Governor in Council Appointments

Section 1 – Privacy Impact Assessment Overview

  1. Name of Program or Activity:  Governor in Council Appointments
  2. Institution responsible for delivering Program or Activity:  Public Safety Canada
  3. Government Official Responsible for the Privacy Impact Assessment:  Director General, Cabinet and Parliamentary Affairs and Executive Services
  4. Head of Institution/Delegate:  Assistant Deputy Minister, Portfolio Affairs and Communications Branch
  5. Description of Program or Activity (from Program Activity Architecture):
    Processing of applications for Governor in Council (GIC) appointments. This forms part of the Internal Services of Public Safety Canada as described in the Program Alignment Architecture.
  6. Description of the class of records associated with the program or activity:

    Boards, Committees and Councils

    Includes records related to the establishment, organization, functions, activities and management of boards, committees, and councils (including Governor in Council appointments) which are exclusive to a particular institution and which have been established to provide oversight, guidance and recommendations to the institution. Records may include information related to the nomination, appointment, resignation and/or termination of members including criteria for the identification and selection of members, terms and conditions of appointment (e.g. salary, honoraria, per diem rates) roles and responsibilities, and administrative support documentation. Records may also include correspondence among members and with the institution, as well as the relevant Minister’s Office about the selection of individuals and with the Privy Council Office about Governor-in-Council appointees.

    Document Types:
    Terms of reference, agendas, minutes of meetings, notices, proceedings, recommendations documents, briefing and discussion papers, curricula vitae, travel claims, policy documents, photographs, videos, communications materials released in all formats (including institutional web sites), speeches, audit and evaluation documentation, copies of Annual Reports, Orders-in-Council, correspondence, backgrounders, reports, etc.

    Record Number:
    PRN 938

  7. Personal Information Bank:

    Governor in Council Appointments

    Description: This bank describes information that is collected to support Governor in Council appointments to government institutions. The personal information collected may include: the individual’s full name, contact information, official language of choice, date of birth, country of birth, citizenship, gender, marital status, Social Insurance Number (SIN), unique identification number (e.g., unique employee number), terms and conditions of appointment including remuneration (e.g., salary, honoraria, per diem rate) and benefits, signature, physical limitations and any other relevant medical information, photographs or other image recordings, educational background, employment status, work history, professional affiliations, credit card and financial institution information, government security clearances, biographical information (including information about family members), conflict of interest declarations, appointment date and duration and resignation dates, if applicable.
    Class of Individuals: Current and former appointees and their family members.

    Purpose: The personal information collected is used to support the identification and selection of individuals to serve as Governor in Council appointments which include Chairpersons and Chief Executive Officers of Crown Corporations, Heads of Agencies, and Boards of Governors. Successful individuals are named through an Order in Council - a process that is managed by the Privy Council Office. The personal information is also used to manage the administration of expenses (e.g., travel) and compensation and benefits packages, conduct performance evaluations, maintain an inventory of current and former appointees, record potential conflicts of interest and any compliance action required, and to communicate with these individuals.

    Consistent Uses: Personal information about the appointee is contained in the Order in Council document which includes full name, contact information, the position to which s/he is being appointed, the length and tenure of the appointment, and the terms and conditions of the appointment (e.g., remuneration, benefits, vacation leave, etc.). This information is provided by the Privy Council Office to the institution (refer to Governor in Council Personnel Records - PCO PPU 020). Governor in Council Personnel Records - PCO PPU 020). Additionally, this information may be used in the preparation of reports for senior management and broader audiences (e.g., Annual Reports) and communications materials (e.g., press releases, biographies, etc.) that may be disseminated in multiple formats, including the institution’s website. In some instances, the Privy Council Office receives notes and performance ratings to support the conduct of performance evaluations of selected individuals (refer to Governor in Council Personnel Records - PCO PPU 020). The Social Insurance Number (SIN) is collected pursuant to the Income Tax Act (refer to Individual Returns and Payment Processing – CRA PPU 005) and, where applicable, the Province of Quebec Income Tax Act.

    Retention and Disposal Standards: For information about the length of time that specific types of common administrative records are maintained by a government institution, including the final disposition of those records, please contact the institution’s Access to Information and Privacy Coordinator.

    RDA Number: Institution-specific

    Related Record Number: PRN 938
    Bank Number: PSU 918

  8. Legal Authority for Program or Activity:

    The authority for GIC appointments is provided by statutes which generally specify the appointment authority, the length of term of the appointment and the qualifications required.

    The GIC appointment process is within the mandate of the Privy Council Office (PCO) as the department of the Prime Minister from who PCO’s authority derives. Order in Council 1935-3375 Prerogative of the Prime Minister provides the clerks functions.

  9. Summary of the project / initiative / change:          

    The Department plays a central role in providing operational support and guidance to the Minister’s office for all GIC appointments in the Public Safety Portfolio. Departmental key responsibilities/activities to support the Minister and the GIC appointment process include:

Section 2 - PIA Risk Area Identification and Categorization

The following section contains risks identified in the PIA for the new or modified program. A risk scale has been included for each risk area lettered "a – f". The numbered risk scale is presented in ascending order: the first level represents the lowest level of potential risk for the risk area; the fourth level (4) represents the highest level of potential risk for the given risk area. Please refer to “Appendix C” of the TBS Directive on PIAs to learn more about the risk scale.

  1. Type of program or activity
    • Administration of program or activity and services
      Risk Scale - 2
  2. Type of Personal Information Involved and Context
    • Social Insurance Number, medical, financial or other sensitive personal information and/or the context surrounding the personal information is sensitive..
      Risk Scale – 3
  3. Program or Activity Partners and Private Sector Involvement
    • With other federal institutions
      Risk Scale - 2
  4. Duration of the Program or Activity
    • Long-term program
      Risk Scale - 3
  5. Program Population
    • The program affects certain individuals for external administrative purposes.
      Risk Scale - 3
  6. Technology and Privacy
    Does the new or modified program or activity involve the implementation of a new electronic system, software or application program including collaborative software (or groupware) that is implemented to support the program or activity in terms of the creation, collection or handling of personal information?  No
    Does the new or modified program or activity require any modifications to IT legacy systems and / or services?  No
    The new or modified program or activity involves the implementation of one or more of the following technologies:
    • Enhanced identification methods? No
    • Use of Surveillance? No
    • Use of automated personal information analysis, personal information matching and knowledge discovery techniques? No
  7. Personal Information Transmission
    • The personal information is transferred to a portable device (i.e., USB key, diskette, laptop computer), transferred to a different medium or is printed
      Risk Scale - 3
  8. Risk Impact to the Institution:
    • Reputation harm, embarrassment, loss of credibility
      Risk Scale - 4
  9. Risk Impact to the Individual or Employee
    • Financial harm
      Risk Scale – 3
Date modified: