Privacy Impact Assessment (PIA) - Paperless Hearing Initiative

Privacy Impact Assessment

Contents

Section I – Overview and Privacy Impact Assessment (PIA) Initiation

Government Institution

The Veterans Review and Appeal Board (VRAB, the Board)

The Veterans Review and Appeal Board's program delivers the independent review and appeal process for disability pension and disability award decisions made by Veterans Affairs Canada. It provides two levels of appeal for Veterans, Canadian Armed Forces members, Royal Canadian Mounted Police applicants, and their families who are dissatisfied with their disability pension, disability award, and critical injury benefit decisions. The Board conducts hearings and issues written decisions. The Board's other key functions include hearing reviews and appeals of special award decisions made by Veterans Affairs Canada relating to attendance allowances, exceptional incapacity allowances and clothing allowances; hearing the final level of appeal for War Veterans Allowance decisions; and adjudicating compassionate award applications.

This report presents the findings of the PIA on the paperless hearing initiative. A description of the initiative appears below.

Delegate for section 10 of the Privacy Act

Karen Rowell

ATIP Coordinator

Government Official responsible for initiative

Kathy Stewart

Chief, VRAB Information Technology

Description of the initiative

One of the Board’s strategic priorities is to focus on improving electronic access to hearing information for members and representatives. Early in 2015, a project team was tasked with researching, refining, developing and implementing elements that would provide Board members with digital information and equipment necessary to conduct hearings without paper documentation. One of the goals of the team is to use technology and other means to reduce time and money spent mailing documents between members, hearing locations and head office as well as reducing environmental impacts by using less paper

Legal authority

Under the Veterans Review and Appeal Board Act (VRAB Act), the Board has exclusive jurisdiction to hear reviews and appeals that may be made under the Pension Act, the Veterans Well-being Act – Part 3 and the War Veterans Allowance Act.

The Board also adjudicates duty-related pension applications under the authority of the Royal Canadian Mounted Police Pension Continuation Act and the Royal Canadian Mounted Police Superannuation Act.

Personal Information Bank (PIB)

Activities associated with the administration of the Board’s Appeal program which use personal information are captured in VRAB’s Institutional-specific PIB – VRAB PPU 080 – Reviews, Appeals and Compassionate Awards (registration number 003480). There will be no modifications made to this PIB as a result of this initiative.

Definitions

Definitions to be used in the interpretation of this privacy impact assessment are attached in Appendix A

Acronyms

Acronyms used throughout this privacy impact assessment are attached in Appendix B.

Participants

The list of participants who contributed to the development of this PIA are attached in Appendix C.

Section II – Risk Area Identification and Categorization

The Directive on Privacy Impact Assessment – Appendix C – outlines the requirements and minimal content for a PIA. It identifies standardized risk areas and a common risk scale to use as the basis for risk analysis. This ensures consistent risk categorization and risk management across government.

This methodology is used to highlight program characteristics which may affect the privacy of an individual. This approach is not intended to determine the precise nature of privacy risks but rather the overall level of risk associated with the initiative.

Risk Area Identification

The numbered risk scale is presented in an ascending order: the first level (1) represents the lowest level of potential risk for the risk area; the fourth level (4) represents the highest level of potential risk for the given risk area
 

Type of program or activity

Administration of activity

Risk Scale

2

Type of personal information involved and context

Social Insurance Number, medical, financial or other sensitive personal information or the context surrounding the personal information is sensitive; personal information of minors or of legally incompetent individuals or involving a representative acting on behalf of the individual.

Risk Scale

3

Program or activity partners and private sector involvement

With another government institution

Risk Scale

2

Duration of the program or activity

Long-term activity

Risk Scale

3

Program population

The program's use of personal information for external administrative purposes affects certain individuals.

 

Risk Scale

3

Technology and privacy

Does the new or substantially modified program or activity involve implementation of a new electronic system or the use of a new application or software, including collaborative software (or groupware), to support the program or activity in terms of the creation, collection or handling of personal information?

Does the new or substantially modified program or activity require any modifications to information technology (IT) legacy systems?

No

Specific technological issues and privacy

  • Does the new or substantially modified program or activity involve implementation of new technologies or one or more of the following activities:
    • enhanced identification methods;
    • surveillance; or
    • automated personal information analysis personal information matching and knowledge discovery techniques?
No

Personal information transmission

The personal information is transferred to a portable device or is printed.

Risk Scale

3

Impact on Individuals or Employees in the Event of a Privacy Breach

In the event of any privacy breach, there would be some impact on the individual or employee. That impact is reduced by: 

  • Reducing the risk of breaches within the institution.
  • Discovering breaches quickly.
  • Training staff on how to respond to breaches.

Ensuring that the information, in the event of a breach, has a narrow distribution.

Risk Scale

2

(high impact / low probability)

Institutional Impact in the Event of a Privacy Breach

In the event of any privacy breach, there would be some impact on the institution’s credibility and on the trust in its privacy practices

 

Risk Scale

2

(high impact / low probability)

Categorization

The majority of the risk areas identified above are considered low-moderate to moderate risks (level 2 or 3). See Appendix D for risk categorization.

The risk areas identified as level 3, or moderate, are related to (a) the type of personal information involved, (b) the duration of the activity, (c) the program population, and (d) the transmission of personal information. As explained below, these risk areas cannot be lowered.

  1. The Board requires the type of personal information identified in the table above in order to effectively adjudicate disability applications at review and appeal, which is the Board’s program.
  2. As improving electronic access to hearing information for members is one of the Board’s strategic priorities, the paperless hearing initiative will be a long-term activity.
  3. Veterans Affairs Canada administers the payment of benefits and determines eligibility of benefits under its programs.
  4. Finally, the members must download the documents related to the reviews and appeals they will be adjudicating in order to assist them in performing this function.

Overall, the risk areas identified fall in the low to moderate risk range. Key risks and potential privacy impacts are detailed in Section V of this report (privacy compliance analysis). Section VI provides a summary of recommendations and action items.

Section III – Analysis of Personal Information Elements for the Paperless Hearing Initiative

The following personal information may be collected, used, disclosed or retained by the Board. It may be disclosed between VRAB staff and members in electronic format as part of the paperless hearing initiative.

Personal Information

Purpose Collected From/By To be Used For/By

Retention

Applicants’/ Appellants’ full name (first name, middle name(s), last name)

To identify applicants/appellants

Collected from an automated batch process managed by the RDB; collected from VAC (HO file, CSDN)

To be used by VRAB staff and members in the preparation / adjudication of reviews and appeals
 

As prescribed by Library and Archives Canada and in accordance with the minimum and maximum retention periods established by the Board. Information no longer required may be destroyed or rendered anonymous.

Identification numbers (e.g. Head Office file number, Service number, SIN)

To identify applicants/appellants Collected from an automated batch process managed by the RDB; collected from VAC (HO file, CSDN) To be used by VRAB staff and members in the preparation / adjudication of reviews and appeals

As prescribed by Library and Archives Canada and in accordance with the minimum and maximum retention periods established by the Board. Information no longer required may be destroyed or rendered anonymous.


 
Contact information (e.g. address – street name, street number, city, province, postal code; telephone number(s)

 

To identify applicants/ appellants


 

Collected from an automated batch process managed by the RDB; collected from VAC (HO file, CSDN)


 
To be used by VRAB staff and members in the preparation / adjudication of reviews and appeals; to be used by VRAB staff to communicate with applicants / appellants
 

As prescribed by Library and Archives Canada and in accordance with the minimum and maximum retention periods established by the Board. Information no longer required may be destroyed or rendered anonymous.

Medical history (e.g. medical conditions of the individual, doctors’ reports, doctors’ notes, prior disability decisions, testimony)
 
To provide supporting documentation for the adjudication of reviews and appeals
 
Collected from an automated batch process managed by the RDB; collected from VAC (HO file, CSDN); collected directly from the individual
 
To be used by VRAB staff and members in the preparation / adjudication of reviews and appeals

As prescribed by Library and Archives Canada and in accordance with the minimum and maximum retention periods established by the Board. Information no longer required may be destroyed or rendered anonymous.

Information relating to
the race, national or ethnic origin, colour,
religion, age (e.g. date of birth) or marital status of the individual
 
To provide information for the adjudication of reviews and appeals; some information may simply be contained in the documents and will not be used. Collected from an automated batch process managed by the RDB; collected from VAC (HO file, CSDN); collected directly from the individual
 
To be used by VRAB staff and members in the preparation / adjudication of reviews and appeals

As prescribed by Library and Archives Canada and in accordance with the minimum and maximum retention periods established by the Board. Information no longer required may be destroyed or rendered anonymous.

Educational / Employment / Financial history To provide supporting documentation for the adjudication of reviews and appeals
 
Collected from VAC (HO file, CSDN)
 
To be used by VRAB staff and members in the preparation / adjudication of reviews and appeals As prescribed by Library and Archives Canada and in accordance with the minimum and maximum retention periods established by the Board. Information no longer required may be destroyed or rendered anonymous.
Personal opinions or views To provide supporting documentation for the adjudication of reviews and appeals
 
Collected from VAC (HO file, CSDN); collected directly from the individual
 
To be used by VRAB staff and members in the preparation / adjudication of reviews and appeals As prescribed by Library and Archives Canada and in accordance with the minimum and maximum retention periods established by the Board. Information no longer required may be destroyed or rendered anonymous.
Correspondence sent to VRAB/VAC regarding disability applications and replies to such
correspondence (e.g. letters, email, decision documents, CSDN client notes)
 
To provide supporting documentation for the adjudication of reviews and appeals
 
Collected from VRAB/VAC (HO file, CSDN) To be used by VRAB staff and members in the preparation / adjudication of reviews and appeals As prescribed by Library and Archives Canada and in accordance with the minimum and maximum retention periods established by the Board. Information no longer required may be destroyed or rendered anonymous.
Views or opinions of another individual about the individual (e.g. medical opinion, witness statements)
 
To provide information relevant to the adjudication of reviews and appeals
 
Collected from VAC (HO file, CSDN); collected from the individual’s representative; collected directly from other individual
 
To be used by VRAB staff and members in the preparation / adjudication of reviews and appeals As prescribed by Library and Archives Canada and in accordance with the minimum and maximum retention periods established by the Board. Information no longer required may be destroyed or rendered anonymous.

Section IV – Data Flow and Business Process Diagram

This analysis is being conducted from the point when the sessions list will be generated up until a decision is finalized.

Roles and Responsibilities of Stakeholders:

PRE-HEARING OFFICER (PR-HO): Retrieve electronic sessions list from the Reporting Database (RDB) portal and email to Members via the VRAB Scheduling Outlook resource.

MEMBER: Retrieve and download from the VSA to their tablet copies of the documents relevant to the cases they will be hearing. After the decisions are finalized, they will delete the copies from their tablet, and manage their Outlook email account by deleting transitory emails.

POST-HEARING OFFICER (PO-HO): Manage the VRAB Inventory Desk Outlook resource by uploading electronic evidence to the VSA, moving draft decisions to the post-hearing shared folder, and uploading signed finalized decisions to the VSA. Delete transitory emails and attachments from Outlook.

QUALITY MANAGEMENT ANALYST (QM): Retrieve and prepare decisions to upload to the VSA. Manage the VRAB Quality Management Outlook resource and the post-hearing secured shared folder. Delete transitory emails from Outlook and draft decisions from the secured shared folder.

