Annual Report - Privacy Act
April 1, 2018 – March 31, 2019

Introduction

This report is prepared in accordance with section 72 of the Privacy Act and is tabled in Parliament by the Minister of Health in accordance with the aforementioned section. It describes how the Canadian Institutes of Health Research fulfilled its responsibilities under the Act during the fiscal year beginning April 1, 2018 and ending March 31, 2019.

The Privacy Act provides citizens with the legislated right to access personal information held by the government, subject to certain limitations and specific exemptions, and protection of that information against unauthorized use and disclosure

The Canadian Institutes of Health Research (CIHR) was created in 2000 under the authority of the CIHR Act. The Canadian Institutes of Health Research (CIHR) is the Government of Canada’s health research investment agency. The mandate of CIHR as stated in the Act is:

To excel, according to internationally accepted standards of scientific excellence, in the creation of new knowledge and its translation into improved health for Canadians, more effective health services and products and a strengthened Canadian health care system.

CIHR is the largest funder of health research in Canada with a mission to create new scientific knowledge and to enable its translation into improved health, more effective health services and products, and a strengthened Canadian health care system. Composed of 13 “virtual” Institutes and three business portfolios, CIHR provides leadership and support to over 13,000 world-class researchers from all pillars of health research and from all regions of Canada.

Organizational Structure

CIHR is led by its President. Overall strategic directions are set by its Governing Council, which has a mandate to oversee the direction and management of the property, business and affairs of CIHR.

The Science Council (SC) is a management committee that develops, implements and reports on CIHR's research and knowledge translation strategy, in accordance with the CIHR Act and the overarching strategic directions set out by Governing Council. This includes recommending for approval by the President funding for all research and knowledge translation initiatives.

Day-to-day management of CIHR is led by the Senior Leadership Committee.

The Access to Information and Privacy (ATIP) Office, part of Governance and Government Affairs, administers the provisions of the Access to Information Act and the Privacy Act for the CIHR and is accountable to the President of CIHR. The ATIP Office, which is comprised of 1 ATIP Coordinator, is responsible for the following activities:

Delegation of Authority

The President of CIHR, as designated Head of CIHR under the Privacy Act, exercises powers entrusted to the position by the Act, such as exemptions and exclusions.

In accordance with his authority under Section 73, the President has designated the Executive Vice-President, the Director General, Governance and Government Affairs, the Access to Information and Privacy (ATIP) Coordinator and a Junior ATIP Officer to exercise any of his powers, duties or functions under the Act (See Appendix A - Delegation Order).

Highlights of the Statistical Report 2018-2019

  1. Formal Requests

    During the April 1, 2018 to March 31, 2019 reporting period, CIHR received six requests during this reporting period. One request was disclosed in full, three requests were disclosed in part and two requests resulted in no records. A total of 1,705 pages were processed and 862 pages were disclosed. (See Appendix B - Statistical Report). Since 2014-2015, CIHR has received thirteen formal requests. This year marks a significant increase in the number of requests received compared to zero requests in 2017-2018 and two requests in 2016-2017. All requests received in 2018-2019 were from one identified requestor.

    While CIHR receives only a small number of formal requests under the Act, it is worth noting that privacy issues permeate its programs and operations. This is not surprising given that CIHR collects and manages a great deal of personal information to adjudicate thousands of research grant and scholarship proposals, making merit-based awards based on peer review.

  2. Informal Requests

    In 2018-2019, it is estimated that CIHR responded to twenty fve informal requests. This is consistent with the volume of informal requests since 2014-2015, with an average of twenty two informal requests per year. All of the requests received during this reporting year came from employees related to the review of documents and interpretation of the Privacy Act. The ATIP Office is routinely asked to review corporate and project specific documents related to privacy issues prior to their release. These requests are not reflected in the statistical report in Appendix B.

  3. Requests for Correction of Personal Information

    During the 2018-2019 reporting period, CIHR received four requests for correction of personal information. All four of the requests received resulted in notations attached to the records and no corrections made.

  4. Consultations

    During the 2018-19 reporting period, the CIHR Access to Information and Privacy Office did not receive any consultation requests from external sources.

    CIHR managers and staff sought and obtained advice from the ATIP Coordinator on a regular basis of matters where there were privacy considerations in their programs or activities.

  5. Costs

    During 2018–19, the Access to Information and Privacy Office incurred $22,000 in salary costs to administer the Privacy Act. Owing to the difficulty of tracking all of the operational costs related to the administration of the Act, the costs and person year usage statistics are conservative estimates. Almost all costs are attributable to salary, and include fractions of the salaries of the directors, managers and employees who participated in work related to the Act.

Training Activities

No formal training activities were undertaken during this reporting period. The ATIP Office offers general and on demand training to all staff.

The ATIP Coordinator attended the ATIP Coordinator and Practitioner Community meetings hosted by the Treasury Board Secretariat throughout the fiscal year. As well, the Coordinator also participated in online professional communities on GC Connex. These communities provide valuable information on trends and best practices within the ATIP community, updates on recent complaints and court cases, and tools to help improve service standards within the field.

The ATIP Office plans to develop educational tools and deliver training sessions to CIHR staff.

Policies, Guidelines and Procedures

The CIHR did not implement any new access to information policies, guidelines and/or procedures during the reporting period and there were no significant revisions to current access to information policies, guidelines or procedures.

Complaints and Investigations

CIHR was not subject to any complaints or investigations during the reporting period.

Monitoring Compliance

The ATIP Office monitors the time to process requests and administer the Privacy Act through as-needed verbal status reports. Any issues of significant interest are discussed with the President on an as needed basis.

Material Privacy Breaches

No material privacy breaches occurred during the reporting period.

Privacy Impact Assessments

CIHR did not undertake any new Privacy Impact Assessments during the reporting period.

Public Interest Disclosures

CIHR did not make any public interest disclosures under paragraph 8(2)(m) of the Privacy Act during the reporting period.

Date modified: