Privacy Impact Assessment (PIA) Summary: Immigration, Refugees and Citizenship Canada (IRCC) Learning Management System
Lead Government Institution
Immigration, Refugees and Citizenship Canada (IRCC)
Name of the Program/Activity
IRCC Learning Management System
Legal Authority
Relevant authorities include:
- The Financial Administration Act
- Section 12(1)(a) states that “every deputy head in the core public administration may, with respect to the portion for which he or she is deputy head, determine the learning, training and development requirements of persons employed in the public service and fix the terms on which the learning, training and development may be carried out”
- The Public Service Employment Act
- Section 11(a) states that the mandate of the Commission is to “appoint, or provide for the appointment of, persons to or from within the public service in accordance with this Act” and Section 15(1) which delegates the powers of the Commission to Deputy Heads.
- The Privacy Act
- Section 8(1) states that “personal information under the control of a government institution shall not, without the consent of the individual to whom it relates, be disclosed by the institution…” and the disclosure of Talent Bank information to other federal Government of Canada departments described in this PIA is made with informed consent.
Description of the program or activity
The introduction of a Learning Management System (LMS) in IRCC represents a strategic opportunity to take control of the management of learning in the department. Currently, without an LMS, there are significant challenges in providing a comprehensive program for the delivery of all aspects of learning.
Currently, IRCC face multiple challenges with respect to employee learning:
- Non-standard training across the organization contributes to inconsistency in program delivery and integrity;
- Duplication of effort and resources with non-LA groups who provide standalone learning services, undermines the Department’s ability to invest strategically in learning;
- Numerous processes and tools to design, deliver, manage, and report on learning and development impact productivity have led to inefficiencies (see Figure 1); and
- Incomplete learning data results in a lack of a comprehensive picture of IRCC learning investments and makes IRCC vulnerable to gaps in reporting requirements and audits
This activity replaces IRCC’s current learning data management tools with a centralized Cloud-based Learning Management System.
A Privacy Impact Assessment (PIA) is required as the Cloud-based Learning Management System and its associated database represents a substantial modification to existing learning processes and activities where: new learning data and existing learning data (i.e. registration, completion) related to IRCC’s mandatory learning is stored in a single system; an IRCC employee’s personal information is used to support the provision of learning within IRCC; data is used to validate that an employee was the actual person participating in and completing the learning.
Personal Information Banks
Summary of Risk Identification and Categorization
Below is the risk identification and categorization table corresponding to this initiative.
| a) Type of program or activity | Risk scale |
|---|---|
| Program or activity that does NOT involve a decision about an identifiable individual | Checkbox: checked☒ 1 |
| Administration of program or activity and services | Checkbox: unchecked☐ 2 |
| Compliance or regulatory investigations and enforcement | Checkbox: unchecked☐ 3 |
| Criminal investigation and enforcement or national security | Checkbox: unchecked☐ 4 |
| b) Type of personal information involved and context | Risk scale |
|---|---|
| Only personal information, with no contextual sensitivities, collected directly from the individual or provided with the individual's consent for disclosure under an authorized program | Checkbox: unchecked☐ 1 |
| Personal information, with no contextual sensitivities after the collection, is provided by the individual with consent to use personal information held by another source | Checkbox: checked☒ 2 |
| Social Insurance Number, medical, financial, or other sensitive personal information or the context surrounding the personal information is sensitive; personal information of minors, a legally incompetent individuals or involving a representative acting on behalf of the individual | Checkbox: unchecked☐ 3 |
| Sensitive personal information, including detailed profiles, allegations or suspicions, bodily samples, or the context surrounding the personal information, is particularly sensitive | Checkbox: unchecked☐ 4 |
| c) Program or activity partners and private sector involvement | Risk scale |
|---|---|
| Within the institution (among one or more programs within the same institution) | Checkbox: checked☒ 1 |
| With other government institutions | Checkbox: unchecked☐ 2 |
| With other institutions or a combination of federal, provincial, territorial, and municipal governments | Checkbox: unchecked☐ 3 |
| Private sector organizations, international organizations or foreign governments | Checkbox: unchecked☐ 4 |
| d) Duration of the program or activity | Risk scale |
|---|---|
| One-time program or activity | Checkbox: unchecked☐ 1 |
| Short–term program or activity | Checkbox: unchecked☐ 2 |
| Long-term program or activity | Checkbox: checked☒ 3 |
| e) Program population | Risk scale |
|---|---|
| The program's use of personal information for internal administrative purposes affects certain employees | Checkbox: unchecked☐ 1 |
| The program's use of personal information for internal administrative purposes affects all employees | Checkbox: checked☒ 2 |
| The program's use of personal information for external administrative purposes affects specific individuals | Checkbox: unchecked☐ 3 |
| The program's use of personal information for external administrative purposes affects all individuals | Checkbox: unchecked☐ 4 |
| f) Technology and privacy (A YES response indicates the potential for privacy concerns and risks, which will require consideration and, if necessary, mitigation). | Risk scale |
|---|---|
Does the new or substantially modified program or activity involve implementing a new electronic system or using an emerging technology to support the program or activity in creating, collecting, or handling personal information? The project is implementing a Cloud based SaaS Learning Management System, a tool which will allow IRCC employees to take learning, such as mandatory training, and this system will support the process of all learning at IRCC. The tool will maintain a historical record of learning and basic employee data (Name, Email address, Manager and workplace city location) |
Checkbox: checked☒ Yes Checkbox: unchecked☐ No |
| Does the new or substantially modified program or activity require any modifications to information technology (IT) legacy systems? | Checkbox: unchecked☐ Yes Checkbox: checked☒ No |
Specific technological issues and privacy Does the new or substantially modified program or activity involve the implementation of new technologies or one or more of the following activities?
