Government Operations Centre

Section 1 – Privacy Impact Assessment Overview

  1. Name of Program or Activity:
    Government Operations Centre – Collection of Personal Information
  2. Institution responsible for delivering Program or Activity:
    Public Safety Canada
  3. Government Official Responsible for the Privacy Impact Assessment:
    Director General, Government Operations Centre
  4. Head of Institution/Delegate:
    Assistant Deputy Minister, Emergency Management and Programs Branch
  5. Description of Program or Activity (from Program Activity Architecture):

    1.4 Emergency Management
    Without an all-hazards emergency management program, Canadians would be more vulnerable to a range of threats and disasters, and federal/provincial/territorial governments would be unable to plan for, and respond to, emergencies in a coordinated and systemic manner. Public Safety Canada works to protect Canada and Canadians by providing national leadership and setting a clear direction for emergency management and critical infrastructure protection for the Government of Canada, as provided for in the Emergency Management Act of 2007. This is achieved through emergency management policy and planning, provision of training and exercises, and research activities that support a unified emergency management system. The Department develops and maintains the federal government's capacity to manage emergencies; monitors and coordinates the federal response; and provides support to provinces and territories when federal assistance is needed. The Department also promotes public awareness of emergency management directly to Canadian citizens and businesses. Working closely with international counterparts, federal departments, provinces, territories, the first responder community and industry, to address all hazards (natural, technological and human induced), this program activity aims to foster a safe and resilient Canada through policy and program coordination across the four pillars of emergency management: prevention/mitigation, preparedness, response and recovery.

    1.4.2 Emergency Response and Recovery
    When provincial and territorial government resources are insufficient to respond to and/or recover from a large-scale natural or human-induced disaster, Public Safety Canada coordinates the federal response to the provincial or territorial government requesting assistance and may provide financial assistance. Our network of Regional Offices across Canada serve as the Department's primary link to provincial and territorial emergency management counterparts, as well as federal departments in the region to ensure a whole-of-government response. An integrated federal response to events of national significance is supported through 24/7 watch and early warning, national-level situational awareness, integrated risk assessment, response planning, whole-of-government response management and support to senior officials' decision making. These services are provided to the Government of Canada and response organizations at the federal, provincial and territorial levels. All-Hazards Emergency Management Coordination
    This program enables the delivery of an integrated federal emergency response to potential or actual disasters (natural or human-induced) that may threaten the safety and security of Canadians or the integrity of Canada's critical infrastructure. The program is delivered through the Government Operations Centre (GOC), a facility that coordinates a strategic-level response on behalf of the Government of Canada, in response to potential and occurring events that may affect the national interest. This program provides 24/7 watch and early warning for Government in support of partner mandates. The GOC provides  national-level situational awareness (e.g. Notifications, Situation Reports, information products, and briefings) to partners, senior decision makers, senior officials, provincial governments and/or the private sector. The GOC enables a whole-of-government response capability, plans for and coordinates the federal response to incidents, develops recommendations for the deployment and utilization of federal resources, and actions requests for emergency assistance from federal or provincial authorities. Working with the provinces and territories and international partners, the GOC is a key asset for DM and ADM communities, providing them with a mechanism for the implementation of their direction, keeping senior officials informed of evolving events, as well as identifying issues that need their engagement for resolution. The GOC improves the efficient use of Government of Canada strategic assets, and when offered, the resources of provincial/territorial governments. This program also aligns the work of regional offices with national efforts to support provincial and territorial partners in addressing emergencies.

  6. Description of the class of records associated with the program or activity:

    Emergency Management Operations
    Description: Information on Government of Canada operational emergency response capabilities and programs including information pertaining to the Federal Emergency Response Plan, the National Emergency Response System, the Government Operations Centre (GOC) and the Canadian Cyber Incident Response Centre (CCIRC). Under this program, the GOC delivers an all-hazard integrated federal emergency response to events in the national interest. It provides 24/7 monitoring and reporting, national-level situational awareness, integrated risk assessments and warning products, as well as national-level planning and whole-of-government response management. In parallel and in collaboration with the GOC, CCIRC focuses on operational-level, cyber-only whole-of-government response.
    Document Types: Memorandums, briefing notes and books, Question Period notes, reports, plans, presentations, evaluations, agreements, procedures, policies, maps, emails, lists, agendas, records of decision, letters, contracts and requests for proposals.
    Record Number: PS EMNS 050

  7. Personal Information Bank:
    With respect to the PIA identified in this Summary, a PIB needs to be:
    • N/A
  8. Legal Authority for Program or Activity:
    The Government Operations Centre's (GOC) legal authority is based on the:

    (1) Department of Public Safety and Emergency Preparedness Act (DPSEPA);
    (2) Emergency Management Act (EMA);

    Section 4 and 6 of the DPSEPA gives the Minister of Public Safety and Emergency Preparedness broad powers, duties and functions relating to public safety and emergency preparedness.

    In addition, sections 3, 4 and 5 of the EMA set out the responsibilities of the Minister in relation to emergency management. These responsibilities, among others, include (1) monitoring potential or actual emergencies and advising ministers accordingly; (2) establishing polices and programs related to emergency management; (3) facilitating the authorized sharing of information in order to enhance emergency management; (4) coordinating the Government of Canada's response to an emergency; and (5) participating in international emergency management activities including developing joint plans with the United States.

    In applying these authorities, the GOC, in some limited instances, receives personal information from partner agencies during the course of performing its mandated functions.

  9. Summary of the project / initiative / change:

    Under the authority of the EMA, the principal means by which the Minister of Public Safety exercises leadership for federal emergency management is through the activities of the Government Operations Centre (GOC). On behalf of the Government of Canada, the GOC allows Canadians to be better protected from major disasters, accidents and intentional acts by supporting and coordinating the response  to events affecting the national interest. The GOC provides 24/7 monitoring and reporting, national-level situational awareness, warning products and integrated risk assessments, national-level response protocols, and whole-of-government response management.

    Reporting Criteria to the GOC:
    Consistent with the “all-hazards” approach to emergency management, the GOC monitors and collects information for situational awareness purposes with respect to a wide variety of potential, imminent or actual events that may develop into events of national interest. The kinds of events the GOC monitors are broadly established based upon GOC Reporting Criteria for situational awareness purposes. These criteria are reviewed annually by Public Safety Canada and other federal stakeholders. The Reporting Criteria currently include a diverse range of actual or potential events such as: Natural Hazards (e.g. Animal Health, Health Emergencies, and Extreme Weather), Man-made unintentional Hazards (e.g. Industrial Incidents, Telecommunication Outage, and Transportation Accidents), Man-made intentional Hazards (e.g. Death of Federal Representative on Duty, Threat to Canadian Assets, and Civic Disturbances). Note: No personal information is collected.

    Reporting by the GOC:
    The criteria for the GOC to start an enhanced monitoring and/or reporting on an event (which may occasionally include, protests or demonstrations) is for an event resulting in actual or potential, significant disruption to government operations, critical infrastructure and/or that pose a significant, actual or potential threat to public safety. The GOC compiles factual reports of events, but does not conduct any enforcement or surveillance investigations or activities. Note: The GOC reports do not include any personal information.

    Coordination of response to events of national interest
    In fulfilling these EMA-mandated coordination responsibilities, the GOC works with all federal government institutions, provinces and territories, and, if required by the nature of the event, international partners. While most events coordinated by the GOC do not require the collection of personal information, occasionally certain types of events such as large-scale evacuations or repatriation of Canadians and their families from disaster-stricken areas abroad, necessitate the collection of some personal information. Examples of this type of incidental collection are evacuee/repatriation manifest lists during the Lebanon evacuation of 2006 and the Haitian earthquake of 2010. Collection of personal information during these kinds of events by the federal government enables other government institutions (usually provinces/territories) to swiftly prepare appropriate emergency reception, medical care, housing, social services and resettlement arrangements for evacuees.

Section 2 - PIA Risk Area Identification and Categorization

The following section contains risks identified in the PIA for the new or modified program. A risk scale has been included for each risk area lettered "a – f". The numbered risk scale is presented in ascending order: the first level represents the lowest level of potential risk for the risk area; the fourth level (4) represents the highest level of potential risk for the given risk area. Please refer to “Appendix C” of the TBS Directive on PIAs to learn more about the risk scale.

  1. Type of program or activity
    • Program or activity that does NOT involve a decision about an identifiable individual.
      Risk Scale - 1
  2. Type of Personal Information Involved and Context
    • Social Insurance Number, medical, financial or other sensitive personal information and/or the context surrounding the personal information is sensitive.
      Risk Scale - 3
  3. Program or Activity Partners and Private Sector Involvement
    • Privacy sector organizations or international organizations or foreign governments
      Risk Scale - 4
  4. Duration of the Program or Activity
    • Long-term program
      Risk Scale - 3
  5. Program Population
    • The program affects certain individuals for external administrative purposes.
      Risk Scale - 3
  6. Technology and Privacy

    Does the new or modified program or activity involve the implementation of a new electronic system, software or application program including collaborative software (or groupware) that is implemented to support the program or activity in terms of the creation, collection or handling of personal information? No

    Does the new or modified program or activity require any modifications to IT legacy systems and / or services? No

    The new or modified program or activity involve the implementation of one or more of the following technologies:

    • Enhanced identification methods? No
    • Use of Surveillance? No
    • Use of automated personal information analysis, personal information matching and knowledge discovery techniques? No
  7. Personal Information Transmission
    • The personal information is transmitted using wireless technologies.
      Risk Scale – 4
  8. Risk Impact

    Risk Impact to the Institution:

    • Managerial harm
      Risk Scale - 1

    Risk Impact to the Individual or Employee

    • Financial harm
      Risk Scale - 3
Date modified: