GCDOCS Privacy Impact Assessment Summary

The objective of the GCDOCS Privacy Impact Assessment (PIA) is to identify any privacy risks associated with the implementation of GCDOCS. The PIA will provide recommendations in the form of mitigation measures to reduce or eliminate these risks.

GCDOCS is the Government of Canada’s standard Electronic Document and Records Management Solution (EDRMS) and will be CIC’s single corporate repository, replacing Records, Documents and Information Management System (RDIMS) and shared drives. Although GCDOCS is similar in nature to its predecessor, RDIMS, by being considered an EDRMS, it also offers a number of collaborative functionalities.

GCDOCS is enabled through software called Content Server 10. This Commercial off the Shelf (COTS) tool replaces the Hummingbird DM or RDIMS software. The solution has two components; the first offers a web-based interface that is viewed through our internet browser. The second component is called “Enterprise Connect”; it is desktop software that allows users to access documents stored in RDIMS and provides active integration into the Microsoft Office Suite of tools.

The implementation of GCDOCS will be undertaken in a phased approach. Full implementation will be completed by October 2014. GCDOCS will support CIC’s effort to become compliant to the Treasury Board of Canada Secretariat (TBS) Directive on Recordkeeping. The long-term objective is for GCDOCS to be the only repository to manage unstructured information within CIC.

GCDOCS is a closed system to which only CIC employees have access. Access to GCDOCS is provided to the user once they enter their network Username and Password. Other authorized access may be permitted indirectly through a defined process (e.g., GCMS).

GCDOCS is an EDRMS that is being implemented to facilitate collaboration across the department and to allow users to create, save, share, find and protect the right information at the right time. In addition to collaboration, GCDOCS supports CIC’s Data Loss Prevention program by providing secure alternatives to USB keys which can be lost. GCDOCS also supports CIC’s retention and disposition schedules for electronic documents by managing information throughout its lifecycle, from creation to disposition which in turn strengthens the Information Management function at CIC.  Good control over documents will also lead to improvements in responding to Access to Information and Privacy requests, as well as our ability to manage litigation holds. Taken together, all these improvements contribute to improved information risk management while securing information as a corporate asset.

Program areas may store information of a personal nature up to and including Protected B in GCDOCS. However, it is the sole responsibility of the program area to ensure privacy provisions are adhered to as well as ensure proper access rights have been given or restricted.

Other than certain User Profile information that may be voluntarily provided by an authorized user of GCDOCS, the system does not collect data directly from individuals nor is the system responsible for the accuracy of this information. GCDOCS is however required to safeguard any unstructured information resources, including information of a personal nature, from creation through to disposition. Information resources collected within GCDOCS are administered in compliance with relevant policy instruments, such as, the Directive on Recordkeeping and the Policy on Information Management.

Risk Summary

In the process of performing a privacy impact analysis for the implementation of GCDOCS, some privacy issues have been identified – all of which have a low to medium risk level. This PIA is focused on the collection, accuracy, use, disclosure, retention and disposition of any personal information that may be stored in GCDOCS. Certain privacy risks were identified as well as mitigation strategies to address these risks.

The highest risk identified was that of accidentally compromising personal information in GCDOCS by relying on the user to restrict access to any folders that have a default of “See and See” or “read-only”. This default access is provided to groups once their folder structure, which is based on the Program Alignment Architecture (PAA), has been inputted into GCDOCS by a GCDOCS Functional Specialist.

Features