Registered Disability Savings Plan v2.0

Legislative Policy and Regulatory Affairs Branch
Registered Plans Directorate

On this page

• Overview & Privacy Impact Assessment Initiation (PIA)
• Summary of the project, initiative or change
• Risk identification and categorization

Overview & Privacy Impact Assessment (PIA) Initiation 

Government institution

Canada Revenue Agency

Government official responsible for the PIA

Stéphane Charette
Director General
Registered Plans Directorate

Head of the government institution or Delegate for section 10 of the Privacy Act

Lia Jackson
Director
Access to Information and Privacy Directorate

Name of program or activity of the government institution

Registered Plans

Standard or institution specific class of record:

Registered Deferred Income and Savings Plans
CRA LPRAB 117

Standard or institution specific personal information bank:

Registered Deferred Income and Savings Plans
CRA PPU 226
TBS Registration Number: 20090532

Legal authority for program or activity

Sections 146.4 and 160.21 and Part XI.01 of the Income Tax Act as authorized by the Budget and Economic Statement Implementation Act, 2007, provides the legislative authority for Canada Revenue Agency's Registered Disability Savings Plan Program to operate under the Canada Disability Savings Program.

Section 61 of the Canada Revenue Agency Act provides the legislative authority for the Canada Revenue Agency (CRA) to enter into contracts, agreements, and arrangements with governments, organizations, and other agencies.

Summary of the project, initiative or change

Overview of the Program or Activity

The Registered Disability Savings Plan Program started in December 2008 as authorized by the Budget and Economic Statement Act, 2007. The registered disability savings plan legislation is found in the Income Tax Act. The registered disability savings plan rules in the Income Tax Act received Royal Assent on December 14, 2007 and came into force on December 1, 2008.

The Registered Disability Savings Plan Program is part of the federal government’s Canada Disability Savings Program. The Canada Disability Savings Program consists of two parts, the Registered Disability Savings Plan Program (administered by the Canada Revenue Agency), and the Canada Disability Savings Grant and Bond Incentives Program (administered by Employment and Social Development Canada). This privacy impact assessment focuses solely on the Registered Disability Savings Plan Program.

The Registered Disability Savings Plan Program is responsible for ensuring the requirements of the Income Tax Act are met with respect to the registration and monitoring of the registered disability savings plans. The Registered Disability Savings Plan Program also creates administrative policies (i.e., creating prescribed information and prescribed form for registering disability savings plans and creating guidelines for waivers and plan election processes after a plan is registered). Financial institutions are responsible for opening registered disability savings plans with their clients and ensuring that these plans are administered in accordance with all registered disability savings plan legislation and policies.

The purpose of the registered disability savings plan is to help parents and others save for the long-term financial security of persons with severe and prolonged disabilities.

An eligible person or organization can open a registered disability savings plan with a participating financial institution for the benefit of a beneficiary. An eligible person can be a beneficiary or an entity who is legally authorized to act on behalf of a beneficiary. A person is eligible to become a beneficiary if they are a Canadian resident, have a valid social insurance number, and are eligible for the disability tax credit in the year their registered disability savings plan is opened.

Registering a disability savings plan

Financial institutions use their own application form, approved by the Registered Disability Savings Plan Program, to open registered disability savings plans for their clients. These institutions use the application forms to collect all of the required personal information that the Registered Disability Savings Plan Program needs on the person opening the registered disability savings plan, and the beneficiary. In cases where the beneficiary is a child, the institution uses the form to collect personal information on the child’s primary caregiver. The Registered Disability Savings Plan Program uses this personal information to confirm that all entities opening and participating in the registered disability savings plan meet the legislated eligibility factors for participating in a registered disability savings plan.

After a financial institution opens a registered disability savings plan with their client, they send the personal information collected from the application form to Public Services and Procurement Canada through a secure network information exchange. Public Services and Procurement Canada’s only role is to unencrypt the electronic file that the institution sends to the Canada Disability Savings Program. This government department does not access any personal information that has been provided. The Canada Disability Savings Grant and Bond Incentives Program at Employment and Social Development Canada then downloads the information into their secure database.

Both the Registered Disability Savings Plan Program and the Canada Disability Savings Grant and Bond Incentives Program require financial institutions to collect and send personal information to them. Employment and Social Development Canada had a secure electronic information exchange set up with financial institutions before the federal government implemented the Canada Disability Savings Program. Both the Canada Revenue Agency and Employment and Social Development Canada, the two federal participants in the Canada Disability Savings Program, agreed that using the same secure electronic information exchange would be prudent.

Once the information is downloaded by the Canada Disability Savings Grant and Bond Incentives Program system (at Employment and Social Development Canada), the personal information for the Registered Disability Savings Plan Program goes through an automated validation process. The information is automatically sent by the Canada Disability Savings Grant and Bond Incentives Program system to the Social Insurance Registry system (within Employment and Social Development Canada) to validate the social insurance numbers. At the same time, the Canada Disability Savings Grant and Bond Incentives Program system automatically sends all personal information to the Registered Disability Savings Plan Program’s system to populate that database. Once all social insurance numbers are validated, the Canada Disability Savings Grant and Bond Incentives Program’s system then automatically sends the information to a Canada Revenue Agency system, where eligibility for the disability tax credit, and residency is confirmed. The Canada Disability Savings Grant and Bond Incentives Program’s system also automatically sends the social insurance number validation update to the Registered Disability Savings Plan Program’s system to populate that database.

Once the Canada Disability Savings Grant and Bond Incentives Program system receives the update that all personal information has passed the automatic validation process by both the Social Insurance Registry and the Canada Revenue Agency’s systems, the Canada Disability Savings Grant and Bond Incentives Program’s system automatically updates the plan’s status in that database to show that the plan is registered. The system then automatically sends an update to both the Registered Disability Savings Plan Program’s system and to the financial institution to update the respective databases with the fact that the Registered Disability Savings Plan Program has confirmed registration of the plan and the plan’s status has been changed to registered. Although it is the Canada Disability Savings Grant and Bond Incentives Program system that confirms registration, all validations and confirmations are based on the requirements of the Registered Disability Savings Plan Program and the legislation the program is required to administer.

A registered disability savings plan consists of three main elements:

• Contributions from individuals with the consent of the plan holder – Contributions are limited to a lifetime maximum of $200,000. Contributions are permitted until the end of the year in which the beneficiary reaches 59 years of age
• Amounts paid into the plan from the Canada Disability Savings Grant Program (grants) – Grants are paid at matching rates of 100%, 200% or 300% up to a maximum lifetime grant limit of $70,000
• Amounts paid into the plan from the Canada Disability Savings Bond Program (bonds) – Bonds of up to $1,000 per year are provided to registered disability savings plans established by low- and modest-income families, up to a maximum lifetime bond limit of $20,000, and do not depend on contributions

All contributions, grants, bonds, and investment earnings grow tax-free while they are in a registered disability savings plan. These amounts (excluding contributions) are included in the beneficiary’s income for tax purposes when withdrawn.

Monitoring registered disability savings plans

After a registered disability savings plan is registered, there are several legislated rules that all persons and organizations participating in the plan must follow. If these rules are not met, the legislation considers the plan to be deregistered. When a plan is deregistered, all monies in the plan can no longer be tax-sheltered. In order for the Registered Disability Savings Plan Program to make sure that the legislated rules are followed, financial institutions send any new financial and personal information to the Registered Disability Savings Plan Program through the secure electronic information exchange network.

Audit plans and risk assessment strategies are developed to identify high-risk files to support both desk and field audits and deal with non-compliance issues. Technical assistance is provided to external clients to help them understand and meet their obligations under the Income Tax Act and Regulations. And that assistance addresses new and emerging trends and schemes relating to anti-avoidance.

From time to time the Registered Disability Savings Plan Program receives requests from the media, the Department of Finance Canada, and Employment and Social Development Canada for anonymized statistical data from the Registered Disability Savings Plan Program. Personal information collected for the program is used to compile the anonymized statistics for these clients. 

What’s New

The Registered Disability Savings Plan Program has been operating for 15 years. The program needs to make sure that the rules in section 146.4 of the Income Tax Act are followed in a timely manner. So the program needs to disclose certain personal information, which the CRA has on file, to the financial institutions that administer registered disability savings plans, as follows:

• Date of death – As per subparagraph 146.4(4)(p)(i) of the Act, the financial institution for a registered disability savings plan must end a beneficiary’s registered disability savings plan by the end of the calendar year that follows the year of the beneficiary’s death. Currently, the financial institution for a registered disability savings plan only receives the date of death when the executor of the beneficiary’s estate contacts the institution. In many cases, that is not until after the time required by the Act. So the program will provide the date of death to financial institutions in a timely manner.
• Residency status – As per subparagraph 146.4(4)(g)(ii) of the Act, a beneficiary must be resident in Canada for tax purposes in order for the holder to make a contribution to the beneficiary’s registered disability savings plan. The financial institution for a plan does not know the beneficiary’s residency status unless the CRA provides it to them.
• Disability tax credit information (status, effective date, and expiry date) – The main eligibility criteria for being a registered disability savings plan beneficiary is to be eligible for the disability tax credit. If a beneficiary loses their disability tax credit eligibility, contributions must stop at once. Currently, the Registered Disability Savings Plan Program provides financial institutions with a beneficiary’s disability tax credit status through the program’s automated electronic data exchange system. Due to timing issues on when information is sent through the secure information exchange network, this information may be months old by the time a financial institution receives it. In many cases, an institution needs the up-to-date status, effective dates and expiry dates in order to fulfill their obligations in administering a registered disability savings plan. The Registered Disability Savings Plan Program will provide the status, effective dates and expiry dates to a financial institution on an ad hoc basis when they contact us for the most current information.
• Primary caregiver information – If the beneficiary of a registered disability savings plan is a child, their disability tax credit information is filed in the primary caregiver’s tax file. In certain cases, the primary caregiver is not the individual who opened the plan. In these cases, the primary caregiver is required to provide their personal information by filling out the primary caregiver section of the financial institution’s application form. The primary caregiver may make a mistake in their information when filling out the form, or the person filling out the form may not be on the CRA’s file as the primary caregiver. In either case, the automated validation process will not locate the primary caregiver’s file in the system and the automated validation system will not confirm the beneficiary’s eligibility for the disability tax credit. The Registered Disability Savings Plan Program will work with financial institutions using CRA information to correct mistakes on plan application forms.

The Registered Disability Savings Plan Program will disclose the foregoing four types of personal information to financial institutions on a case-by-case basis: by secure mail, encrypted fax, cell phone and, in some cases, landline telephone.

The Registered Disability Savings Plan Program participates in the Digital Mailroom Project (a separate privacy protocol assessment was done for this project in 2021). All enquiries and requests received by mail are digitized into the Document Management Portal. That portal is an electronic document and records management system hosted by a managed service provider for storing incoming taxpayer correspondence and managing information in a standard format.

Scope of the Privacy Impact Assessment

This privacy impact assessment will focus on the administration of the Registered Disability Savings Plan Program. As such, it will identify privacy risks, develop correlating mitigation strategies, and provide a solid foundation of expected privacy practices in this initiative. The scope is limited to an analysis of the collection, use, retention, and disclosure of personal information for the purpose of registering and administering registered disability savings plans.

This assessment complements the privacy impact assessment on the Canada Disability Savings Program: Administration of Canada Disability Savings Grants and Bonds (December 2016) prepared by Employment and Social Development Canada.

The business processes of other organizations and other CRA programs which support the Registered Disability Savings Plan Program fall outside the scope of this privacy impact assessment. For example, not included is the CRA program that administers registered disability savings plan withholding tax rules, as found in subsections 103.1(1), 104(2), 202(2), and 204(3) of the Income Tax Regulations.

Risk identification and categorization

A) Type of program or activity

Compliance/Regulatory investigations and enforcement

Level of risk to privacy: 3

Details:

The administration of the Registered Disability Savings Plan Program requires the collection of personal information from a taxpayer opening a plan. The taxpayer gives the financial institution for the plan their personal information, as well as personal information for the plan beneficiary (if different from the person opening the plan). If the beneficiary is a child, the primary caregiver (if different than the person opening the plan) gives the financial institution their personal information. The financial institution sends this information to the federal government through a secure network. The information is used to determine if the taxpayer is eligible to open the plan and if the beneficiary is eligible to have a registered disability savings plan.

Once a registered disability savings plan is opened by a financial institution, the institution sends the personal information collected on the registered disability savings plan application form to the Registered Disability Savings Plan Program through a secure electronic network. The information is used to make sure that the plan meets the conditions in section 146.4 of the Income Tax Act. Personal information will be disclosed to the financial institution in order to make sure registration, administration, and plan closure requirements are met.

If a taxpayer (beneficiary or person who opened the plan) or the financial institution administering the plan wants to discuss a plan with us, we will collect personal information from them in order to retrieve information about the plan from our files. We may disclose personal information to them in resolving an issue.

Audits of registered disability savings plans will be done to ensure compliance with sections 146.4 and 160.21 and Part XI.01 of the Act. This requires access to personal information from the CRA's system and from financial institutions.

B) Type of personal information involved and context

Social insurance number, medical, financial or other sensitive personal information and/or the context surrounding the personal information is sensitive. Personal information of minors or incompetent individuals or involving a representative acting on behalf of the individual. 

Level of risk to privacy: 3

Details:

The Registered Disability Savings Plan Program collects and discloses personal information to register and administer disability savings plans. When the information collected about a registered disability savings plan is looked at together, it reveals information about a person's identity, health, and finances.

In most cases, due to the nature of the program, we receive personal information about minors and persons with disabilities.

C) Program or activity partners and private sector involvement

Private sector organizations or international organizations or foreign governments

Level of risk to privacy: 4

Details:

The Registered Disability Savings Plan Program shares personal information with financial institutions, other federal agencies and departments (as outlined in written collaborative agreements) and with various CRA programs.

The information shared is validated to make sure that registered disability savings plans are administered according to the Income Tax Act, including if beneficiaries meet eligibility requirements, contribution rules, and withdrawal rules.

Data is cross-referenced between programs on a need-to-know basis for program administration, audit and compliance purposes.

Paper documents containing personal information are stored for a specified period of time by a third-party in the private sector that contracts with the CRA.

D) Duration of the program or activity

Long-term program 

Level of risk to privacy: 3

Details:

The Registered Disability Savings Plan Program is a long-term, savings plan program for people with severe disabilities. There is no clear sunset time frame for this program.

E) Program population

The program affects certain individuals for external administrative purposes.

Level of risk to privacy: 3

Details:

The Registered Disability Savings Plan Program is for people who are eligible for the disability tax credit. Not everyone who is eligible participates in the program.

Other taxpayers may become involved in the program if they choose to open a registered disability savings plan for a person (beneficiary) who is eligible for the disability tax credit. The program may affect these taxpayers as they are responsible for paying a tax under Part XI.01 of the Income Tax Act in certain cases.

The primary caregiver of a child beneficiary (if different from the taxpayer opening the plan) must provide information on their identity to confirm the beneficiary's eligibility for the Registered Disability Savings Plan Program.

F) Technology & privacy

1. Does the new or modified program or activity involve the implementation of a new electronic system, software or application program including collaborative software (or groupware) that is implemented to support the program or activity in terms of the creation, collection or handling of personal information?

   Risk to privacy: No

2. Does the new or modified program or activity require any modifications to IT legacy systems and/or services?

   Risk to privacy: No

3. Does the new or modified program or activity involve the implementation of one or more of the following technologies?

   Enhanced identification methods - this includes biometric technology (i.e. facial recognition, gait analysis, iris scan, fingerprint analysis, voice print, radio frequency identification (RFID), etc.) as well as easy pass technology, new identification cards including magnetic stripe cards, "smart cards" (i.e. identification cards that are embedded with either an antenna or a contact pad that is connected to a microprocessor and a memory chip or only a memory chip with non-programmable logic).

   Risk to privacy: No

   Use of Surveillance - this includes surveillance technologies such as audio/video recording devices, thermal imaging, recognition devices, RFID, surreptitious surveillance/interception, computer aided monitoring including audit trails, satellite surveillance etc.

   Risk to privacy: No

   Use of automated personal information analysis, personal information matching and knowledge discovery techniques - for the purposes of the Directive on PIA, government institutions are to identify those activities that involve the use of automated technology to analyze, create, compare, identify or extract personal information elements. Such activities would include personal information matching, record linkage, personal information mining, personal information comparison, knowledge discovery, information filtering or analysis. Such activities involve some form of artificial intelligence and/or machine learning to uncover knowledge (intelligence), trends/patterns or to predict behavior.

   Risk to privacy: Yes

G) Personal information transmission

The personal information is transmitted using wireless technologies.

Level of risk to privacy: 4

Details:

The majority of personal information transmissions for the Registered Disability Savings Plan Program happens electronically through secured government systems. The program's system automatically sends and receives personal information to/from the Canada Disability Savings Grant and Bond Incentives Program's system on at least a monthly basis. This is done through an automated process. The Registered Disability Savings Plan system also retrieves disability tax credit information from the CRA's database on a monthly basis.

Throughout the year there will be instances where the program must transfer personal information by telephone, mail, or encrypted fax. For example, if a financial institution has several registered disability savings plans that must close, the Registered Disability Savings Plan Program prints a list of the plans and mails/faxes it to the associated financial institution and requests that they close the associated plans. The Registered Disability Savings Plan Program may also have to communicate with a financial institution, on an ad-hoc basis, about a particular registered disability savings plan for a client where the date of death, disability tax credit status, effective date, expiry date, residency, or primary caregiver information, may be disclosed by telephone, mail or encrypted fax. Security requirements instructions are followed when transmitting and transporting protected information.

There are instances where the Registered Disability Savings Plan Program will need to discuss a specific registered disability savings plan with a financial institution, or with the Canada Disability Savings Grant and Bond Incentives Program because of an audit on that particular plan. The Registered Disability Savings Plan Program will share personal information, by telephone, mail or encrypted fax, with the Canada Disability Savings Grant and Bond Incentives Program, financial institutions, and taxpayers (registered disability savings plan holder/beneficiary) if any of these parties advises the Registered Disability Savings Plan Program of a non-compliance issue on a particular registered disability savings plan.

In most cases of telephone transmittal, the Registered Disability Savings Plan Program's employees use cell phones rather than landline telephones. An employee may discuss Protected A or Protected B personal information with a taxpayer or a financial institution on their cell phone. 

Requests received in writing are digitized and stored in the Document Management Portal for later access by CRA employees.

H) Potential risk that in the event of a privacy breach, there will be an impact on the individual or employee

Details:

Personal information collected by the Registered Disability Savings Plan Program is classified as Protected B. In the event of a privacy breach, there is a risk of financial loss (for example, identity theft or fraud, inconvenience due to changing financial arrangements) and impacts to health (for example, psychological impact, stress) to a beneficiary because their personal financial affairs may be compromised. A breach may also cause impact on an individual's reputation (for example, hurt, humiliation or embarrassment) because of sensitive medical information.