Treasury Board of Canada Secretariat
www.tbs-sct.gc.ca
Common menu bar links
ARCHIVED - Implementation Report No. 109 - Annual Reports on the Access to Information Act and the Privacy Act
This page has been archived.
Archived Content
Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.
Implementation Report No.109
Date: February 21, 2008
To: Access to Information and Privacy Coordinators
Subject: Annual Reports on the Access to Information Act and the Privacy Act
Please read this Implementation Report with careful attention as it contains new requirements for all institutions.
Government institutions are reminded that they must submit their 2007-2008 Annual Reports to Parliament, as required by sections 72 of the Access to Information Act (ATIA) and of the Privacy Act (PA).
This includes those institutions that became subject to the ATIA and/or the PA in 2007.
Due Dates
Each Annual Report must be submitted to Parliament "within three months after the financial year in respect of which it is made or, if the House is not then sitting, on any of the first fifteen calendar days next thereafter that it is sitting".
For institutions whose financial year ends on December 31, 2007, the Annual Reports are to be submitted no later than March 31, 2008 if the House is sitting.
For institutions whose financial year ends on March 31, 2008 the Annual Reports are to be submitted no later than June 30, 2008 if the House is sitting.
Two copies of each Annual Report must be submitted to Treasury Board Secretariat within two weeks of the due dates noted above.
Annual Reports To Parliament
Separate and distinct Annual Reports must be prepared for the Access to Information Act and for the Privacy Act in accordance with the instructions outlined in Appendix A (see attached).
Reporting Requirements
Annual Reports are the means by which federal institutions account for their administration of the Access to Information and Privacy Acts. Due to the unique experiences of institutions, no single format can serve the needs of all departments and agencies. Therefore, while the reporting requirements identified in this Implementation Report and Appendix must be addressed, institutions may structure their Annual Reports as they see appropriate.
Further information on this subject may be obtained by referring to the Treasury Board Manual, Access to Information and Privacy and Data Protection volumes. In addition, Implementation Report No. 111 provides guidance on the preparation of the Statistical Reports which are included in the Annual Reports.
Authorization
Although Annual Reports must be approved by the* Head of the Institution, they do not require the Head's signature. However, the Reports must be accompanied by a letter of transmittal from the Minister to the Clerk of the House of Commons and to the Clerk of the Senate. For institutions where the Head is not a Minister, a transmittal letter is required from the Minister through whom the institution reports to Parliament.
In the letter of transmittal, the Minister must indicate that:
- The Reports are tabled in accordance with section 72 of the Access to Information Act and section 72 of the Privacy Act.
- The Reports are to be referred to the Standing Committee on Access to Information, Privacy and Ethics.
Submission
Copies of the Annual Reports to Parliament must be submitted to the following:
Ms. Audrey O'Brien
Clerk of the House of Commons
Centre Block, Room 228-N
House of Commons
Parliament Buildings
Ottawa, Ontario K1A 0A6
- One copy of the Annual Report on the Access to Information Act
- One copy of the Annual Report on the Privacy Act
Mr. Paul C. Bélisle
Clerk of the Senate and Clerk of the Parliaments
Centre Block, Room 183-S
Senate of Canada
Parliament Buildings
Ottawa, Ontario K1A 0A4
- One copy of the Annual Report on the Access to Information Act
- One copy of the Annual Report on the Privacy Act
The Information Commissioner of Canada
Place de Ville, Tower B
112 Kent Street, 22nd Floor
Ottawa, Ontario K1A 1H3
- One copy of the Annual Report on the Access to Information Act
The Privacy Commissioner of Canada
Place de Ville, Tower B
112 Kent Street, 3rd Floor
Ottawa, Ontario K1A 1H3
- One copy of the Annual Report on the Privacy Act
Colette Dubois
Information and Privacy Policy Division
Treasury Board of Canada Secretariat
219 Laurier Avenue West, 14th Floor
Ottawa, Ontario K1A 0R5
- Two copies of the Annual Report on the Access to Information Act
- Two copies of the Annual Report on the Privacy Act
Additional Information
Please refer to Appendix A for detailed instructions regarding the mandatory reporting requirements that must be included in your Annual Reports for this reporting period.
