Research: Direct interviews with citizens, staff and via group sessions with ministry employees, onsite observation, call shadowing, and intercept interviews
Collection of personal information
26(c)(e)
Prototype and Testing: A facilitator leads research participants through a set of tasks to observe and understand how tasks are being completed with a prototyped solution.
Collection, Use
26(c)(e), 32(a)
Contact external agencies and organizations
Collect public business contact information
No personal information
Stipend: Participants will complete and sign a stipend receipt form (name, address, and signature) that they have received their incentive. Telephone participants will be emailed and asked to email back the same information in order to send the stipend and confirm receipt.
Collection of name/address for financial confirmation (see stipend receipt template) Use of personal information to issue stipend Public body responsible for administering the stipend
26(c)(e), 32(a), 33.1(1)(i.1)
Session notes are transcribed by research team. Information is de-identified on a best efforts basis then used for analysis.
Use of opinion information
32(a)
Follow up with the participant only if proof of receipt has not been received.
Use, Disclosure
32(a), 33.1(1)(i.1), 33.2(a)
Risk Mitigation Table
Risk
Mitigation Strategy
Likelihood
Impact
Employees could access personal information and use or disclose it for personal purposes
Oath of Employment Privacy Training
Low
High
Request may not actually be from client (i.e. their email address may be being used by someone else)
Implementation of confirmation procedures
Low
High
Inherent risks in sending personal information to a client via email
Policy developed to inform clients of risk and ask if they would like the information via a different medium, such as through mail
Medium
Medium
Collection of third party information
Moderation of policy for online public engagement Visible disclaimer before collection Staff training in privacy Participant Consent Form advises participants not to include personal information about another individual when being recorded (audio or visual). Public Engagement best practices in note taking