CDIC Privacy Act 2017-2018 Annual Report
- CDIC Narrative Report for 2017-2018 – Tab A
- CDIC Privacy Act Designation Order (Feb. 3, 1999) – Tab B
- CDIC Privacy Act Delegation Order (April 25, 2018) – Tab C
- CDIC Privacy Act Statistical Report for 2017-2018 – Tab D
The Privacy Act (the “Act”) provides Canadian citizens and permanent residents with the right to access personal information held by government institutions and protection of that information against unauthorized use and disclosure. This annual report, covering the period from April 1, 2017 to the end of the financial year, March 31, 2018, is prepared and submitted by the Canada Deposit Insurance Corporation (“CDIC”) for tabling in Parliament in accordance with section 72 of the Privacy Act.
Mandate and Governance
CDIC was established in 1967 by the Canada Deposit Insurance Corporation Act. The objects of the Corporation are:
- to provide insurance against the loss of part or all of deposits;
- to promote and otherwise contribute to the stability of the financial system in Canada;
- to pursue the objects set out in paragraphs (a) and (b) for the benefit of persons having deposits with member institutions and in such manner as will minimize the exposure of the Corporation to loss; and
- to act as the resolution authority for its members.
CDIC is administered by a board of directors headed by the Chairperson, who is appointed by the Governor in Council. There are five ex officio directors (the Governor of the Bank of Canada, the Deputy Minister of Finance, the Superintendent of Financial Institutions, a Deputy Superintendent of Financial Institutions or an officer of the Office of the Superintendent of Financial Institutions appointed by the Minister, and the Commissioner of the Financial Consumer Agency of Canada), as well as five private sector directors appointed by the Governor in Council.
- Canada Deposit Insurance Corporation Act
- Access to Information Act
- Privacy Act
- Annual Report
- “Protecting Your Deposits” Brochure
- Summary of the Corporate Plan
Administration of the Act
CDIC is a relatively small Crown corporation, which typically receives very few requests for personal information in any given year. As a result, CDIC does not have a formalized Access to Information and Privacy (“ATIP”) office with staff dedicated to ATIP matters on a full-time basis. Rather, the Vice-President, Corporate Affairs, General Counsel and Corporate Secretary assumes the role of ATIP Coordinator and is supported in this capacity by the Director, Legal Services as primary contact and by the Legal Services Department as required. The Law Clerk & ATIP Officer in the Legal Services Department assists with ATIP matters on a part-time basis. In order to ensure timely and accurate responses to ATIP requests, CDIC has standby agreements with several external ATIP consultants who are available to assist as needed.
Delegation by Head of Corporation
Designation Order – February 3, 1999
The Designation Order dated February 3, 1999 (the “1999 Designation Order”) which was applicable throughout 2017-2018, is attached hereto and forms part of this annual report (Tab B).
Delegation Order – April 25, 2018
Updated Delegation Order dated April 25, 2018 (the “2018 Delegation Order”) replaces the 1999 Designation Order and is attached hereto and forms part of this annual report (Tab C).
Statistical Report and Interpretation
CDIC’s statistical report for 2017-2018 is attached to and forms part of this annual report (Tab D). During the period covered by this report, CDIC did not receive any requests under the provisions of the Act. No requests were carried forward from the previous reporting period.
|No. of Requests Received||0||0||2||2||0|
|No. of Requests Closed||0||0||2||2||0|
|No. of Consultations Received||0||0||0||0||0|
|No. of Consultations Closed||0||0||0||0||0|
|Percentage of Requests Responded to within relevant period||100%||100%||100%||100%||N/A|
As noted above, CDIC did not receive any requests under the Act during the reporting period.
Method of Access
No requests were processed.
Net Fees Collected
No fees were collected.
Education and Training Activities
A comprehensive powerpoint presentation concerning ATIP is available on CDIC’s intranet portal to all employees. CDIC does not track access by employees to this portal. During 2017-2018, all employees (127) received ethics and security training which included information regarding their ATIP responsibilities.
New/revised Policies, Guidelines and Procedures
In 2017-2018, CDIC did not implement any new or revised internal policies, guidelines or procedures relating to privacy.
Complaints, Investigations and Appeals
As at March 31, 2018, no complaint, investigation, or appeal was brought to the attention of CDIC in relation to the processing and outcome of privacy requests.
Monitoring Processing Time of Privacy Requests
CDIC has established procedures to monitor the time to process privacy requests by completing an internal tracking log spreadsheet, which is updated to reflect key dates and activities for all requests, including deadlines, and automated reminders are set. The ATIP Coordinator oversees the ATIP program at CDIC, and receives reports from the Director, Legal Services as the status of any requests change.
During 2017-2018, CDIC purchased ATIP case management software which assists in the monitoring, processing, and reporting on privacy requests.
Material Privacy Breaches
During the period covered by this report, no material privacy breaches occurred at CDIC.
Privacy Impact Assessments (PIA)
During the period covered by this report, CDIC did not complete any PIAs.
Disclosures under Paragraph 8(2)(m) of the Act
During the period covered by this report, CDIC did not disclose personal information pursuant to paragraph 8(2)(m) of the Act.