Data Flow

Pre-Hearing

Once a quorum has been assigned to hear cases in a specific hearing location, the PR-HO will retrieve an electronic sessions list which comes from an automated batch process managed by the RDB. This list will be used to determine which clients’ claims will be heard during a particular hearing week. Members will be provided with a copy of the sessions list for hearings they are assigned to via the VRAB Scheduling Outlook resource. Based on this information, members will login to the VSA by connecting their Surface Pro tablets to the VRAB server via a secure network or through VPN. This will allow members to download the information they require to adjudicate the claim and proceed with the hearing. This information includes the statement of case (SOC) and the Case Analysis Report (CAR), if it exists.

Any evidence that will be used to support a claim is sent by email to the VRAB Inventory Outlook resource and the panel members prior to the hearing. The electronic evidence is then uploaded to the VSA by the PO-HO.

Reports have been created and/or modified in VSA that will allow members and staff to determine and monitor their work without being dependent upon the receipt of a paper docket.

Post-Hearing

A new decision template containing the Reasons for Awarding has been developed. The new template will allow members to fill it out by using either a stylus or typing the information directly into the template.

Members will either type their decisions or use Windows Speech Notes to create an electronic version. Once a member has drafted a decision, the member will email a copy of the decision to the VRAB Inventory Desk Outlook resource. The PO-HO will move the document into a secure shared folder accessible to Quality Management Analysts (QM) for the preparation and review of the decision document. After the decision is prepared, it will be uploaded to VSA as a draft decision.

Communications between the writing member and QM will take place using the VRAB Quality Management Outlook resource and the draft decision in VSA will be updated to reflect changes. When the member indicates to QM that the decision is ready to be signed, QM will prepare the approved decision document for electronic signature. The member will access the VSA by connecting their Surface Pro tablet to the VRAB server via a secure network or through VPN. This will allow the member to run a report to identify cases ready for signature. The member will download a copy of the decision to their Surface Pro tablet and sign the decision using the stylus. The member will then email the signed copy of the decision to the VRAB Inventory Outlook resource. The PO-HO will upload the signed decision to the VSA.

In addition to the tasks currently performed by the PO-HO when finalizing a decision, the PO-HO will delete the transitory documents from the VRAB Inventory Desk Outlook resource and the VSA.

Tracking of the claim will continue to take place in both CSDN and VSA and no significant changes have been made to the tracking process. The QM unit will use existing CSDN and VSA reports to determine workload and to manage service standards. They will also manage the post-hearing secured shared folder and the VRAB Quality Management Outlook resource.

Members will be responsible for managing the transitory documents on their Surface Pro tablets by deleting the copies of SOCs, CARs, electronic evidence and decisions and clearing their email in Outlook.

Occasionally, the flow of personal information outlined above may be interrupted. A hearing can be adjourned or may not even take place as the hearing schedule is subject to change up until the last moment. The notification/tracking process for either of those situations will not be affected by this new initiative. When a case is adjourned, the Scheduling Officer will update the claim as adjourned in CSDN and add tracking to this effect in VSA.

Business Process Diagram

Business Process Diagram

Section V – Privacy Compliance Analysis

The following privacy compliance analysis highlights key privacy impacts associated with the paperless hearing initiative.

Collection authority (section 4 of the Privacy Act)

Section 4 of the Privacy Act prohibits a government institution from collecting personal information of an individual except where it relates directly to an operating program or activity of that institution. Government institutions must therefore limit their collection of personal information to that which is demonstrably necessary – not just useful – and strictly abide by any statutory prohibitions precluding the collection of personal information.

The VRAB Act and Regulations authorize the Board to collect personal information that relates directly to the review and appeal process for disability pensions and awards.

Section 15 of the VRAB Act states that “the Board may inspect the records of the Department of Veterans Affairs and all material relating to any proceeding before the Board”.

Subsection 5(1) of the VRAB Regulations authorizes the Board to retrieve any relevant material from the Department of Veterans Affairs when an application for review, appeal, or reconsideration is received.

