secretariat (TBS), CSC ATIP is exploring ways to inform requesters of its Duty to Assist under the Privacy Act. ATIP’s internet site has a page dedicated to the Duty to Assist principles; however, we are looking at additional ways to transmit this information such as posting notices in penal institutions.
One of CSC ATIP’s priorities continues to be fostering its relationship with the Office of the Privacy Commissioner. As much as possible, CSC provides detailed rationales in response to formal complaints and also notifies the OPC of all moderate and high level breaches.
Due to the vast quantities of personal information handled by the CSC, the ATIP Division continues to be proactive in promoting awareness regarding the safeguarding of its information holdings and stresses in each training session how to avoid breaches.
Audit on Privacy Breaches at CSC
As a result of the number of breaches of offenders’ personal information, CSC’s Commissioner has asked for a privacy audit on the protection of offenders’ personal information within the institutions. The audit team has visited a number of institutions and it is anticipated that the results of the audit will assist in mitigating the occurrences of future breaches and provide concrete recommendations to reduce the number of breaches.
ATIP Website – Internal and External
CSC’s ATIP Division continues to ensure its internal ATIP website is kept updated with the most current information in order to educate the wider CSC community on privacy related issues. The site includes information regarding policies and procedures, directives, privacy breach prevention and reporting, Privacy Impact Assessment procedures, and a list of ATIP Tips and Bulletins.
This fiscal year, ATIP’s external internet section was revised and updated to ensure it is in compliance with TBS’ Web Content Accessibility Guidelines. The updated content continues to be user-friendly and includes dedicated pages for instructions on submitting access and privacy requests and how to make a request for correction of personal information, the duty to assist, an up-to-date list of the completed Privacy Impact Assessments, and frequently asked questions.
CSC is responsible for providing comprehensive, accurate and up-to-date descriptions of its functions, programs, activities and Personal Information Banks (PIBs) that describe the collection, use, disclosure and retention of personal information in Info Source. CSC continues to be dedicated to updating its PIBs on an annual basis and ensuring they are aligned with the appropriate Class of Records.
CSC was also part of the Info Source Pilot Working Group in September 2012 on the decentralization of Info Source. CSC’s Info Source chapter can now be found on its external website and will be updated as revisions arise.
Management Accountability Framework (MAF)
As a result of the Deficit Reduction Action Plan exercise, there was no MAF for the fiscal year 2012-2013. However, it should be noted that CSC improved its MAF ratings for the 2011-2012 review in relation to the Privacy Act and now has acceptable and strong ratings.
Throughout the 2012-2013 fiscal year, officials of the ATIP division supported the administration of the Privacy Act through many of its other activities, including:
- Participating in working groups in order to provide privacy advice, including:
- Electronic Monitoring of offenders in the community.
- A joint agreement between CSC and CBSA to aid them in the enforcement of border control and deportation.
- Bill C-350 in which creditors may seek monies from offenders.
- Telecommunications to assist offender visits by using videoconferencing and emails.
- ChildLink – a pilot project that will allow virtual visits using videoconference calls from mothers to their children in the community.
- Telehealth initiatives in which health services will be delivered, electronically such as dispensing pharmacy services, medical consultations, etc.
- Assisting the Policy Sector with its review of the Commissioner’s Directives.
- Reviewing CSC’s forms to ensure they contain the required privacy statements.
- Participating as a member of the Government of Canada (GC) Forum on ATIP. The Forum serves as a direct link to the ATIP community where members discuss issues including PIAs, policy developments and training initiatives.
- Attending networking functions with other ATIP colleagues such as the ATIP Community meetings presided by the Treasury Board, the annual Canadian Access and Privacy Association (CAPA) conference, the annual Information Commissioner and Privacy Commissioner’s breakfast and the annual PIA information session held by the Office of the Privacy Commissioner.
- Strengthening our communication and relationship with the Office of the Privacy Commissioner – ATIP sponsored a learning session for their investigators to assist them in understanding how Preventive Security works within CSC and the penal institutions. These learning sessions help familiarize investigators with the unique challenges and issues of CSC.
