BLUEPRINT FOR THE FEDERATION OF IDENTITY MANAGEMENT

Size: px
Start display at page:

Download "BLUEPRINT FOR THE FEDERATION OF IDENTITY MANAGEMENT"

Transcription

1 BLUEPRINT FOR THE FEDERATION OF IDENTITY MANAGEMENT Identity Policy and Programs (IPP) June 7, Draft Page 1 of 29

2 TABLE OF CONTENTS BLUEPRINT FOR THE...4 Executive Summary...4 FEDERATION OF IDENTITY MANAGEMENT IdM FEDERATION BLUEPRINT PROFILE Context Forum to Share Best Practices IDM FEDERATION BLUEPRINT PROFILE Objectives Level of Integration Stakeholders and Beneficiaries Resources EXPECTED RESULTS Management Summary IdM Principles... 8 Consistency... 8 Security... 8 Transparency Monitoring, Evaluating and Auditing GOVERNANCE Identity Management Steering Committee (IMSC) Governance and Membership KEY CONSIDERATIONS AND DECISIONS Overall Complexity Benefits Key challenges ACTIVITY STREAMS OF THE BLUEPRINT...10 Blueprint Matrix BUSINESS NEEDS STREAM Legislative Authorities Privacy Authorities and Practices Security Practices Risk Assessment and Mitigation Strategies for IdM IdM Requirements for Multi-Channel Universe Trust Criteria Identified IdM for Client Needs and Multi-Channel Universe WORK PROCESS STREAM Alignment with Legal Authorities and Jurisprudence Privacy Impact Assessments for Multi-Channel Universe Security Practices Risk Assessment and Mitigation Strategies IdM Requirements for Multi-Channel Universe Trust Components for IdM Business Processes for Multi-Channel Universe to Support IdM for Client Needs INFORMATION (MANAGEMENT) STREAM...13 Identity Policy and Programs (IPP) June 7, Draft Page 2 of 29

3 3.3.1 Authorities in Place for IdM Information Management Practices Compliance to the Privacy Code Compliance with Security Practices Risk Mitigation Strategies for Assurance Standards on Identity Attributes Trust for Identity Attributes Client-Centric Information Management Practices ARCHITECTURE (DESIGN) STREAM Reference Model for Owners and Users of IdM Systems and Technologies Guidelines Management of Identity Attributes Guidelines for System Certification Design Guidelines for Risk Mitigation Standard Format for the Exchange of Identity Attributes Guidelines for Building Trust Components into Business Processes and Systems Design guidelines for Consistent Identity Treatment for Multi-Channel Universe SYSTEM APPLICATIONS (SUPPORT) STREAM Supporting Legal authorities Privacy Compliant Systems Guidelines for Secure Systems Applications IdM Testers and Users Systems Code Capture and Use of Identity Attributes Appropriate for Assurance Levels Testers and Users Code that support Trust Components Client-Centred Identity Life Cycle Guidelines BUILDING THE IdM FEDERATION Key Projects Key projects will inform on current situation of IdM: The Key project results will contribute to: Methodology Key Projects (to be completed by the organizations) Commitment to the IdM...17 Appendix A: Identity Management Questionnaire...19 Identity Policy and Programs (IPP) June 7, Draft Page 3 of 29

4 BLUEPRINT FOR THE FEDERATION OF IDENTITY MANAGEMENT Executive Summary Identity management (IdM) is about ensuring the integrity of identity information. It is about giving the right person/organization the right benefit/service, in the right amount, at the right time and for the intended purpose. The Blueprint for the of Identity Management is a guide to achieving an interoperable approach to identity management; working across channels, services and organizations to provide, within legislated parameters, timely access to integrated service delivery. It means setting an organization-wide framework and principles, standards, and tools to ensure the quality of identity management and integration across organizations who adhere to a federated approach to identity management. The Blueprint supports the recommendations of the Identity Management and Authentication Task Force (IATF) and the proposed solutions of Identity Management Steering Committee (IMSC) by consolidating elements such as legal, privacy, security, assurance, identity, trust and identity experience. The Blueprint will build upon activity streams to allow organizations to target their identity management activities across all aspects of their program management activities (including across multiple channels). Organizations will be asked to look at their business needs, their work processes, their information management practices, their program architecture design and their system applications to develop a foundation for a federated IdM. An IdM is a forum of like-minded organizations who manage the identity information of organizations and individuals established to allow information sharing, including the sharing of best practices on identity management. It is a forum for the development of a common understanding of identity management that will allow for the consistent treatment of identity across service channels, organizations and jurisdictions. Identity Policy and Programs (IPP) June 7, Draft Page 4 of 29

5 BLUEPRINT FOR THE FEDERATION OF IDENTITY MANAGEMENT 1. IdM FEDERATION BLUEPRINT PROFILE 1.1 Context Identity is the cornerstone to access services and to receive benefits. As a result, identity must be well-managed throughout the identity information life cycle; allowing for increased public confidence and trust in the government. Identity management (IdM) is about ensuring the integrity of identity information and is about giving the right person / organization the right benefit, in the right amount, at the right time and for the intended purpose. The Blueprint for the of Identity Management is a guide to achieving an interoperable approach to identity management; working across channels, services and organizations to provide, within legislated parameters, timely access to integrated service delivery. It means setting an organization-wide framework and principles, standards, and tools to ensure the quality of identity management and integration across organizations who adhere to a federated approach to identity management. 1.2 Forum to Share Best Practices An IdM is a forum of like-minded organizations who manage the identity information of organizations and individuals established to allow information sharing, including the sharing of best practices on identity management. It is a forum for the development of a common understanding of identity management that will allow for the consistent treatment of identity across service channels, organizations and jurisdictions. 2. IDM FEDERATION 2.1 BLUEPRINT PROFILE Objectives The objective of the Blueprint is to identify the steps necessary to achieve interoperable identity management and provide a consistent treatment of identity across multiple channels, services and organizations. It means that: The right person or organization, receives the right service or benefit for the right amount, at the right time, for the intended purpose; Privacy and security of the client s personal information is ensured; Organizational savings are realized; Strong performance, security and ethical culture are built. Identity Policy and Programs (IPP) June 7, Draft Page 5 of 29

6 2.1.2 Level of Integration The Blueprint supports the Pan-Canadian Strategy for Identity Management and Authentication as laid out by the Inter-Jurisdictional Identity Management and Authentication Task Force (IATF) 1. It will promote the consistent treatment of identity across services and channels which is replicable across multiple jurisdictions. The following principles will guide the development of the Blueprint for the of Identity Management 2 : Achieve consensus through accepted, mutually respected assurances (of credential or identity), risk levels, and accountabilities; Respect program accountability programs maintain the responsibility (and accountability) for ensuring they are dealing with the intended client in accordance with their mandate; Let the citizen decide clients are provided with choices regarding which identity credentials to use to access government services which are recognized throughout the federation; Enable interoperability provide direction to assist departments in implementing trusted identity management practices that support the sharing of assurances of credential or identity; and Promote a fair and competitive marketplace maintain neutrality with respect to technologies and solutions and allow multiple providers to be part of the federation. This allows for the possibility of choice and competition Stakeholders and Beneficiaries An organization can become a member of the IdM by making a commitment to follow the identity management principles and standards of the Resources Each member of the will be required to manage its identity management activities and tools by using its own resources in accordance with the s objectives and by demonstrating their compliance with the identity principles and standards of the. Resource allocation by members to the will be optional, with shared activities carried out through formalized agreements. 2.2 EXPECTED RESULTS In the short term, the Blueprint s vision and goals will be presented to the Identity Management Steering Committee (IMSC) and to all stakeholders who have been consulted. In the medium term, the goal is to achieve consistent identity processes across multiple service channels within particular organizations. In the long term, the expected 1 2 Federating Identity Management in the Government of Canada: Initiating the Dialogue, TBS Identity Policy and Programs (IPP) June 7, Draft Page 6 of 29

7 result is that trusted identity management practices exist across jurisdictions, amongst services, programs, and organizations Management Summary Each member will be required to attest to their capacity to federate by confirming their abilities to: Coordinate, manage and respond to the diverse information needs on identity management of the public. Raise privacy issues for, and during the design, implementation and evolution of programs and services. Manage the consequences in the event of harmful or damaging incidents arising from identity management risks, and to provide for adequate and timely compensation, restoration and recovery. Develop and implement common definitions and requirements that can be used by government departments operating in different jurisdictions and at different levels, and by commercial organizations that have relations with government. Develop and implement identity management frameworks, guidelines, procedures, etc. to ensure effective identity management practices by outlining requirements to support departments in the establishment, use and validation of identity. Develop and implement security and information management frameworks, guidelines, procedures, etc. to effectively manage security activities. Develop and implement a comprehensive and reliable base of evaluation methods/reports used to support identity management. Most of the requirements are already mandatory for many organizations and many are considered best practices. Membership in the provides the added value of improving internal management practices through the sharing of ideas and experiences. The methodology chosen by members for key projects in the Blueprint should be applicable across organizations and demonstrate an organizational capacity to integrate the identity management interoperability. The organization s strategic objectives for identity management should be aligned with the principles and standards of the. Identity Policy and Programs (IPP) June 7, Draft Page 7 of 29

8 2.2.2 IdM Principles Consistency A key enabler to achieving coherent identity management is the consistent treatment of identity across multiple service channels and organizations that supports the integrity of the delivery of benefits and services. A consistent approach means timely, seamless, and integrated identity management processes to ensure the quality of identity information collected by programs and services. Consistency means the use of common assurance levels and credential solutions to eliminate duplication and redundancy, maximizing investments and minimizing costs. Above all, a consistent approach means that, while individuals interact with many different services via different channels, their experience with the department remains consistent and their identity information remains secure. Privacy Respect for the privacy applies across the identity processes of registration, authentication and validation. Respecting privacy means limiting organization interventions into the private lives of clients to lawful and necessary purposes, and ensuring adequate protection of personal and organizational information in accordance with applicable legislation. Security Ensuring the confidentiality, integrity, and availability of identity information is essential for service delivery, preventing identity fraud and ensuring that our clients identity information is secure. Registration, authentication and validation of identity will be carried out with the appropriate controls for individual security screening, physical and IT security. Transparency Personal and organizational information is accessible to anyone who is authorized to have access, including those individuals and organizations exercising their rights to access identity information Monitoring, Evaluating and Auditing Organizations will be responsible for training their staff and monitoring adherence to the IdM principles within their services, in keeping with consistent identity management across channels, services and organizations. They will be responsible for ensuring that appropriate remedial action is taken to address any deficiencies within their services and to protect the integrity of identity data and processes. Each member should take an integrated approach in assessing all service channels; taking into consideration the privacy impact, security, assurance levels, identity information, trust levels and identity service experience to ensure compliance with the principles and standards of the. Current standards such as the Institute of Internal Audit (IIA), International Standards Organization (ISO), and Information Technology Infrastructure Library (ITIL) will be explored to ensure interoperability of the. Identity Policy and Programs (IPP) June 7, Draft Page 8 of 29

9 2.3 GOVERNANCE Identity Management Steering Committee (IMSC) The IMSC is mandated by the Federal, Provincial. and Territorial (FPT) Deputy Ministers Table on Service Delivery to explore ways to enhance identity management practices across jurisdictions; with a view to develop a federated approach to identity management. The Blueprint will support the recommendations of the IATF and the proposed solutions of IMSC by consolidating the IATF IdM Framework components such as legal, privacy, security, assurance, identity, trust and identity experience service Governance and Membership To remain relevant, the IdM will need to be responsive and open to the varied and changing needs of its members. The voluntary nature of the, along with its diverse membership and interests, will present unique and ongoing challenges requiring an effective governance and decision making structure representative of the breadth of its membership. 2.4 KEY CONSIDERATIONS AND DECISIONS Overall Complexity The interoperability of the will require coordinated communication amongst its members. Some may now rely on another party for identity claims; others will now rely on record retention practices and forensic techniques that must now span organizational boundaries. Failures of trust could proliferate across organizations and jurisdictions, making cross-over attacks possible 3. Addressing these issues will be key to ensuring that the exchange of identity information across different systems and networks is done with the trust and assurance necessary to enhance the integrity of benefits and the client experience. This will have to be achieved with clear legal authorities that incorporate issues related to cross border data flows Benefits A key benefit of particular value to members of an integrated will be the ability to pool and standardize identity management practices. It will reduce the misidentification of individuals, where errors can often lead to significant negative consequences for both individuals and organizations. That will contribute to increase the integrity of the identity management activities by reducing the rate of the identity fraud and enhancing the privacy protection that can be offered to individuals and businesses. The ability to leverage the will allow organizations to enhance their own internal security functions through the collective development and use of best practices and principles. The recruitment and sharing of scarce external human resource expertise and resources in identity management will further reduce costs and build a collective knowledge base from which the and its members can draw. 3 Federating Identity Management in the Government of Canada : Initiating the Dialogue, TBS Identity Policy and Programs (IPP) June 7, Draft Page 9 of 29

10 2.4.3 Key challenges To consolidate identity principles and standards, additional research will be required to build on current practices, identifying the strengths and weaknesses of existing standards, and making them applicable to an integrated federation. Each member will need to assess the standards and principles against their own requirements, and propose any additions or modifications necessary to reduce fraud and prevent identity errors. The development of an effective communication strategy and reporting tool for cases that require investigation or additional follow-up will be required. Individual member reports detailing these cases will need to be consolidated into a collective knowledge base, allowing federation members the opportunity to learn from the experiences of other members. The knowledge gleaned through shared reporting will be used to inform future enhancements to federation principles and standards, ensuring a raised benchmark for all federation members. Risk and privacy assesments which take into account all potential service channels will be required to ensure compliance is uniform across all channels. Currently, risk and privacy assessments for program services may not cover all service channels or be representative all the challenges faced. The issue of liability will need to be addressed before members agree to participate in a federation. With members responsible for their own individual actions, the onus will be on its members to advise the federation of evolving jurisprudence within their jurisdiction. The development of standardized liability sharing agreements will need to take these considerations into account. 3. ACTIVITY STREAMS OF THE BLUEPRINT The activity streams in the Blueprint have been designed to allow organizations to target their identity management activities across all aspects of their program management activities (including across the multi-channel universe). Organizations will be asked to look at their business needs, their work processes, their information management practices, their program architecture design and their systems applications. In each of these activities and across the multi-channel universe, organizations will be asked to evaluate how they are managing the different components of the IATF Identity Management Framework: legal, privacy, security, assurance, identity, trust and service experience. The results of these evaluations will be collected and shared with members of the, in order to gather best practices in all the activity streams, which can then be used as the basis for building the Identity Management. Identity Policy and Programs (IPP) June 7, Draft Page 10 of 29

11 Blueprint Matrix Identity Policy and Programs (IPP) June 7, Draft Page 11 of 29

12 Integrated Questionnaire for Identity Management (IdM) 3.1 BUSINESS NEEDS STREAM Legislative Authorities The authority to identify individuals/organizations that exists for the program or service Privacy Authorities and Practices The privacy arrangements in a jurisdiction that allow for the collection, use, disclosure and storage of identity information that is considered personal information Security Practices Existing security practices that allow the business needs of the program/service to be met Risk Assessment and Mitigation Strategies for IdM Existence of risk assessments for identity management, and a determination of the required level of assurance, and clear risk mitigation options IdM Requirements for Multi-Channel Universe The selection of identity attributes that can meet the different needs of specific service channels (mail, in-person, telephone, on-line) Trust Criteria Identified Key trust components of identity management (i.e. assurance between parties, use of appropriate credentials, transparency, and client trust) are in place for the program or service IdM for Client Needs and Multi-Channel Universe The business needs allow for the adoption of Identity Management practices that are adapted to client needs across multiple service channels. 3.2 WORK PROCESS STREAM Alignment with Legal Authorities and Jurisprudence The work processes of the program/service will be aligned to respect existing legal authorities and jurisprudence, while striving to achieve a greater degree of interoperability amongst jurisdictions. Questionnaire Page 12 of 29

13 Integrated Questionnaire for Identity Management (IdM) Privacy Impact Assessments for Multi-Channel Universe The program/service has completed a multi-channel Privacy Impact Assessment (PIA) of its work processes to ensure consistent treatment of identity across channels, services and organizations Security Practices The work processes of the program/service have been assessed and conform to security practices that protect the treatment of identity Risk Assessment and Mitigation Strategies The work processes of a program/service have undergone an identity risk assessment and are subject to mitigation strategies to ensure compliance with the Pan-Canadian Assurance Model IdM Requirements for Multi-Channel Universe The work processes of the program/service have consistent IdM requirements across service channels and, to the extent possible, common identity attributes will be collected for registration, authentication and validation. A clear linkage will be made between the assurance level for the program/service and the identity attributes used for registration, authentication, validation and storage Trust Components for IdM The work processes of the program/service will support the key components of trust of identity management: assurance between parties, use of appropriate credentials, transparency, and client trust Business Processes for Multi-Channel Universe to Support IdM for Client Needs The work processes for the program/service will support client-centric business processes across service channels. 3.3 INFORMATION (MANAGEMENT) STREAM Authorities in Place for IdM Information Management Practices Information management practices that support the program/service must comply with existing legislative authorities Compliance to the Privacy Code Information management practices that support the program/service must comply with existing privacy practices. Questionnaire Page 13 of 29

14 Integrated Questionnaire for Identity Management (IdM) Compliance with Security Practices Information management practices that support the program/service must comply with existing security practices Risk Mitigation Strategies for Assurance Information management practices that support the program/service will support the organizations risk mitigation strategies for assurance and seek to comply with the Pan- Canadian Assurance Model Standards on Identity Attributes Information management practices that support the program/service will use commonly accepted standards on the collection, use and sharing and management (modification, deletion, etc) of identity attributes Trust for Identity Attributes Information management practices that support the program/service will support the key components of trust of identity management: assurance between parties, use of appropriate credentials, transparency, and client trust Client-Centric Information Management Practices Information management practices that support the program/service will support clientcentric service delivery. 3.4 ARCHITECTURE (DESIGN) STREAM Reference Model for Owners and Users of IdM Systems and Technologies The reference model for business processes and supporting system complies with the legislative authorities for a particular program/service Guidelines Management of Identity Attributes The reference model for business processes and supporting system complies with the privacy arrangements in the jurisdiction Guidelines for System Certification The systems that support your program have been certified to meet the security requirements of the jurisdiction. Questionnaire Page 14 of 29

15 Integrated Questionnaire for Identity Management (IdM) Design Guidelines for Risk Mitigation The reference model includes guidelines to ensure the design of business processes and systems meets the needs of the assurance level of the program/service Standard Format for the Exchange of Identity Attributes The reference model includes the requirement of a standard format for the use, transmission and exchange of identity attributes Guidelines for Building Trust Components into Business Processes and Systems The reference model allows for the creation and sustaining of the trust components of IdM such as assurances, credential usage, transparency and client trust Design guidelines for Consistent Identity Treatment for Multi-Channel Universe The reference model ensures the consistent treatment of identity across multiple service channels. 3.5 SYSTEM APPLICATIONS (SUPPORT) STREAM Supporting Legal authorities The business and systems of the program/service must support the legal authorities for IdM Privacy Compliant Systems The business and systems of the program/service must support existing privacy practices Guidelines for Secure Systems Applications The business and systems of the program/service must support security controls that manage identity information / attributes exchanges IdM Testers and Users Systems Code The business and systems of the program/service must be implemented following a verification and certification process and need to following role-based user code for systems access Capture and Use of Identity Attributes Appropriate for Assurance Levels The business and systems of the program/service will collect and use the appropriate identity attributes per assurance level and seek to comply with the Pan-Canadian Assurance Model. Questionnaire Page 15 of 29

16 Integrated Questionnaire for Identity Management (IdM) Testers and Users Code that support Trust Components The business and systems of the program/service will be deployed to support the trust components of IdM such as assurances, credential usage, transparency and client trust Client-Centred Identity Life Cycle Guidelines The business and systems of the program/service will be deployed to support the management of identity in a client-centred identity information life cycle across channels. 4. BUILDING THE IdM FEDERATION The Blueprint will build upon the IMSC concepts and key projects to enable the of identity. 4.1 Key Projects Why: study practical IdM issues related to areas such as legal, privacy, security and operations Who: domestic and international public sector and private sector organizations When: Start upon IMSC approval, reporting on a regular basis to IMSC meetings What: information / attributes collected, channels used, system operated, etc. How: run key projects and collect information as it becomes available 4.2 Key projects will inform on current situation of IdM: The legal roles and responsibilities of the federal, provincial and territorial entities with regards to the diversity of and capacity for identity management practices; The management of risk and the privacy protection practices from each entity; The security processes regarding follow-up, operations, storage, certification of systems; The quantity and the type of identity attributes and information and the capacity of the systems to support them. The elements in use by each entity to allow for the development of a trust model to manage registration, authentication and validation activities. The importance of strong identity management practices when organizations develop, implement, manage (training, monitoring, etc.) evaluate and report on their service offerings. 4.3 The Key project results will contribute to: Standardizing the identity attributes to ensure interoperability and ensure efficient data exchange amongst system; Questionnaire Page 16 of 29

