Treasury Board Secretariat
The Treasury Board Secretariat is the government’s management board, with a mandate to guide and support government institutions in improving their administrative and managerial practices.
It is responsible for writing policies, directives and guidelines concerning the operation of the Privacy Act (Canada). It regularly issues Implementation Reports and Information Notices which address new policy requirements on emerging issues or new legislation. According to the Privacy Commissioner of Canada, Treasury Board policies and directives set a higher standard than that in the Privacy Act, and reflect modern privacy principles including individual rights to control the collection, use and disclosure of their personal information. (1)
The Treasury Board has developed many policy documents which are not binding on a court, but are mandatory for all government institutions listed in the Schedule to the Act and apply to public servants in their daily work.
Generally, the policy documents and guidelines are intended to assist staff but can be a useful reference for individuals in helping you understand how the procedures work and what you can expect from the Access to Information and Privacy coordinators you encounter.
The Chief Information Officer branch of the Treasury Board Secretariat is responsible for policy development, monitoring, management oversight, and development and capacity building initiatives in information management, information technology, identity management and security, and access to information and privacy. The privacy page of the Chief Information Officer Branch has many useful links to information available about privacy and access to information held by the government of Canada , including the following guidance documents, policies and directives:
- Policy on Privacy Protection
- Privacy Impact Assessment Policy
- Directive on the Use of Social Insurance Numbers
- Policy on Government Security
- Guidance Document: Taking Privacy Into Account Before Making Contracting Decisions
- Policy on Access to Information
The Treasury Board intends to issue the following Directives on April 1, 2009: Directive on Privacy Practices; Directive on Privacy Impact Assessments; Directive on Requests for Access and Correction of Personal Information.
The Treasury Board intends to issue the following guidelines by the end of 2009: Information Sharing Guidelines.
Identity Management, Authentication Projects and Interoperability
The Treasury Board takes what is called “a whole-of-government approach” to information management. This means that it encourages the joint use of information across federal institutions, the standardization of the sources of data and the re-use of identity information and technology to eliminate duplication and minimize costs, supported and promoted by government-wide policies, standards and directives. Interoperability is a key part of this “whole-of-government” vision.
Since 2002 the Treasury Board Secretariat has been participating in, or proposing, the development of an interoperable federal system for identifying and authenticating personal information. Since 2002 there have been approximately eight separate initiatives for establishing a national identity management framework. In November 2006, the Treasury Board Secretariat and representatives from Service Canada and the provinces and territories established the Inter-jurisdictional Identity Management and Authentication Task Force to develop a national identity management and authentication framework, governance structure, funding model and action plan for implementation.
Draft directives on identity and identity management governance have since been developed and approval is expected within the next year. (2)