Privacy Impact Assessment on Web- Based Staffing Tools
Title of the PIA
Privacy Impact Assessment on Web-based Staffing Tools
Government Institution
Infrastructure Canada (INFC)
Head of INFC or Delegate for Section 10 of the Privacy Act
Melanie Davis, Director, ATIP and Executive Correspondence
Senior Official or Executive for the New or Substantially Modified Program or Activity
Chantal Schryer, Director, HR Operations
Name and Description of the Program or Activity of the Government Institution
Staffing - Interview Phase of the Hiring Process
This activity involves the assessment and evaluation of candidates to fill job vacancies within Infrastructure Canada using interviews.
Legal Authority
Personal information is collected pursuant to the Public Service Employment Act, the Employment Equity Act, and the Canadian Human Rights Act (section 16).
Personal Information Bank
Short Description of the Project, Initiative or Change
Infrastructure Canada currently uses traditional methods for interviewing candidates during the assessment stage of the staffing process. Prior to COVID-19, the process consisted of interviewing the candidate in person, at a specified time and location. Consideration is being given to the utilization of web-based tools to assist managers in assessing and evaluating candidates at the interview phase of the staffing process in order to increase flexibility for managers and candidates through the use of modern technology. This technology consists of pre-recorded video interviewing and is expected to greatly reduce the amount of time required to complete the staffing process.
Risk Area Identification and Categorization
The following section contains risks identified in the PIA for the new or modified program. The numbered risk scale is presented in an ascending order: the first level (1) represents the lowest level of potential risk for the risk area; the fourth level (4) represents the highest level of potential risk for the given risk area.
Type of Program or Activity
Level of risk to privacy: Level 2
Administration of program/activity and services
Type of Personal Information Involved and Context
Level of risk to privacy: Level 3
Social Insurance Number, medical, financial or other sensitive personal information or the context surrounding the personal information is sensitive
Program or Activity Partners and Private Sector Involvement
Level of risk to privacy: Level 4
Private sector organizations
Duration of the Program or Activity
Level of risk to privacy: Level 2
Anticipated to be a short-term program or activity
Program Population
Level of risk to privacy: Level 3
The program affects certain individuals for external administrative purposes.
Technology and Privacy
Level of risk to privacy: Level 4
The program or activity involves implementation of new technologies and includes audio/video recordings.
Personal Information Transmission
Level of risk to privacy: Level 4
The personal information may be transmitted by candidates using wireless technologies.
Risk Impact to the Individual or Employee in the Event of a Privacy Breach
Level of risk to privacy: Level 3
Inconvenience, reputation harm, embarrassment, financial harm
Report a problem on this page
- Date modified: