---

Title of the PIA

Privacy Impact Assessment on Web-based Staffing Tools

Government Institution

Infrastructure Canada (INFC)

Head of INFC or Delegate for Section 10 of the Privacy Act

Melanie Davis, Director, ATIP and Executive Correspondence

Senior Official or Executive for the New or Substantially Modified Program or Activity

Chantal Schryer, Director, HR Operations

Name and Description of the Program or Activity of the Government Institution

Staffing - Interview Phase of the Hiring Process

This activity involves the assessment and evaluation of candidates to fill job vacancies within Infrastructure Canada using interviews.  

Legal Authority

Personal information is collected pursuant to the Public Service Employment Act, the Employment Equity Act, and the Canadian Human Rights Act (section 16).

Personal Information Bank

Staffing

Short Description of the Project, Initiative or Change

Infrastructure Canada currently uses traditional methods for interviewing candidates during the assessment stage of the staffing process. Prior to COVID-19, the process consisted of interviewing the candidate in person, at a specified time and location. Consideration is being given to the utilization of web-based tools to assist managers in assessing and evaluating candidates at the interview phase of the staffing process in order to increase flexibility for managers and candidates through the use of modern technology. This technology consists of pre-recorded video interviewing and is expected to greatly reduce the amount of time required to complete the staffing process.

Risk Area Identification and Categorization

The following section contains risks identified in the PIA for the new or modified program. The numbered risk scale is presented in an ascending order: the first level (1) represents the lowest level of potential risk for the risk area; the fourth level (4) represents the highest level of potential risk for the given risk area.

Type of Program or Activity

Level of risk to privacy: Level 2
Administration of program/activity and services

Type of Personal Information Involved and Context

Level of risk to privacy: Level 3
Social Insurance Number, medical, financial or other sensitive personal information or the context surrounding the personal information is sensitive

Program or Activity Partners and Private Sector Involvement

Level of risk to privacy: Level 4
Private sector organizations

Duration of the Program or Activity

Level of risk to privacy: Level 2
Anticipated to be a short-term program or activity

Program Population

Level of risk to privacy: Level 3
The program affects certain individuals for external administrative purposes.

Technology and Privacy

Level of risk to privacy: Level 4
The program or activity involves implementation of new technologies and includes audio/video recordings.

Personal Information Transmission

Level of risk to privacy: Level 4
The personal information may be transmitted by candidates using wireless technologies.

Risk Impact to the Individual or Employee in the Event of a Privacy Breach

Level of risk to privacy: Level 3
Inconvenience, reputation harm, embarrassment, financial harm