Privacy Impact Assessment – Web Summary – Consular Case Management

One of Global Affairs Canada’s main priorities is the provision of consular services to Canadians. This core function stems from the legal mandate of the Department as set forth in the Department of Foreign Affairs, Trade, and Development Act (2013). Consular Services for Canadians is a multi-layered support program for Canadians who travel or live overseas. The program manages and delivers consular services and advice to Canadians, and provides a coordinated Government of Canada response to emergencies abroad affecting Canadians. This work is done through consular agents and officers at a network of missions and at headquarters.

Among the services provided to Canadians abroad are citizenship and passport services on behalf of Immigration, Refugees and Citizenship Canada (IRCC) and this includes support during medical emergencies, arrests/detentions, parental abductions, and deaths abroad. It also enables Canadians detained abroad to access Transfer of Offenders Treaties. This work involves gathering personal information about Canadian clients, as well keeping records of visits to prisons, police stations and hospitals.

Whereas the 2009 PIA was limited to the core system used for Case Management (COSMOS), this assessment examined the program as a whole. Using the previous report as a baseline, this PIA looked at the business processes, how information is collected, used, transmitted and stored, and why it may be shared with other parties.

Necessary, Effective, Proportional, Least-Invasive

The collection, use, disclosure, retention and disposal of personal information by the Consular Program is necessary to provide Canadians travelling abroad with timely and accurate travel information on travelling safely, and with assistance related to routine and emergency consular situations outside Canada. Using the information collected, the program has been highly effective in delivering consular services to Canadians abroad. In 2014, 92% of Canadians surveyed reported being satisfied with routine consular services. The personal information collected by consular staff is the minimum required to provide assistance. Lastly, only personal information strictly required to assist individuals is collected, used and disclosed.

Key Risks Identified

1. Failure to obtain consent: There is a risk that sharing personal information for case resolution, in the interest of the client, or to a third party may occur without first obtaining consent from the individual.
2. Limiting access to employees with a “need to know”:  There is a risk of employees accessing personal information without a ‘need to know’, that could result in an unauthorized release of information or misuse of information. 
3. Sharing information without proper protection measures in place: There is a risk that personal information could be shared in various electronic formats for several document types without a clear system of tracking and controlling who receives and uses those documents (e.g. briefing notes).
4. Privacy breach: There is a risk that personal information collected by the program could be breached if, for example, a disgruntled employee publically released personal information, if Global Affairs Canada systems were hacked, or if records are not properly disposed of at the end of their life-cycle.

Mitigating Strategies

1. Controlling COSMOS Account Creation (Risk 2): Global Affairs Canada will control and manage COSMOS account creation, access permissions and rights through a formal account request process which will include a “need-to-know” review.
2. Limiting Access (Risks 1, 2): Global Affairs Canada will base access to consular records on need to know principles, such as portfolio or areas of responsibility, decision making requirements, and involvement in a case (e.g. separating files appropriately from core case information, and sub-activities such as financial assistance, which are unrelated to the core case).
3. Reviewing Use (Risks 1, 2): Global Affairs Canada will perform random audits of record access history to ensure compliance to need-to-know principles and proper use.
4. Transferring External Material and Disposal (Risk 3): Global Affairs Canada will follow TBS record keeping requirements to dispose of information (e.g. emails, and other transitory documents) with appropriate transfers to case files in the core system (COSMOS/other case management system).
5. Limiting Information Collection (Risk 4): Global Affairs Canada will request only the documentation and information needed to perform the services, then only copying the needed information into the core system (COSMOS/other case management system) based on standard criteria and best practices.
6. Improved Tracking (Risks 3): Formalizing more complete document tracking, including version control, transmission and use monitoring for all documents created and handled outside of the core case management system.
7. Staff Training (Risk 3, 4): Global Affairs Canada will train consular managers and employees in the principles, requirements and best practices of information management as set out in the TBS Directive on Record Keeping, and the Guideline for Employees of the Government of Canada: Information Management (IM) Basics. Global Affairs Canada will enforce the encryption of personal information stored on portable media such as USB keys, as required by the TBS Operational Security Standard (para. 16.4.4).