In the rare event that a case is adjourned to obtain an independent medical opinion, subsection 38(1) of the VRAB Act authorizes the Board to do so.

There is no new collection of personal information taking place as part of the paperless hearing process. However, the amount of personal information contained in the session list needs to be reviewed for necessity.

Direct collection, notification and consent, as appropriate (section 5 of the Privacy Act)

Subsection 5(1) of the Privacy Act states that where possible, a government institution must collect personal information that is intended for administrative purposes directly from the individual to whom it relates except where the individual authorizes otherwise or as provided for by law.

Subsection 5(2) of the Privacy Act requires that a government institution inform individuals from whom it intends to collect personal information the purposes for which that information is to be collected.

In accordance with paragraph 5(2)(a) of the VRAB Regulations, the Board notifies applicants/appellants of its receipt of the material from the Department of Veterans Affairs’ records upon receipt of an application for review, appeal, or reconsideration.

In addition to the Board collecting records from the Department (subsection 5(1) of the VRAB Regulations), an applicant/his representative may submit information at the time of the hearing to support the claim for disability benefits. Applicants are notified that review hearings are recorded.

When applicants do not attend their review hearings in person, they complete and sign a Consent and Waiver for Teleconference or in Absentia Hearing form – VRAB form 46 – in advance of the hearing. This form authorizes the Board to proceed with the hearing in their absence or by way of teleconference.

In the rare event that a case is adjourned to obtain an independent medical opinion, the applicant/appellant will sign an Authority to Release Personal Information form – VRAB form 40 – authorizing the Board to release his personal information to the doctor.

Once again, the paperless hearing initiative is not changing the way in which the Board collects applicants’/appellants’ personal information, notifies them of such collection, or obtains their consent in support of the review/appeal program.
 

Retention and Disposal (section 6 of the Privacy Act)

Subsection 6(1) of the Privacy Act prescribes that personal information used by a government institution for an administrative purpose be retained by the government institution for such a period so as to allow the individual to whom it belongs a reasonable opportunity to obtain access to that information.

Subsection 6(3) of the Privacy Act requires that the ultimate disposal of personal information under the control of a government institution be performed securely, and in accordance with the record disposition authorities of Library and Archives Canada.

The records that will be used in the paperless hearing initiative will be copies of records or transitory documents, all of which will be disposed of when the decision is finalized. This initiative is merely a way for VRAB staff to share copies of documents with members (and vice versa) without the need for paper.

The official SOC as well as the final decision document will continue to be retained on the clients’ electronic files (i.e. CSDN and VSA).

Members’ notes and CARs are considered transitory documents that form part of the deliberative process (paragraph 22(1)(b) of the Privacy Act). They are subject to deliberative privilege and will continue to be destroyed upon the finalization of the decision.

Sessions lists and the Reasons for Awarding are considered transitory information as they are only required for a limited period of time in order to complete a routine action. The list will be shared with the panel members and deleted at the end of the process. Data contained in the Reasons for Awarding will be entered into CSDN for tracking and statistical purposes.

Exact processes and procedures, including roles and responsibilities, will need to be developed and documented for affected units as staff will become responsible for deleting from the shared folder as well as the emails that will have been exchanged with members in the hearing process on a regular basis.

Procedures will need to be shared with members to instruct them on the deletion of the transitory documents from their tablets and of the emails in Outlook. Some members have been provided with printers for their home offices. As the onus will be on the members to delete these transitory records and safely dispose of paper copies, a monitoring process should be developed and put into practice.

Accuracy (section 6(2) of the Privacy Act)

Subsection 6(2) of the Privacy Act requires that government institutions take reasonable steps to ensure that personal information that is to be used for administrative purposes remain as accurate, up-to-date, and complete as possible.

VRAB follows the TBS Directive on Personal Information Requests and Correction of Personal Information and subsection 11(2) of the Privacy Regulations.

VRAB members will refer to the sessions list to determine which clients’ cases will be heard during a particular week and retrieve the required documents for the preparation of cases. Amendments will continue to be made as needed to any of the documents being shared with the members to ensure the members have the most accurate documentation available to them. VRAB staff and members will be able to tell the date a document was uploaded to the VSA.

Procedures will need to be developed and documented to ensure that members and affected staff are notified when amendments are made to documents that will already have been uploaded to the VSA to ensure that members and staff are working from the most accurate, up-to-date, and complete versions.

Use (section 7 of the Privacy Act)

 

Section 7 of the Privacy Act states that personal information under the control of a government institution shall not be used for purposes other than that for which it was collected (or for a use consistent with that purpose), except with the individual’s consent (or as provided for by law). The VRAB Act (section 15) and Regulations (subsection 5(1)) authorize the Board to collect personal information that relates directly to the review and appeal process for disability pensions and awards.

Applicants’/appellants’ personal information that is being shared between VRAB staff and members as part of the paperless hearing initiative will be used to hear, determine, and process all applications for review, appeal, and reconsideration which is the purpose the information was obtained or compiled.

A reasonable person would consider the use of the information appropriate.

Disclosure (section 8 of the Privacy Act)

Subsection 8(1) of the Privacy Act states that information under the control of a government institution shall not, without the consent of the individual to whom it relates, be disclosed by the institution, except as provided for in subsection 8(2).

Personal information, as part of the paperless hearing initiative, will be disclosed to Board staff and members who will be working on the cases before the Board. By way of making an application to the Board for a review, appeal, or a reconsideration, an applicant/appellant is consenting to the Board disclosing relevant personal information to those whose duties require them to know the information. This would fall under paragraph 8(2)(a) of the Privacy Act (for the purpose for which the information was obtained or compiled).

Personal information is disclosed to applicants’/appellants’ representatives to whom they have consented its release. In the rare event that a case is adjourned to obtain an independent medical opinion, personal information is also disclosed to the doctor to whom the applicant has consented its release.

Personal information will continue to be disclosed to the individuals listed above and will not be impacted by this initiative.

Safeguards

Technical safeguards:
Only VRAB employees have access to the VRAB server. The shared folder will be housed on the VRAB server and will have limited access rights. The tablets that will be used by members to retrieve the SOCs will be password protected and all information stored on them will be fully encrypted. This is in accordance with the TBS Information Technology Policy Implementation Notice (ITPIN) Secure use of portable data storage devices within the Government of Canada.

Emails generated as part of the paperless hearing initiative will all be sent from and received through the Board’s government-issued Outlook email accounts within VRAB’s secure network. However, there is an increase risk with global addresses within Outlook that an email could be sent to the wrong recipient causing a privacy breach. Outlook resources should be used for all two way communications.
Physical safeguards:
All tablets are stored in locked carrying cases when the members are travelling. This is in accordance with the TBS Operational Security Standard on Physical Security and the Royal Canadian Mounted Police (RCMP) guides G1-001 - Security Equipment Guide and G1-009 - Transport and Transmittal of Protected and Classified Information.

Therefore, the Board opted not to conduct a Threat Risk Assessment for the paperless hearing initiative. However, the Board should ensure that members are still using locked briefcases at all times.
Administrative safeguards:
Paper documentation is and will be used in some cases for submitting evidence. In the current paper process the documentation is contained within highly visible, coloured card stock docket covers.

As docket covers will no longer be needed in the paperless process, the administrative change away from using docket covers could cause an increased risk of misplacing documents which could result in privacy breaches.

Technology and privacy issues

There will be no changes to the business requirements that have an impact on the system, software or program application.

The current IT legacy systems and services that will be retained are compliant with privacy requirements. PIAs have been conducted for both the CSDN and the VSA. All new staff and members attend a training session given by the Board’s ATIP unit in which they are provided with guidance on the appropriate use and protection of personal information, steps to take if a privacy breach occurs, and their obligations under the Access to Information Act and the Privacy Act.

