ARCHIVED - Assistant Deputy Minister (ADM) Business Support System: ADM Talent Management Tool and Related Database

This page has been archived.

Privacy Impact Assessment Summary

Purpose

This Privacy Impact Assessment summary highlights key points that show how privacy considerations have been factored into the design, development and implementation of ADM Talent Management and related database system.

About ADM Talent Management

ADM Talent Management (ADM TM) aims to better support and develop a cadre of ADMs through a robust talent management strategy for the purposes of collective management of ADMs. Collective management is based on the assumption that ADMs and ADM equivalents are a corporate resource for the Public Service that should be managed corporately.

The personal information collected includes information such as education and leadership development, breadth of experience and skills set, career interests, willingness and readiness to move to another position or take on additional corporate responsibilities, succession issues such as proximity to retirement, learning and development needs. It is stored in a secure talent management database at the Treasury Board Secretariat's Office of the Chief Human Resources Officer's (OCHRO), [formerly known as the Canada Public Service Agency (CPSA)].

The personal information is collected for the purpose of managing executive talent through activities such as succession management. It helps identify talent gaps and strategies to address them; learning and development needs of the ADM community and critical position that must be filled in a timely manner to avoid creating vulnerabilities to the Public Services. The information may be shared with the Clerk of the Privy Council's Committee of Senior Officials (COSO) in the context of ADM collective management for the above-mentioned purposes as a means of ensuring the necessary succession planning and renewal of the leadership cadre of the federal public service. The information may also be used by Deputy Heads for the purposes of managing ADM talent within their organizations.

Getting the Right Information at the Right Time

An enabling tool in the form of a questionnaire and a related framework, allows Deputy Heads and ADMs to have an annual, open discussion about career plans, performance, potential and learning and development needs, all within the context of the evolving needs of their organization and the Public Service as a whole.

Protecting Personal Privacy

As a central agency overseeing the collective management of ADMs, CPSA conducted a Privacy Impact Assessment (PIA) with respect to ADM TM in early 2008 to evaluate whether the related collection, use or disclosure of personal information comply with privacy requirements and to resolve or mitigate privacy issues that may arise. The Office of the Privacy Commissioner (OPC) reviewed the PIA and is satisfied that the privacy risks have been or are in the process of being addressed. OCHRO (formerly CPSA) has since informed the OPC of the privacy measures to be implemented in response to the OPC's recommendations and these measures are well under way.

Safeguarding Personal Privacy

Personal information of ADMs is protected under the provisions of the Privacy Act and the Access to Information Act of Canada. System security was considered acceptable based on the Threat and Risk Assessment that was conducted. The following safeguards are in place in order to mitigate possible privacy risks (Deputy Heads are responsible for handling the personal information within their organization):

• access to personal information is strictly limited to those few individuals who need to know;
• internal procedures have been implemented with respect to security, information management and privacy measures, and are supplemented by awareness sessions;
• security access controls, an audit function and a monitoring mechanism to review the handling, use and sharing of ADM TM personal information are being refined;
• an updated version of the existing ADM Business Support Personal Information Bank has been registered with the Treasury Board Secretariat for publication in Info Source;
• the collection of personal information has been limited to what is necessary for ADM TM;
• personal information related to ADM TM will be retained for 10 years after the last administrative action and will then be destroyed;
• due diligence is exercised when sharing personal information of ADMs with COSO to ensure it is strictly limited to use for the purposes of ADM TM in the context of collective management.