The Government of Canada came out with something interesting this week on the privacy front. No, the Office of the Privacy Commissioner of Canada didn't release a big report of findings garnering headlines. This time it was Treasury Board of Canada Secretariat. Those of you in government already know the role this central agency plays in creating policies and directives that all the other federal government departments are supposed to follow. This includes rules to ensure departments meet their Privacy Act obligations. The challenge over the years has been that it’s not always clear or easy to find, understand or navigate all the rules — especially if you’re not a privacy expert.
Well, this week, TBS did something to help improve the situation. They’ve unveiled a new tool called the Digital Privacy Playbook and everyone should check it out. It is geared primarily toward program folks who may not be sure what to do about privacy when they’ve got a new or modified initiative, but I think it has the potential to be useful for anyone in government whose work involves personal information.
Admittedly, I haven’t done a deep dive yet, but from what I can see it looks like a pretty user-friendly one-stop shop that shows the key steps and pulls together the main pieces of guidance they’ve developed. I think this is something that will help Access to Information and Privacy Online Request directors and chief privacy officers educate their colleagues and to help bake privacy in at the start of projects, so let’s help spread the word about this.
Another thing I want to draw your attention to is that this same group recently issued a notice on the use of deidentification which it recognizes is a privacy-enhancing technology. It’s quite high-level, but the document is a good start for helping people understand there are different options out there to use and protect data. It sounds like they’re doing more work in this area, so stay tuned.
I’m glad for some modern and relevant things coming out of TBS to help departments grapple with the privacy issues they face, day-in-day-out, rather than having to rely too much on what we learn when things go wrong and an investigation is made public.
Anyway, I’m really looking forward to Symposium — our biggest one yet — and having a chance to connect with such a great cross section of colleagues from the public and the private sectors, and hearing what other cool things everyone is up to. See you soon!