Anyone interested in viewing copies of recent institutional Annual Reports may contact the Information and Privacy Policy Division's Compliance Assessment and Reporting Team at 613-957-2455 or by e-mail to Infosource@tbs-sct.gc.ca.
Annual Reports will be reviewed by TBS as part of the Management of Accountability Framework (MAF) exercise and for other monitoring and compliance purposes.
Enquiries
If you have any questions, please contact us at ippd-dpiprp@tbs-sct.gc.ca or by telephone at 613-946-4945.
Donald Lemieux
Executive Director
Information and Privacy Policy Division
Chief Information Officer Branch
Attachment (Appendix A)
Distribution List
* For the purposes of the Access to Information Act and the Privacy Act, the "Heads of the Institution" are generally Ministers of Federal Departments, Presidents or Chief Executive Officers of Crown Corporations, Commissioners of Government Commissions, or Agents of Parliament. Institutions may consult the Access to Information Act Heads of Government Institutions Designation Order and the Privacy Act Heads of Government Institutions Designation Order to determine the individual who has been designated as the Head for the purposes of these Acts.
Appendix A – Annual Report to Parliament
Access to Information Act
Please note the mandatory reporting requirements (1 to 6 inclusive) that must be included in your institution's Annual Report on the administration of the Access to Information Act. Other reporting requirements (7 to 12 inclusive) will apply and be considered mandatory only if your institution undertook those activities during the reporting period.
There is no specific format regarding how this information must be presented.
| Reporting Elements | Reporting Requirements |
|---|---|
| 1. Introduction, including a brief summary of the purpose of the Access to Information Act and the mandate of your institution. | Mandatory |
| 2. Description of how the institution is structured to fulfill Access to Information Act responsibilities. For example, describe the organization of the institution's ATIP Office. | Mandatory |
|
3. A copy of the Delegation Order. Delegation Orders set out what powers, duties and functions for the administration of the Access to Information Act have been delegated by the head of the institution and to whom. Note: If there has been no delegation (i.e., the powers and responsibilities under the Act have been retained exclusively by the Head), a statement to that effect must be included. |
Mandatory |
| 4. Statistical Report (see Implementation Report 111 for detailed instructions on the preparation of the Statistical Report). | Mandatory |
| 5. Interpretation of the Statistical Report. For example, a description of significant trends on the application of exemptions and exclusions, and/or information on completion times and extensions. | Mandatory |
6. Description of access to information-related education and training activities undertaken by ATIP staff and provided to the institution's employees during the reporting period. This may include briefing and awareness sessions as well as formal training courses.
If no training activities were undertaken, please indicate this clearly. |
Mandatory |
| Reporting requirements (7 to 12 inclusive) will apply and be considered mandatory only if your institution undertook those activities during the reporting period. | |
| 7. A summary of significant changes to the institution's organization, programs, operations, or policy. | This information must be included in the Annual Report if your institution underwent any significant changes during the reporting period. |
| 8. Overview of new and/or revised institutional Access to Information Act related policies and procedures implemented during the reporting period. | This information must be included in the Annual Report if your institution implemented any new or revised any existing ATI policies or procedures. |
| 9. Description of major changes implemented as a result of concerns/issues raised by the Office of the Information Commissioner (OIC) in his Annual Report to Parliament, in institutional "Report Cards", or in other OIC reviews/evaluations of your institution's administration of the Access to Information Act. | This information must be included in the Annual Report if your institution implemented any changes as a result of recommendations from the Office of the Information Commissioner. |
| 10. Description of major changes implemented as a result of concerns/issues raised by other Agents of Parliament; e.g. the Auditor General. | This information must be included in the Annual Report if your institution implemented any changes as a result of recommendations from other Agents of Parliament. |
| 11. Indicate if your institution had any access to information complaints and/or investigations during the reporting period and summarize the key issues. | This information must be included in the Annual Report if your institution received any complaints and/or was investigated during the reporting period. |
| 12. Indicate of the number of applications/appeals submitted to the Federal Court or the Federal Court of Appeal. | This information must be included in the Annual Report if any applications/ appeals were submitted to the Federal Courts during the reporting period. |
Appendix A – Annual Report to Parliament
Privacy Act
Please note the mandatory reporting requirements (1 to 9 inclusive) that must be included in your institution's Annual Report on the administration of the Privacy Act. Other reporting requirements (10 to 15 inclusive) will apply and be considered mandatory only if your institution undertook those activities during the reporting period.
There is no specific format regarding how this information must be presented.
| Reporting Elements | Reporting Requirement |
|---|---|
| 1. Introduction, including a brief summary of the purpose of the Privacy Act and the mandate of your institution. | Mandatory |
| 2. Description of how the institution is structured to fulfill Privacy Act responsibilities. For example, describe the organization of the institution's ATIP Office. | Mandatory |
|
3. A copy of the Delegation Order. Delegation Orders set out what powers, duties and functions for the administration of the Privacy Act have been delegated by the head of the institution and to whom. Note: If there has been no delegation, (i.e., the powers and responsibilities under the Act have been retained exclusively by the Head), a statement to that effect must be included. |
Mandatory |
| 4. Statistical Report (see Implementation Report 111 for detailed instructions on the preparation of the Statistical Report). | Mandatory |
| 5. Interpretation of the Statistical Report. For example, a description of significant trends on the application of exemptions and exclusions, and/or information on completion times and extensions. | Mandatory |
| 6. Brief description of each Privacy Impact Assessment completed during the reporting period and a copy of the hyperlink to its summary on your institution's website. | Mandatory |
|
7. Indicate the number of new data matching and data sharing activities undertaken during the reporting period. This includes new internal data matching and data sharing activities (i.e. among different sections within the institution) as well as data matching and data sharing activities with other institutions.
Note: Institutions that became subject to the Privacy Act in 2007 are not required to address this reporting requirement. |
Mandatory |
|
8. Description of privacy-related education and training activities undertaken by the ATIP staff and provided to the institution's employees during the reporting period. This may include briefing and awareness sessions as well as formal training courses.
If no training activities were undertaken, please indicate this clearly. |
Mandatory |
|
9. Indicate if the institution disclosed personal information during the reporting periodpursuant to each of the following subsections of the Privacy Act: 8(2)(e),(f), (g) and (m). For example: "During the reporting period, Institution X disclosed personal information pursuant to subsections 8(2)(e), 8(2)(g) and 8(2)(m) of the Privacy Act. It did not disclose personal information pursuant to subsection 8(2)(f). |
Mandatory |
| Reporting requirements (10 to 15 inclusive) will apply and be considered mandatory only if your institution undertook those activities during the reporting period. | |
| 10. A summary of significant changes to the institution's organization, programs, operations, or policy. | This information must be included in the Annual Report if your institution underwent any significant changes during the reporting period. |
| 11. Overview of new and/or revised institutional privacyrelated policies and procedures implemented during the reporting period. | This information must be included in the Annual Report if your institution implemented any new or revised any existing privacy policies or procedures. |
| 12. Description of major changes implemented as a result of concerns/issues raised by the Office of the Privacy Commissioner (OPC) in her Annual Report to Parliament, reviews of Privacy Impact Assessments, or in other OPC reviews/evaluations of your institution's administration of the Privacy Act. | This information must be included in the Annual Report if your institution implemented any changes as a result of recommendations from the Office of the Privacy Commissioner. |
| 13. Description of major changes implemented as a result of concerns/issues raised by other Agents of Parliament; e.g. the Auditor General. | This information must be included in the Annual Report if your institution implemented any changes as a result of recommendations from other Agents of Parliament. |
| 14. Indicate if your institution had any privacy complaints and/or investigations during the reporting period and summarize the key issues. | This information must be included in the Annual Report if your institution received any complaints and/or was investigated during the reporting period. |
| 15. Indicate of the number of applications/ appeals submitted to the Federal Court or the Federal Court of Appeal. | This information must be included in the Annual Report if any applications/ appeals were submitted to the Federal Courts during the reporting period. |