- Assisting program areas with the completion of the Privacy Impact Assessment (PIA) Checklist for new initiatives and projects, and reviewing them in order to determine if a full PIA is required.
- Providing advice to CSC employees on privacy matters, including how to report on and prevent breaches of personal information and ensure that corrective measures are implemented and responding to general ATIP questions from our colleagues in the sectors and regions.
- Serving as the Secretariat for CSC’s Privacy Committee chaired by the Assistant Commissioner, Policy.
Privacy Impact Assessments
There was one PIA completed this reporting year as follows:
In 2008, CSC completed a Privacy Impact Assessment (PIA) for the Electronic Monitoring Pilot Project which examined the capacity of CSC to use EM technology to monitor higher risk and/or needs of offenders on release in the community. The project ended in 2011, and at the present time (May 2013) EM services are not operational within CSC. However, with the coming into force of the Safe Streets and Communities Act, legal authority exists for CSC to monitor offender compliance with a condition of a temporary absence, work release, parole, statutory release or long-term supervision that restricts their access to a person or geographical area or requires them to be in a geographical area.
A new PIA has been completed for a second pilot of EM in order to determine the extent to which the conclusions contained in the 2008 PIA are still valid and applicable and to identify the new privacy risks that may have to be addressed. Prior to any decision to fully implement EM, CSC will need to further examine the effectiveness and efficiency of EM as a supervision tool, as well as determining cost efficiency. It is anticipated that this second pilot will commence in early 2014.
Phase II will implement EM as a supervision tool in all five CSC regions in order to test the EM technology and functionality in various geographical areas.
At the end of the reporting period, there were four ongoing PIAs which are expected to be completed during the next reporting period.
CSC is among 10 federal departments that collect and handle the largest amount of personal information. Over the 2012-2013 reporting period, the ATIP Division processed 201 privacy breaches, a slight decrease from 2011-2012. However, it should be noted that most of the privacy breaches are low risk.
Although CSC continues to see a large number of privacy breaches, this can be attributed to the ongoing education regarding the importance of reporting privacy breaches. An ongoing component of our training includes a comprehensive section on privacy breaches and staff is continuously reminded of their obligations to safeguard and protect personal information and adopt privacy sensitive approaches in the workplace. ATIP continues to work with all liaisons on how to report on privacy breaches, implement corrective measures and prevent further privacy breaches, in order to cultivate a culture of awareness regarding the importance of safeguarding personal information.
CSC’s Privacy Breach Guidelines provide employees with direction on the department’s privacy breach reporting mechanism. This tool provides information on responsibilities, types of breaches, reporting and notification. In addition, the Guidelines provide information on how to conduct a Privacy Risk Assessment (PRA) at the operational level where the impact and the circumstances of the breaches are best known. This fiscal year, the Guidelines have been updated to include more information as to what constitutes a low, medium and high-level breach; the fact that CSC now reports all moderate and high-level breaches to the OPC and what is required when notifying them; additional information on notifying individuals that their personal information is breached and corrective measures; updated letters; and a more user-friendly PRA.
All breaches are reported to ATIP’s Policy and Training Unit which provides recommendations to staff on how to safeguard personal information, report breaches to the OPC if required, and monitors the breaches to ensure corrective measures are implemented to prevent a similar occurrence in the future. The unit also identifies areas which may require additional training on the protection of personal information and provided that training.
Delegation of Authority
The responsibilities associated with the administration of the Privacy Act, such as notifying applicants of extensions and transferring requests to other institutions, are delegated to the departmental ATIP Coordinator through a delegation instrument signed by the Minister of Public Safety. The approval of exemptions remains with the Director, the Deputy Directors as well as the Team Leaders. Delegation for public interest releases as well as research and statistics rests with the Commissioner, the Senior Deputy Commissioner and the Assistant Commissioner, Policy.
A detailed delegation instrument can be viewed in Appendix A.
Chapter II – Privacy Act Statistical Report and Supplementary Reporting Requirments for 2012-2013
See Appendix B for CSC’s Statistical Report on the Privacy Act.
Interpretation of the 2012-2013 Statistical Report
Requests received under the Privacy Act
In 2012-2013, CSC received 11,054 Privacy Act requests. A total of 4,063 requests were carried over from the previous reporting year, totaling 15,117 requests requiring processing in 2012-2013. In total, 990,926 pages were processed. In addition, the Division processed 1,438 informal requests totaling 91,496 pages for personal information relating to Indian and Residential School Settlements, harassment, and disciplinary investigation reports, as well as 52 consultations from other government institutions and 17 miscellaneous requests for personal information. Please refer to Appendix B for the Statistical Report.
Figure 1: Formal Requests and carried over
This graphs shows that in 2010-2011 there were 13,864 requests that required processing, in 2011-2012 there were 13,727 requests that required processing, and in 2012-2013, there were 15,117 requests that required processing.
Disposition of Requests
Of the 10,654 requests completed during the 2012-2013 reporting period, 1,099 requests were full disclosures, 4,461 were partial disclosures, 76 were withheld in their entirety, 3,883 were unable to process resulting from no records existing, and 1135 were abandoned by the applicant.
Figure 2: Disposition of Requests
This graph shows that of the 10,654 requests completed during the 2012-2013 reporting period, 1,099 requests were full disclosures, 4,461 were partial disclosures, 76 were withheld in their entirety, 3,883 were unable to process resulting from no records existing, and 1135 were abandoned by the applicant.
A breakdown of the exemptions applied during this reporting period is as follows:
|Exemption Description||Number of Times Applied|
|Obtained in Confidence||1421|
|International Affairs and Defence||5|
|Law Enforcement & Investigation||3719|
|Individuals Sentenced for an Offense||729|
|Safety of the Indivicuals||23|
|Information about Another Individual||4351|
|Information to be Published||0|
During the reporting period, CSC completed 4,484 requests in less than 30 days; 2,597 between 31 and 60 days; 1,364 requests between 61 to 120 days; and 2,209 were completed in over 121 days.
There are a significant number of informal requests processed by the ATIP Division. During the reporting period, 1,438 informal requests were completed. These include:
- releasing information through informal means where possible
- reviewing investigation reports, including fact-finding, harassment, disciplinary, and Board of Investigation reports
- processing requests from the province, including Coroners’ inquests and Crown Counsel reviews
- reviewing requests relating to the Indian Residential School Settlement claims
Method of Access
Where information was available for release, copies were provided in 5,560 cases which included paper copies, electronic, CDs and examination.
Corrections and Notations
CSC received a total of three requests for correction to personal information. A total of one correction was made. The remaining two were not made in accordance with the Privacy Act, but were dealt with pursuant to the Corrections & Conditional Release Act.
Consultations from Other Institutions
The ATIP Division’s workload involves responding to consultations in response to formal requests received by other institutions. CSC works closely with its partners under the Public Safety portfolio such as CBSA, RCMP, CSIS , PBC, OCI, as well as Citizenship and Immigration in order to respond to consultations in a timely fashion.
During the 2012-2013 reporting period, the ATIP Division received a total of 52 consultations from other institutions processing requests under the Privacy Act.
The following chart provides the type and number of consultations received over the 2012-2013 reporting year:
|Type of Consultation||Number of Consultations Received
|Other Government Institutions||43|
Suppliementary Reporting Requirements
Complaints and Investigations
Applicants have the right of complaint to the Office of the Privacy Commissioner (OPC) pursuant to the Privacy Act and may exercise this right at any time during the processing of their request. At the end of this reporting period, CSC received a total of 170 complaints and 152 findings were issued for these complaints.
The majority of the privacy complaints received during this reporting period concern denial of access, use and disclosure, and delay/time limit complaints. CSC processed 10,654 requests and received 170 complaints representing less than 2% of the requests processed by CSC.
The following chart provides a breakdown of the type of complaint made to the OPC:
|Type of Complaint||Received||Finding||Active|
|Use and Disclosure||42||36||47|
|Retention and Disposal||2||0||2|
Some key issues raised and subsequent actions taken as a result of the privacy complaints CSC received and the OPC’s investigations and recommendations during this reporting period are:
- A complaint was filed with the OPC concerning the improper disclosure of sensitive offender health information. As a result, the OPC recommended that CSC report all moderate and high level breaches to them and ensure that corrective measures are reported to the affected individuals, as appropriate. CSC has now updated its Breach Guidelines to reflect the requirement to report on all moderate and high level breaches to the OPC, as well as the notification letters.
- CSC has had difficulty providing personal information on audiotapes and videos in response to Privacy Act requests. The ATIP Division is in the process of purchasing software which will allow ATIP to vet documents in these formats, thereby eliminating a number of complaints on this issue.
- Over the past year, the OPC has provided our office with a number of recommendations concerning the management of privacy within the department. Subsequently, CSC’s Commissioner sent a Communiqué advising staff to respond to requests in a timely fashion, to collect all information responsive to requests and to retain personal information for a minimum retention period of two years. He further advised staff to report all Privacy Breaches, consult with the ATIP Division prior to starting any new programs that involve the collection, use or disclosure of personal information; and to follow sound information management practices.
Disclosure of Personal Information Pursuant to 8(2)
Subsection 8(2) of the Privacy Act states that “personal information under the control of a government institution may be disclosed” under certain specific circumstances without the consent of the individual.
The mandate of CSC requires that it routinely shares personal information with other areas of the Criminal Justice Community and Law Enforcement Agencies (which includes municipal, provincial, international, federal police forces or other law enforcement bodies) to ensure the offenders are appropriately managed in a safe, secure and humane environment and to ensure the safety of the offender, other offenders, staff and the community at large.
The following is a statistical breakdown of disclosures pursuant to 8(2) of the Privacy Act:
|8(2)(b)||Personal information may be disclosed “in accordance with any Act of Parliament or any regulation…that authorizes its disclosure.”||8|
|8(2)(c)||Personal information may be disclosed to comply “with a subpoena or warrant issued or order made by a court, a person or body with jurisdiction to compel the production of information” or to comply “with rules of court relating to the production of information.”||8|
|8(2)(d)||Personal information may be disclosed “to the Attorney General of Canada for use in legal proceedings involving the Crown in right of Canada or the Government of Canada.”||10|
|8(2)(e)||Personal information may be disclosed “to an investigative body […] for the purpose of enforcing any law of Canada or a province or carrying out a lawful investigation…”||70|
|8(2)(f)||Personal information may be disclosed “under an agreement or arrangement between the Government of Canada [...] and the government of a province [or territory] [...] for the purpose of administering or enforcing any law or carrying out a lawful investigation.”||454|
|8(2)(l)||Personal information may be disclosed “to any government institution for the purpose of locating an individual in order to collect a debt owing […] by that individual or make a payment owing to that individual…”||7|
|8(2)(m)||Personal information may be disclosed when “…it is in the public interest or (when) disclosure would clearly benefit the individual to whom the information relates.” This could include limited offender information related to Boards of Investigation, transfer dates, locations and medical information||3
Note: The Privacy Commissioner was notified prior to disclosure in all cases.
CSC was named as the respondent in two federal court reviews related to Privacy requests.
The ATIP Division expended a total of $3,206,686. Of this, $3,136,212 was in salary costs, plus an additional $21,015 in overtime. Operating costs totaled $49,459.
Appendix A – Privacy Act Delegation
The Minister of Public Safety, pursuant to section 73 of the Privacy Act, hereby designates the persons holding the positions set out in the schedule hereto to exercise the powers and perform the duties and functions of the Minister as the head of a government institution, that is, the Correctional Service of Canada, under the sections of the Act set out in the schedule opposite each position.
The dots (•) represent the person(s) designated to exercise the powers and perform the duties and functions of the Minister under the section(s) of the Act.
|Section||Action||Commissioner||Senior Deputy Commissioner||Assistant Commissioner Policy||Director ATIP||Deputy Director, ATIP||Team Leaders, ATIP||Regional Deputy Commi-ssioners||Wardens & District Directors|
|8(2)(j)||Disclose personal information for research purposes||•||•||•|
|8(2)(m)||Disclose personal information in the public interest or in the interest of the individual||•||•||•|
|8(4)||Retain copy of 8(2)(e) requests and disclosed records||•||•||•||•||•||•||•||•|
|8(5)||Notify Privacy Commissioner of 8(2)(m) disclosures||•||•||•|
|9(1)||Retain record of use||•||•||•||•||•||•||•||•|
|9(4)||Notify Privacy Commissioner of consistent use and amend index||•||•||•||•||•|
|10||Include personal information in personal information banks||•||•||•||•||•|
|14||Respond to request for access within 30 days; give access or give notice||•||•||•|
|15||Extend time limit for responding to request for access||•||•||•|
Decide whether to translate requested information
|18(2)||May refuse to disclose information contained in an exempt bank||•||•||•||•||•||•|
|19(1)||Shall refuse to disclose information obtained in confidence from another government||•||•||•||•||•||•|
|19(2)||May disclose any information referred to in 19(1) if the other government consents to the disclosure or makes the information public||•||•||•||•||•||•|
|20||May refuse to disclose information injurious to the conduct of federal-provincial affairs||•||•||•||•||•||•|
|21||May refuse to disclose information injurious to international affairs or defence||•||•||•||•||•||•|
|22||May refuse to disclose information prepared by an investigative body, information injurious to the enforcement of a law, or information injurious to the security of penal institutions||•||•||•||•||•||•|
|23||May refuse to disclose information prepared by an investigative body for security clearances||•||•||•||•||•||•|
|24||May refuse to disclose information collected by the Canadian Penitentiary Service, the National Parole Service or the National Parole Board while individual was under sentence if conditions in section are met||•||•||•||•||•||•|
|25||May refuse to disclose information which could threaten the safety of individuals||•||•||•||•||•||•|
|26||May refuse to disclose information about another individual, and shall refuse to disclose such information where disclosure is prohibited under Section 8||•||•||•||•||•||•|
|27||May refuse to disclose information subject to solicitor-client privilege||•||•||•||•||•||•|
|28||May refuse to disclose information relating to the individual's physical or mental health where disclosure is contrary to the best interests of the individual||•||•||•||•||•||•|
|31||Receive notice of investigation by the Privacy Commissioner||•||•||•||•||•||•||•||•|
|33(2)||Right to make representations to the Privacy Commissioner during an investigation||•||•||•||•||•||•||•||•|
|35(1)||Receive Privacy Commissioner's report of findings of the investigation and give notice of action taken||•||•||•||•||•||•||•||•|
|35(4)||Give complainant access to information after 35(1)(b) notice||•||•||•||•||•||•||•||•|
|36(3)||Receive Privacy Commissioner's report of findings of investigation of exempt bank||•||•||•||•||•||•||•||•|
|37(3)||Receive report of Privacy Commissioner's findings after compliance investigation||•||•||•||•||•||•||•||•|
|51(2)(b)||Request that Section 51 hearing be held in the National Capital Region||•||•||•||•||•|
|51(3)||Request and be given right to make representations in Section 51 hearings||•||•||•||•||•||•||•||•|
|72(1)||Prepare annual report to Parliament||•||•|
|77||Responsibilities conferred on the head of the institution by the regulations made under section 77 which are not included above||•||•||•||•||•||•||•||•|
Dated, at the City of Ottawa, this
3rd day of September, 2010
Original signed by The Honourable Vic Toews, P.C., M.P.
Minister of Public Safety
Appendix B – Statistical Report
The Treasury Board Secretariat mandates that a Statistical Report be generated every fiscal year and submitted along with each government institution’s Annual Report. The following tables represent the same information as described above.
Statistical Report on the Privacy Act
Name of Institution: Correctional Service Canada
Reporting Period: 2012-04-01 to 2013-03-31
PART 1 - Requests under the Privacy Act
|Number of Requests|
|Received during reporting period||11,054|
|Outstanding from previous reporting period||4,063|
|Closed during reporting period||10,654|
|Carried over to next reporting period||4,463|
PART 2 - Requests closed during the reporting period
2.1 Disposition and completion time
|Disposition of requests||Completion Time|
|1 to 15
|16 to 30
|31 to 60
|61 to 120
|121 to 180
|181 to 365
|Disclosed in part||18||1,071||1,568||694||245||434||431||4,461|
|No records exist||2,122||605||514||435||33||40||134||3,883|
2.4 Format of information released
|Disclosed in part||4,453||7||1|
2.5.1 Relevant pages processed and disclosed
|Disposition of requests||Number of pages processed||Number of pages disclosed||Number of requests|
|Disclosed in part||921,836||785,605||4,461|
2.5.2 Relevant pages processed and disclosed by size of requests
|Disposition||Less than 100
|More than 5000
|Number of requests||Pages disclosed||Number of requests||Pages disclosed||Number of requests||Pages disclosed||Number of requests||Pages disclosed||Number of requests||Pages disclosed|
|Disclosed in part||2,425||82,647||1,587||301,836||286||165,957||163||235,165||0||0|
2.5.3 Other complexities
|Disclosed in part||174||1||621||621||1,417|
2.6 Deemed refusals
2.6.1 Reasons for not meeting statutory deadline
|Number of requests closed past the statutory deadline||Principal Reason|
|Workload||External consultation||Internal consultation||Other|
2.6.2 Number of days past deadline
|Number of days past deadline||Number of requests
past deadline where
no extension was taken
|Number of requests
past deadline where
an extension was taken
|1 to 15 days||600||231||831|
|16 to 30 days||376||122||498|
|31 to 60 days||503||165||668|
|61 to 120 days||455||154||609|
|121 to 180 days||112||153||265|
|181 to 365 days||232||223||455|
|More than 365 days||484||744||1,228|
2.7 Requests for translation
|English to French||0||0||0|
|French to English||0||0||0|
PART 3 - Disclosures under subsection 8(2)
|Paragraph 8(2)(e)||Paragraph 8(2)(m)||Total|
PART 4 - Requests for correction of personnal information and notations
|Requests for correction received||3|
|Requests for correction accepted||1|
|Requests for correction refused||0|
PART 5 - Extensions
5.1 Reasons for extensions and disposition of requests
|Disposition of requests where an extension was taken||15(a)(i)
Interference with operations
Translation or conversion
|Disclosed in part||2,274||0||30||0|
|No records exist||208||0||1||0|
5.2 Length of extensions
|Length of extensions||15(a)(i)
|1 to 15 days||0||0||0||0|
|16 to 30 days||3,456||0||47||0|
PART 6 - Consultations received from other institutions and organizations
6.1 Consultations received from other institutions and organizations
|Consultations||Other government institutions||Number of pages to review||Other organizations||Number of pages to review|
|Received during reporting period||43||1,912||9||299|
|Outstanding from the previous reporting period||3||118||0||0|
|Closed during the reporting period||45||2,030||9||299|
|Pending at the end of the reporting period||1||0||0||0|
6.2 Recommendations and completion time for consultations received from other government institutions
|Recommendation||Number of days required to complete consultation requests|
|1 to 15 days||16 to 30 days||31 to 60 days||61 to 120 days||121 to 180 days||181 to 365 days||More than 365 days||Total|
|Disclose in part||24||3||0||0||0||0||0||27|
|Consult other institution||0||0||0||0||0||0||0||0|
6.3 Recommendations and completion time for consultations received from other organizations
|Recommendation||Number of days required to complete consultation requests|
|1 to 15 days||16 to 30 days||31 to 60 days||61 to 120 days||121 to 180 days||181 to 365 days||More than 365 days||Total|
|Disclose in part||2||0||1||0||0||0||0||3|
|Consult other institution||1||0||0||0||0||0||0||1|
PART 7 - Completion time of consultations on Cabinet confidences
|Number of days||Number of responses received||Number of responses past deadline|
|1 to 15||0||0|
|16 to 30||0||0|
|31 to 60||0||0|
|61 to 120||0||0|
|121 to 180||0||0|
|181 to 365||0||0|
|More than 365||0||0|
PART 8 - Resources related to the Privacy Act
|Goods and Services||$49,459|
8.2 Human Resources
|Resources||Dedicated full-time||Dedicated part-time||Total|
|Part-time and casual employees||8.00||0.00||8.00|
|Consultants and agency personnel||0.00||0.00||0.00|
- Date modified :