17 Integrated Questionnaire for Identity Management (IdM) Standardizing the process of the registration, authentication, validation and storage of the identity attributes to achieve standardized trust and assurance levels; Coordinating practices for data exchange to ensure the availability of real-time information; Consolidating identity management activities to ensure a strong trust relationship amongst organizations (e.g. security level requirements to handle personal information may not be currently consistent amongst organizations and jurisdictions) 4.4 Methodology Key projects need to analyze through the prism of the Blueprint. Each activity stream of the Blueprint should be applied to the design and implementation of each key project. The methodology applied to each of the key projects should be applicable to other projects and the lessons learned from this analysis will represent key steps forward in understanding identity management practices across jurisdictions and will assist in building a federated approach to identity management Key Projects (to be completed by the organizations) Labour Workforce Development (NS, CRA & SC) Vital Events Initiatives (SC) Bundled Birth Services (NS, CRA, SC & ON) Next Generation epass (TBS) Online Planning Application Submission (ON) Affordable Housing Information Management System (ON) Integrated Registration for Business (MB) MyBizAccount (ON) 4.5 Commitment to the IdM Members of the are committed to the following: Ensuring that identity information is processed consistently within and across channels, services and organizations, while respecting assurance levels and privacy requirements; Ensuring that programs/services integrate the identity management principles of the IdM into development, implementation, evaluation, and reporting activities; Questionnaire Page 17 of 29

18 Integrated Questionnaire for Identity Management (IdM) Ensuring that identity components are managed to support consistent and coherent practices for creating, modifying, exchanging, pending, cross-checking and deleting identity information and that allows for independent evaluation, audit, and review; Ensuring that all identity management respects user agreements and/or licensing conditions, and for ensuring the relevance, authenticity, quality, and cost-effectiveness of identity information for as long as it is required to meet operational needs and accountabilities; Ensuring its on-going participation in setting services-wide direction for identity information and recordkeeping; Contributing to the IdM for the development and monitoring of Principles and Standards; Developing and maintaining business cases to manage costs; Developing a communication plan to respond to the public in a manner consistent with the principles and standards of the IdM ; Communicating with the IdM in a timely manner (re: a potential breach of data). Questionnaire Page 18 of 29

19 Integrated Questionnaire for Identity Management (IdM) Appendix A: Identity Management Questionnaire 1. What is Identity Management? Identity management is the set of principles, practices, processes and procedures used to realize an organization's mandate and its objectives related to identity - a reference or designation used to distinguish a unique and particular individual or organization Purpose and Rationale Managing identity has taken on heightened importance in both the public and private sectors as a result of increased demands by individuals and organizations to access the right benefits and services. Individuals and/or organizations are looking for seamless and secure transactions across jurisdictions. At the June 26, 2009 meeting of the Federal, Provincial and Territories (FPT) Deputy Ministers responsible for Service Delivery, Deputies agreed to continue work to enhance identity management practices in use within their jurisdictions through the pragmatic application of the Pan-Canadian Assurance Model in existing or planned key projects, and to continue advancing learning through testing other components of the Pan-Canadian Identity Management Framework. The purpose of the Integrated Questionnaire is to provide a generic tool for organizations to assist them in determining the efficiency and effectiveness of identity management processes within their respective departments and/or with its service delivery partners. The questionnaire will also be used to help organizations assess the integrity of the delivery of their benefits and services. 3. Who should use the Integrated Questionnaire for IdM and when? The questionnaire should be completed by employees responsible for the management of the identity processes (i.e. registration, authentication, validation, privacy, and assurance) within a program or service. It can be used for any program or service during its development, management, implementation, evaluation, and audit cycle. Attachments: Annex A Identity Attributes Annex B - Questionnaire Annex C - Example of How to Complete the Questionnaire Annex D - Guidelines for Managing the Questionnaire Annex E - Sample Call Letter 4 Questionnaire Page 19 of 29

20 Integrated Questionnaire for Identity Management (IdM) Annex A Key Identity Attributes As an example, here is some identity attributes used in Service Canada including: Given Name Family Name Date of Birth Gender Social Insurance Number (SIN) Address (home, mailing, ) Citizenship Questionnaire Page 20 of 29

21 Integrated Questionnaire for Identity Management (IdM) Annex B 1. The goal of the questionnaire is to help: Standardize the format of identity attributes to ensure interoperability and ensure efficient data exchange amongst the system and partners; Standardize the process of the registration, authentication, validation and storage of the identity attributes to achieve standardized trust and assurance levels; Coordinate practices for data exchange to ensure that real-time information is available; Consolidate identity management activities to ensure a strong trust relationship amongst organizations and practices (e.g. security level requirements to handle personal information not currently consistent amongst organizations and jurisdictions) 2. The results from the questionnaire will inform about: The legal roles and responsibilities of the federal, provincial and territorial entities with regards to the diversity of and capacity for identity management practices (sections B, C.1 and C.3); The management of risk and the privacy protection practices from each entity (section C.3); The security processes regarding follow-up, operations, storage, certification of systems (section C.3); The quantity and the type of identity attributes and information, and the capacity of the systems to support them (section C.2). The elements in use by each entity to allow for the development of a trust model to manage registration, authentication and validation activities (section C.2). The importance of strong identity management practices when organizations develop, implement, manage (training, monitoring, etc.) evaluate and report their service offering (section D). 3. Point of Contact If there are any further questions or comments regarding the questionnaire, please contact (contact name) at (e.g. of contact name). Questionnaire Page 21 of 29

22 Integrated Questionnaire for Identity Management (IdM) Section A. Information about the respondent A To be completed by the program / service manager: A.1 Full name: A.2 Work phone number: A.3 Work Section B. Information about the organization in assessment B.1.1 B.1.2 Legal name of Department, Ministry, Organization/Company: User name of Department, Ministry, Organization/Company: B.2 Organization type (check all that apply): B.2.1 Government B.2.2 Non-profit B.2.3 Corporation B.2.4 Partnership B.2.5 Sole proprietor B.2.6 Other B.2.7 If other, please specify: B.3 Organization authority (check all that apply): B.3.1 Canadian B.3.2 Alberta (AB) B.3.3 British Columbia (BC) B.3.4 Manitoba (MB) B.3.5 New Brunswick (NB) B.3.6 Newfoundland and Labrador (NL) B.3.7 Northwest Territories (NT) B.3.8 Nova Scotia (NS) B.3.9 Nunavut (NU) B.3.10 Ontario (ON) B.3.11 Prince Edward Island (PE) B.3.12 Quebec (QC) B.3.13 Saskatchewan (SK) B.3.14 Yukon (YT) B.3.15 Other B.3.16 If other, please specify: Questionnaire Page 22 of 29

23 Protected Please indicate the security level Integrated Questionnaire for Identity Management (IdM) Section C. For each Program / Service, please complete the following related tables: C.1 Name of Program or Service *Please add a new row to the table for each identity attribute included on the application form** C.2 Identity Elements C.3 Administration of Identity Elements C.2.1 C.3.1 All identity Authority to use attributes identity attribute and data or data element elements listed in C.2.1. asked on Acts/Regulations/ application Policy, User form. Guides, etc. C.2.2 Channel(s) used for program or service for identity attribute or data element listed in C.2.1. Phone, mail, internet, etc. C.2.3 Storage format of identity attribute or data element listed in C.2.1. Alpha format, numeric format, alphanumeric format, code, etc. C.2.4 Maximum number of characters or pixels allowed for storage for identity attribute or data element listed in C.2.1. C.3.2 Frequency of modification for identity attribute or data element listed in C.2.1. How often can the applicant s information be modified (e.g. updated, changed, suspended, deleted, or recovered)? C.3.3 Internal transfer mechanism for identity attribute or data element listed in C.2.1. How is the applicant s information transmitted to its final storage location? C.3.4 Location and security level of stored information for identity attribute or data element listed in C.2.1. C.3.5 If applicable, please list any exceptions for sections C.2.3, C.2.4, C.3.1, C.3.2, C.3.3 and C.3.4 Questionnaire Page 23 of 29

24 Protected Please indicate the security level Integrated Questionnaire for Identity Management (IdM) Section D. Identity Management Practices D.1 Questions on Identity Management Practices D.1.1 How do you coordinate, manage and respond to the diverse information needs on identity management of the public? D.1.2 How do you raise privacy issues for, and during the design, implementation and evolution of programs and services? D.1.3 How do you manage the consequences in the event of harmful or damaging incidents arising from identity management risks, and to provide for adequate and timely compensation, restoration and recovery? D.1.4 Do you have common definitions and requirements that can be used by government departments operating in different jurisdictions and at different levels, and by commercial organizations who have relations with government? D.1.5 Do you have any identity management frameworks, guidelines, procedures, etc. to ensure effective identity management practices by outlining requirements to support departments in the establishment, use and validation of identity? D.1.6 Do you have any security and information management frameworks, guidelines, procedures, etc. to effectively manage security activities? D.1.7 Do you have a comprehensive and reliable base of evaluation methods/reports that is used to support identity management? D.2 Response D.3 Please indicate the service delivery channels analyzed in section D.2 Questionnaire Page 24 of 29

25 Protected Please indicate the security level Integrated Questionnaire for Identity Management (IdM) Annex C - Example of How to Complete Questionnaire The following three pages is an example of how to complete sections A to C of the questionnaire, using the Social Insurance Number (SIN) application process. Please note that the example is not fully complete, but rather it is to demonstrate how the questionnaire should be completed. The content of the example is fictitious information and does not represent reality. Questionnaire Page 25 of 29