|
Checkbox: unchecked☐ Yes Checkbox: checked☒ No |
| g) Personal information transmission | Risk scale |
|---|---|
| The personal information is used within a closed system (i.e., no connections to the Internet, Intranet, or any other system, and the circulation of hardcopy documents is controlled) | Checkbox: unchecked☐ 1 |
| The personal information is used in a system with connections to at least one other system | Checkbox: unchecked☐ 2 |
| The personal information is transferred to a portable device (i.e., USB key, diskette, laptop computer), transferred to a different medium, or printed | Checkbox: unchecked☐ 3 |
| The personal information is transmitted using wireless technologies | Checkbox: checked☒ 4 |
Summary of Risks and Mitigation Strategies
This PIA addresses the following 4 risks and provides the mitigation strategies.
Risk 1
Where the LMS system will be accessed by IRCC employees across Canada and around the world, there is a risk that personal information, accessed when outside Canada is more vulnerable to cyber-security threats (e.g. hacking resulting in a security and data breach of the system).
Mitigation
To address this risk the contract contains provisions stipulating that the data centres and servers must remain in Canada, and therefore, outside the jurisdiction of foreign governments and legislation. This ensures that all data remain under the protection of the Privacy Act of Canada. Additionally, the contract requires all data whether at rest or in motion is restricted to Secure Socket Layer (SSL) communication and at least 128-bit encryption, and that all data flowing in and out of the environment is subjected to deep-packet inspection by Saba firewalls and Intrusion Detection Systems (IDS). Furthermore, all IRCC employees and Learning administrators are provided with training in the protection and handling of departmental information (IT-security Awareness) and must adhere to Network Use and Remote Access policies of the Department.
Risk 2
Learning Administrators who are involved in the management and /or delivery of learning in the LMS could add personal information as part the training materials or during the training sessions (e.g using a real immigration application as part of the training).
Mitigation
To address this risk, Business owners will be required to verify and sign-off that the course content being placed in the LMS does not contain any real or personal information. In addition, as part of the mandatory training Administrators are required to take prior to being granted the administrator role, information will be provided in the training package that informs all administrators of the requirements to only include fake data in the LMS and during training sessions.
Risk 3
There is a risk that ongoing or future LMS system changes will be implemented and made available for use prior to conducting a review of any impacts or required modifications to the LMS Privacy Impact Assessment.
Mitigation
To address this risk, details will be included in LMS System Administrators operational guidelines documentation and processes, the requirement to consult with IRCC’s Privacy and Program Management Division on any system functionality change or enhancement prior to the change being implemented, in order to identify potential changes to the LMS Privacy Impact Assessment.
Risk 4
There is a risk that individuals who have received approval for the Learning Administrator role in the LMS may retain that privileged access to data contained the system if they leave the department, change positions, or if their position no longer requires them to perform the functions.
Mitigation
To address this risk, the LMS team will run bi-monthly reports on the IRCC employees assigned Learning Administrator privileges and validate with the employee and their manager if the administrator role is still required. In addition, the LMS team will obtain bi-monthly reports from Active Directory in order to cross reference the list of employees in Active Directory against the employees in the LMS who have administrative privileges. Employees not in Active directory but who are in the LMS will be removed from the system as they will have left the department.
Conclusion
The risks identified have been categorized as low and the mitigation strategies have been implemented or remain ongoing throughout the continuation of the program.
Page details
- Date modified: