Question Period Note: PROTECTING THE PRIVACY OF CANADIANS

Back to search

About

Reference number:
CRA-2020-QP-00001
Date received:
Jan 28, 2020
Organization:
Canada Revenue Agency
Name of Minister:
Lebouthillier, Diane (Hon.)
Title of Minister:
Minister of National Revenue

Issue/Question:

What is the Minister doing to protect the personal information of Canadians?

Suggested Response:

• The Canada Revenue Agency (CRA) is one of the largest holders of personal information in the Government of Canada.
• Making sure this personal information is properly managed and protected is one of our top priorities.
• The mandate letter from the Prime Minister requires that I implement a client-based service model that protects Canadians’ privacy and improve the protection of taxpayer information against external and internal threats.
• We have policies and procedures in place to manage privacy breaches.
• I am proud to announce today a new privacy management framework that articulates our vision, our objective and our commitment to privacy, including how we handle and protect personal information to make sure we respect privacy.

Background:

On January 28, 2020, the Canada Revenue Agency (Agency) is joining organizations around the world in promoting Data Privacy Day, an international event that raises awareness about the protection and handling of personal information. In recognition of Data Privacy Day, the Agency has made public its Privacy Management Framework (PMF) to demonstrate its ongoing commitment to the protection of the personal information of Canadians.

Furthermore, the Agency’s response to Order Paper question Q-197 (MP Dean Allison – Niagara West) was tabled in Parliament on January 27, 2020, regarding privacy breaches across the Government.

The PMF reinforces the necessary precautions and steps that the Agency takes to protect personal information from external and insider threats.

A privacy breach involves improper or unauthorized collection, use, disclosure, retention and/or disposal of protected personal information including hard copies and electronic data.

The Agency follows the Treasury Board of Canada Secretariat (TBS) guidelines to determine which privacy breaches meet the threshold for notification to the Office of the Privacy Commissioner.

Additional Information:

Canada Revenue Agency’s Privacy Management Framework