26 Protected Please indicate the security level Integrated Questionnaire for Identity Management (IdM) Section A. Information about the respondent A To be completed by the program / service manager: A.1 Full name: John Smith A.2 Work phone number: A.3 Work Section B. Information about the organization in assessment B.1.1 B.1.2 Legal name of Department, Ministry, Organization/Company: User name of Department, Ministry, Organization/Company: B.2 Organization type (check all that apply): B.2.1 Government B.2.2 Non-profit B.2.3 Corporation B.2.4 Partnership B.2.5 Sole proprietor B.2.6 Other B.2.7 If other, please specify: Department of Human Resources and Skills Development Canada Human Resources and Skills Development Canada (HRSDC), Service Canada Initiative B.3 Organization authority (check all that apply): B.3.1 Canadian B.3.2 Alberta (AB) B.3.3 British Columbia (BC) B.3.4 Manitoba (MB) B.3.5 New Brunswick (NB) B.3.6 Newfoundland and Labrador (NL) B.3.7 Northwest Territories (NT) B.3.8 Nova Scotia (NS) B.3.9 Nunavut (NU) B.3.10 Ontario (ON) B.3.11 Prince Edward Island (PE) B.3.12 Quebec (QC) B.3.13 Saskatchewan (SK) B.3.14 Yukon (YT) B.3.15 Other B.3.16 If other, please specify: Questionnaire Page 26 of 29

27 Protected Please indicate the security level Integrated Questionnaire for Identity Management (IdM) Section C. For each Program / Service, please complete the following related tables: C.1 Name of Program/Service Social Insurance Number (SIN) *Please add a new row to the table for each identity attribute included on application form* C.2 Identity Elements C.3 Administration of Identity Elements C.2.1 All identity attributes and data elements asked on application form. C.2.2 Channel(s) used for program or service for identity attribute or data element listed in C.2.1. Phone, mail, internet, etc. C.2.3 Storage format of identity attribute or data element listed in C.2.1. Alpha format, numeric format, alpha-numeric format, code, etc. C.2.4 Maximum number of characters or pixels allowed for storage for identity attribute or data element listed in C.2.1. C.3.1 Authority to use identity attribute or data element listed in C.2.1. Acts/Regulations/ Policy, User Guides, etc. C.3.2 Frequency of modification for identity attribute or data element listed in C.2.1. How often can the applicant s information be modified (e.g. updated, changed, suspended, deleted, or First Given Name In-person, mail Alpha format 200 characters Employment Insurance Act s.138 recovered)? EI Act s.140 C.3.3 Internal transfer mechanism for identity attribute or data element listed in C.2.1. How is the applicant s information transmitted to its final storage location? Electronically C.3.4 Location and security level of stored information for identity attribute or data element listed in C.2.1. Social Insurance Database C.3.5 If applicable, please list any exceptions for sections C.2.3, C.2.4, C.3.1, C.3.2, C.3.3 and C.3.4 Privacy Act s.6(2) s.71(4) EI Regulations s.89(3)(a) Privacy Act s.10(1) Family Name In-person, mail Alpha format 200 characters Employment Insurance Act s.138 EI Act s.140 Electronically Social Insurance Database Privacy Act s.6(2) s.71(4) EI Regulations s.89(3)(a) Privacy Act s.10(1) Questionnaire Page 27 of 29

28 Protected Please indicate the security level Integrated Questionnaire for Identity Management (IdM) Annex D - Guidelines for Managing the Questionnaire 1. Determine a point of contact, who will act as the lead for the questionnaire. The lead will be responsible for distributing and collecting the questionnaire from his or her respondents. 2. Determine how many employees manage the registration, authentication, validation, privacy, and assurance processes of your project. 3. Determine a security level for the completed questionnaire. The questionnaire was developed to be completed on the computer, but it may also be completed in other ways, as in compliance with the security requirement levels. 4. Verify contact information of the employees whom you wish to complete the questionnaire to ensure it is up-to-date/current. 5. Determine a communications plan to inform employees of the questionnaire (see Annex D for an example of a call letter). 6. Determine timelines for follow-up and collection of questionnaires. 7. After all the questionnaires have been collected, analyze your results to determine whether they correspond to the goals of the questionnaire (see Annex A). 8. Prepare an assessment report based on the results from the questionnaire. 9. Determine a communication strategy to communicate results to your organization. Questionnaire Page 28 of 29

29 Protected Please indicate the security level Integrated Questionnaire for Identity Management (IdM) Annex E Sample Call Letter TO: Insert Name(s) of Employee(s) FROM: Insert Name of Questionnaire Point of Contact SUBJECT: Questionnaire for IdM DATE: Managing identity has taken on heightened importance in both the public and private sectors as a result of increased demands by individuals and organizations to access the right benefits and services. Individuals and/or organizations are looking for seamless and secure transactions across jurisdictions. This goes in line with our current project (insert name of project). In order to make sure that our (choose one of the following: benefit/program/service/project) is delivered to the right person or organization at the right time, we need to ensure that we properly address identity management elements (i.e. registration, authentication, and validation in a privacy and assurance context) in the areas of legal, security, and service delivery. The questionnaire aims to help us determine areas that need to be addressed in order to further enhance the integrity of our program/service. Attached to this letter is the questionnaire. Please send it to all staff, stakeholders and partners responsible for the management of the identity processes (i.e. registration, authentication, validation, privacy, and assurance) within your program or service. Please complete and return the questionnaire to (insert Point of Contact name) by (insert date). Any questions regarding the questionnaire should be directed to (insert Point of Contact name) at (insert contact information). Thank you in advance, (Questionnaire manager full name) (Job title) (Organization title) (Phone number) ( address) Attachment (1): Integrated Questionnaire for Identity Management (IdM) Questionnaire Page 29 of 29