Additionally, the Board promotes the importance of protecting personal information annually during Privacy Month. Memos, posters, and email tips foster a privacy culture at the Board and ensure continual awareness of employees’ roles and responsibilities when handling, protecting, and disposing of information.

Section VI – Summary of Analysis and Recommendations

This section summarizes the substantive privacy considerations emanating from this PIA and sets out recommendations for an action plan.

Area Collection
Issue Sessions lists contain several more elements of personal information than seem necessary.
Name, DOB, address, phone number, condition, service, file number
Is each element truly required for the list, not just useful?
Recommendations

Conduct a necessity test for collection on the sessions list criteria to determine whether certain elements of personal information can be removed.

Remove the elements of personal information that are not necessary.

Target Date January 31, 2019
Residual Risk Low
Area Retention and Disposal
Issue VRAB staff and members need to know their roles and responsibilities with regards to retention and disposal of the documents and emails used as part of the paperless hearing initiative.
 
Recommendations Exact processes and procedures, including roles and responsibilities, will need to be developed and documented for affected units and members.
▪ Staff will become responsible for deleting from the post-hearing shared folder on a regular basis.
▪ Members will become responsible for deleting the transitory documents from their tablets and safely disposing of any paper copies on a regular basis.
▪ Staff and members will need to be reminded that they are responsible for deleting the emails that have been exchanged between them in the hearing process on a regular basis.
Target Date January 31, 2019
Residual Risk Medium
Area

Retention and Disposal


 
Issue Applicants’/Appellants’ personal information will be stored on members’ tablets while they are working on the clients’ files. Members will be instructed to delete such documents. Members may keep the personal information longer than necessary.
Recommendations As the onus will be on the members to delete the transitory documents from their tablets, a monitoring process should be developed and put into practice to ensure the documents are actually being deleted.
Target Date January 31, 2019
Residual Risk Medium
Area Accuracy
Issue Once documents are uploaded to the VSA, members may use them to prepare for the hearing. The members may download them to their tablets and refer only to the downloaded version. If a document then gets updated (without the members being notified), members may be working from an outdated version.
Recommendations Procedures will need to be developed and documented to ensure that members and affected staff are notified when amendments are made to documents that will already have been saved to the VSA to ensure that members and staff are working from the most accurate, up-to-date, and complete versions.
Target Date January 31, 2019
Residual Risk Low
Area Technical
Issue With the move to Outlook as the Government of Canada email system there is an increase risk with access to all Government employees’ email addresses through the global addresses list that an email is sent to the wrong recipient.
Recommendations Outlook resources are used for all two way communication.
Target Date January 31, 2019
Residual Risk low
Area Physical
Issue Members are not using the Government issued locked carrying cases when travelling.
Recommendations The Board should ensure that Members are only using government approved carrying cases and locks when travelling. Members should also be reminded of their obligations to protect the personal information that is in their possession.
Target Date January 31, 2019
Residual Risk Low
Area

Administrative


 
Issue

In the current process, paper documentation used at a hearing are contained within a highly visible, coloured card stock docket cover. Once the paperless hearing process is fully implemented the cover dockets will be phased out.

In some cases paper evidence will be submitted. If the cover dockets are no longer in use there will be an increased risk of misplacing documents which could result in privacy breaches.

Recommendations Retain the highly visible, coloured card stock docket cover to ensure personal information is accounted for and uploaded where it belongs.
Target Date January 31, 2019
Residual Risk Medium

Section VII – Supplementary Documents List

The documents below are relate to the core PIA.

  • Authority to release personal information form
  • Consent and Waiver for Teleconference or in Absentia Hearing form
  • Handling of Case Analysis Reports – Memo from A/Chair – August 13, 2015
  • Privacy Breach Procedures
  • Privacy Breach Prevention - Email Tips - May 2018
  • Privacy Breach Cheat Sheet

Section VIII – Formal Approval

This PIA was formally approved in accordance with the Board’s approval process. A copy of the official sign-off sheet can be found on the next page.

General Sign Off Sheet

Appendix A: Definitions

Case Analysis Report – CAR

A document prepared by a case review officer for the purpose of assisting Members in the preparation of decisions with respect to cases they hear at the review or Appeal level.

Client Service Delivery Network – CSDN

VAC’s major database used to store and handle client information.

Electronic Evidence

Documents submitted by the Bureau of Pension Advocates electronically by email to support a claim.

Member

Independent, administrative tribunal decision-maker for the Board’s two levels of redress (Review and Appeal), as well as for War Veterans Allowance appeals and applications for Compassionate Awards (Governor-in-Council appointed position).

Members' Notes

Notes taken at a hearing by members and used to assist them in decision writing. Member’s notes are an aide memoire and private to the member. They are not official records and are destroyed.

Personal Information Bank - PIB

Description of personal information under the control of a government institution that is organized and retrievable by an individual’s name or by a number, symbol or other element that identifies an individual. The personal information described in a PIB has been used, is being used or is available for an administrative purpose. The PIB describes how personal information is collected, used, disclosed, retained and/or disposed of in the administration of a government institution’s program or activity.

Quality Management Analysts - QM

For the purpose of this PIA, the role of the QM Analysts is to provide analytical support and feedback to members by reviewing and analyzing decisions, at all levels of appeal.

Reasons for Awarding

Following a recommendation from the Standing Committee on Veterans Affairs, the data is extracted into CSDN to assist VAC in better understanding the Board’s reasons for overturning a ministerial decision.

Reporting Database - RDB

Name of VAC's organized collection of data from various systems such as CSDN and VSA which is used to manage workload, schedules and cases.

Sessions List List of hearings scheduled by location, date and time. List contains name, DOB, address, phone number, condition, hearing type, legislation, service, file number, decision number and representative’s name.
Statement of Case - SOC A compilation of information gathered from Veterans Affairs Canada files, Department of National Defence Service Health Records, or previous hearings. This includes copies of evidence and decisions relevant to the case.
VRAB Scheduling Application - VSA Web-based application which assists the process of scheduling hearings and tracks all stages of the redress process. The VSA has linkages to VAC’s CSDN, but is a separate VRAB-controlled and managed system.

Windows Speech Notes

Application used for dictation

Appendix B: Acronyms

ATIP

Access to Information and Privacy

Board, the

Veterans Review and Appeal Board

CAR

Case Analysis Report

CSDN

Client Service Delivery Network

HO

Head Office

PIA

Privacy Impact Assessment

PIB

Personal Information Bank

PO-HO

Post-Hearing Officer

PR-HO

Pre-Hearing Officer

RDB Reporting Database
SOC Statement of Case
TBS Treasure Board of Canada Secretariat

VAC

Veterans Affairs Canada

VPN Virtual Private Network
VRAB Veterans Review and Appeal Board
VSA VRAB Scheduling Application

Appendix C: Participants

Participant

Title

Kathy Stewart

Chief, VRAB Information Technology

Nancy McLure

Business Support Analyst

François Comeault

Legal Council

Karen Rowell

ATIP Coordinator

Jackie Rupert Saucier

Senior ATIP Officer

Danielle Ross A/Senior ATIP Officer
Rayné Plettell-Kenny Deputy Coordinator ATIP

Appendix D: Categorization

Identified Risk Categories

Aggregate Risk Rating

Risk Level

Number of risk areas identified as level 1

0 Low
Number of risk areas identified as level 2 4

Low-Moderate

Number of risk areas identified as level 3 4

Moderate

Number of risk areas identified as level 4 0

High

Overall risk rating for the initiative

Low-Moderate