Sample Privacy Impact Assessment - DRAFT version

This sample privacy impact assessment (PIA) works with the PIA Guidelines to help you understand how to answer the questions on the General PIA template.

Download the PIA template (Word, 233 KB) and read it over to get acquainted with the questions.

Read more about the PIA review process and principles for protecting privacy.

Part 1 - General Information

The Pet Registries Branch in the Ministry of Cats is introducing a new system of to register cat owners in B.C. and provide a one-time Adopt-a-Cat benefit. When new can owners register their cats, the ministry pays the one-time benefit. New cat owners can register online or over the phone and their information is stored in a database. New registrations will be cross-referenced with information already in the database to make sure each individual receives the benefit only one time. The cat owner database is stored on government servers and and receives technical support from Cat Databases International in Sweden. Cat Databases employees may occasionally view personal information in the course of providing maintenance or technical support for the database.

 

Question 2 - Scope of the PIA

This PIA covers collecting information from cat owners, storing the information in the cat owner database and determining who is eligible for the cat benefit. This PIA does not cover the payout of the adopt-a-cat benefit.

Question 3

We will be collecting, using and storing personal information from the cat owner, including but not limited to

  • the name of the cat owner
  • cat owner's address, phone number and email address
  • record of receipt of the benefit

Question 3.1

Yes, we are collecting personal information

In the Cat Registries example, the PIA drafter would skip this question because the example initiative involves personal information.

Examples for initiatives that do not involve personal information include:

  • There is a risk that survey participants will provide their own personal information, or personal information belonging to others, in their answers. We will remind participants not to give personal information in their answers.
  • We are asking for public opinions through online engagement and there is a risk that individuals will include personal information when they respond. We will post a notice at the top of our engagement forum asking people to avoid giving us personal information.

 

If your initiative does not involve personal information and you have completed Part 1 of the template, you can submit your PIA to your MPO now. You're done!

 Part 2 - Protection of Personal Information

The Cat Registries example answer would be 'No, we are not using a cloud-based solution,' because the program area purchased a database to use.

Question 5.1 

This is a yes or no question. If you do not have consent, you need to talk to your MPO and complete the Cloud Supplement to the PIA.

Call the Privacy and Access Helpline at 250 356-1851 or email Privacy.Helpline@gov.bc.ca or contact your MPO if you need help figuring out whether you are using a cloud-based solution.

 

Question 6 - Storing Personal Information

Question 6.1 

Storage: Yes

Access: No

Personal information is entered into a database that is stored on B.C. government servers. Technical support and maintenance is provided by employees of Cat Databases International in Sweden. Employees in Sweden may occasionally access personal information in the course of providing maintenance or technical support for the database. 

Question 6.2 

We are relying on FOIPPA section 30.1 (b) - stored or accessed from another jurisdiction for the purpose of disclosure allowed under this Act

  • Our disclosure authority is FOIPPA section 33.1 (1) (p) (i) - the disclosure is necessary for...maintaining, repairing, trouble-shooting or upgrading an electronic system

Remember that this is just an example. You have to determine which of the conditions laid out in FOIPPA section 30.1 applies to your initiative. If your initiative does not meet one of the conditions, you must store and access personal information only in Canada. For help deciding whether your initiative meets one of the conditions of FOIPPA section 30.1, talk to your MPO, call the Privacy Helpline at 250 356-1851 or email Privacy.Helpline@gov.bc.ca.

 

Question 7 - Collection, Use and Disclosure

You fill out column one. Depending on how you work with your MPO, you can choose to complete the other columns as well.

Collection, Use and Disclosure
Use this column to describe the way personal information moves through your initiative step by step as if you were explaining it to someone who does not know about your initiative.

MPO fills in

collection, use, disclosure

MPO fills in

FOIPPA authority

MPO fills in

other legal authority

Step 1: The new cat owner registers for the benefit by emailing or telephoning the Cat Registries Branch with their name, address, telephone number or email address and the name and date of birth of the cat.      
Step 2: The intake analyst enters the cat owner's information into the database.      
Step 3: The intake analyst sends an email to the cat owner to confirm receipt of their information.      
Step 4: The intake analyst cross-references the cat owner's information with other database entries to make sure the owner hasn't registered before.      
Step 5: The intake analyst provides the name and contact information for all new owners to a benefits analyst to arrange the payment.      
Step 6: The benefits analyst notifies the cat owner that they are eligible or ineligible for the Adopt-A-Cat benefit by sending a letter to the cat owner.      

We are collecting your personal information to determine your eligibility for the Cat Adoption Benefit. If you have questions about our collection of your information, please contact 

Manager, Cat Acquisitions

Ministry of Cats

PO Box 00000 Stn 000

Privacy Town V0P 0M0

Phone 250-123-4567 or email Manager@CatAcqusitions.ca

We collect your personal information under section 26 (c) and (e) of the Freedom of Information and Protection of Privacy Act.

 

 Part 3 - Security of Personal Information

Question 9
Yes, we are using a database

Question 9.1

Yes, we are working on a security threat risk assessment with our Ministry Information Security Officer.

The drafter of the cat example would skip this question because they are working on a STRA. Here are sample answers for initiatives that store their records somewhere other than in a government building with government security.

Question 10.1

  • We keep records in a locked filing cabinet
  • A keycard is required to access the room that holds the servers
  • Proof of identity is required to access records 
  • A security guard patrols the building
  • Access to the building is restricted and you must show proof of identity to enter

The drafter of the cat example would skip this question because they are working on a STRA. Here are sample answers for initiatives that store their records somewhere other than on the government servers located in Kamloops and Calgary.

Question 11.1

  • Records are encrypted
  • Laptops are password protected
  • Firewalls protect the network
  • We use secure, private networks to store and exchange information
 

Question 12 - Controlling and Tracking Access

Controlling and Tracking Access
Strategy  
We only allow employees in certain roles access to information X
Employees that need standing or recurring access to personal information must be approved by executive lead X
We use audit logs to see who accesses a file and when X
Describe any additional controls:
Employees must record the date and time when they access the filing cabinet where personal information is stored

 

Part 4 - Accuracy, Correction and Retention

 

Question 13 - Requests for Correction

If you answer no to any of these questions, your initiative may not comply with FOIPPA section 29.

Question 13.1

Yes

Question 13.2

Yes

Question 13.3

Yes

Question 13.4

Yes, we will use personal information to determine whether the person is eligible to receive the Adopt-A-Cat Benefit.

We check the cat adopter's name and address and the cat's name and birthdate against other entries in our database to make sure that this is the first time the person has registered for the benefit. If the cat adopter has registered with us in the past for a different cat, they are not eligible to receive the benefit.

Question 14.1

We confirm the cat owner's information upon receipt. We also check the database to make sure the cat owner has not registered with us previously.

Question 14.2

No, we do not have a current information schedule for our branch.

Question 14.3

Whether the cat owner is determined to be eligible or ineligible for the Adopt-A-Cat Benefit, we keep their information in the database for a five-year period.

 

Part 5 - Agreements and Information Banks

 

Question 15 - Sharing Personal Information

This is a yes or no question. If you answer yes, complete the Information Sharing Agreement Supplement.

 

Question 16 - Research Agreements

This is a yes or no question. If you answer yes, complete the Research Agreement Supplement.

 

Question 17 - Personal Information Bank

Yes, the initiative will result in a personal information bank because we will be storing personal information in the database.

Personal Information Banks
Describe the type of information in the bank:

Name, address and phone number or email for the cat owner

Cat's name and date of birth

If the person has already received the Adopt-A-Cat Benefit, the date and amount of the payment

Name of main ministry or agency involved:
Ministry of Cats
Any other ministries, agencies, public bodies or organizations involved:
None at this time but in the future our database may be expanded to contain information about fish owners that is currently managed by the Ministry of Pets In Bowls. We will submit an initiative update at that time.
Business contact title and phone number for person responsible for managing the PIB:

Manager, Cat Acquisitions

Ministry of Cats

PO Box 00000 Stn 000

Privacy Town V0P 0M0

Phone 250-123-4567 or email Manager@CatAcqusitions.ca

 

Part 6 - Additional Risks

 

Question 18 - Risk Response

Additional Risks
Possible risk Response
Risk 1: There is a risk that technical support staff at Cat Databases International may access personal information for reasons other than providing technical support. Our contract with Cat Databases International has clause that says access to the database must be for technical support and maintenance only. Access is limited to two staff members and access is logged so we can track who accesses the information and when. Cat Databases employees take mandatory privacy training.
Risk 2: There is a risk that employees of the Cat Registries Branch will access or use personal information stored in the database. Cat Registries Branch employees take mandatory privacy training when they join the branch and update their training every 3 years. Only employees who work on the project are able to use the database and access is through a unique access code.
Risk 3: We store personal information in the database for a 5-year period to make sure individuals do not reapply for the benefit. Storing personal information for long periods of time increases the risk of an information incident. Cat Registries Branch employees receive privacy training upon joining the branch and take a refresher course every 3 years. We have built privacy and security protections into the initiative through training and access control and tracking and are satisfied that the risk of an information incident is low.