Instructions NDEB Equivalency Process

Instructions NDEB Equivalency Process NDEB Equivalency Process Table of Contents Submitting an online application... 3 Website... 3 Online registration portal... 5 Submitting required documents... 10 Application Instructions-Final.docx 2 /

More information

Report of the CMEC Quality Assurance Subcommittee

Report of the CMEC Quality Assurance Subcommittee Report of the CMEC Quality Assurance Subcommittee 2007 2007 CMEC Jurisdictional Update on Activities Related to Quality Assurance Introduction In February 2007, ministers responsible for advanced education

More information

Canada Post Group Economic Impact on Canada. Corporate Planning and Strategy

Canada Post Group Economic Impact on Canada. Corporate Planning and Strategy Canada Post Group Economic Impact on Canada Corporate Planning and Strategy July 27 Section 1 1. The National Impact 2. Impact on the Provinces Corporate Planning and Strategy, July 27 Page 2 Study of

More information

Canadian Provincial and Territorial Early Hearing Detection and Intervention. (EHDI) Programs: PROGRESS REPORT

Canadian Provincial and Territorial Early Hearing Detection and Intervention. (EHDI) Programs: PROGRESS REPORT Canadian Provincial and Territorial Early Hearing Detection and Intervention (EHDI) Programs: PROGRESS REPORT www.sac-oac.ca www.canadianaudiology.ca 1 EHDI PROGRESS REPORT This progress report represents

More information

Selected Annotated Bibliography Personal Health Information, Privacy and Access

Selected Annotated Bibliography Personal Health Information, Privacy and Access A. National Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5 canlii.org/en/ca/laws/stat/sc-2000-c-5/latest/sc-2000-c-5.html Privacy Act, R.S.C. 1985, c. P-21 canlii.org/en/ca/laws/stat/rsc-1985-c-p-21/latest/rsc-1985-c-p-21.html

More information

Privacy and EHR Information Flows in Canada. EHIL Webinar Series. Presented by: Joan Roch, Chief Privacy Strategist, Canada Health Infoway

Privacy and EHR Information Flows in Canada. EHIL Webinar Series. Presented by: Joan Roch, Chief Privacy Strategist, Canada Health Infoway Privacy and EHR Information Flows in Canada EHIL Webinar Series Presented by: Joan Roch, Chief Privacy Strategist, Canada Health Infoway March 1, 2011 Outline 1. Background 2. Infoway s privacy mandate

More information

Summary of CSLS Long Term Fiscal & Economic Projections

Summary of CSLS Long Term Fiscal & Economic Projections Summary of CSLS Long Term Fiscal & Economic Projections 2014 to 2038 M ANITOBA B UREAU OF S TATISTICS RIGHT ANSWERS RIGHT NOW January 18, 2016 Summary of CSLS Long Term Fiscal & Economic Projections In

More information

Nursing Education in Canada, Consolidated Statistics for Entry-to-Practice Certificate, Diploma and Baccalaureate Programs: 2006-2007

Nursing Education in Canada, Consolidated Statistics for Entry-to-Practice Certificate, Diploma and Baccalaureate Programs: 2006-2007 STATISTICS Nursing Education in Canada, Consolidated Statistics for Entry-to-Practice Certificate, Diploma and Baccalaureate Programs: 2006-2007 The Canadian Association of Registered Psychiatric Nurse

More information

National Association of Pharmacy Regulatory Authority s Privacy Policy for Pharmacists' Gateway Canada

National Association of Pharmacy Regulatory Authority s Privacy Policy for Pharmacists' Gateway Canada Introduction National Association of Pharmacy Regulatory Authority s Privacy Policy for Pharmacists' Gateway Canada This Privacy Policy describes the manner in which the National Association of Pharmacy

More information

Agence de santé publique du Canada December 2004

Agence de santé publique du Canada December 2004 Public Health Agency of Canada Agence de santé publique du Canada December 2004 To promote and protect the health of Canadians through leadership, partnership, innovation and action in public health /

More information

The Pharmacist Experience in Canada

The Pharmacist Experience in Canada The Pharmacist Experience in Canada Recognition of Professional Qualifications Presented at: Mobility of the Skilled Workforce A European Union/Canada Roundtable September 29 and 30, 2009 Presentation

More information

July 25, 2014. Dear Sirs/Mesdames:

July 25, 2014. Dear Sirs/Mesdames: July 25, 2014 British Columbia Securities Commission Alberta Securities Commission Financial and Consumer Affairs Authority of Saskatchewan Manitoba Securities Commission Ontario Securities Commission

More information

The Deputy Minister of Community Services Harvey Brooks

The Deputy Minister of Community Services Harvey Brooks Recommendations by the: Chartered Accountants of the Yukon Certified Management Accountants of the Yukon Submitted to: The Minister of Community Services Hon. Elaine Taylor Date: March XX, 2013 The Deputy

More information

Strategy for Email Management in Canadian Jurisdictions

Strategy for Email Management in Canadian Jurisdictions Strategy for Email Management in Canadian Jurisdictions Email is a fundamental part of doing business today, and the management of email has become a critical issue across all jurisdictions. All governments

More information

Sprott Flow-Through Limited Partnerships. Sprott Tax-Assisted Investments

Sprott Flow-Through Limited Partnerships. Sprott Tax-Assisted Investments Sprott Flow-Through Limited Partnerships Sprott Tax-Assisted Investments sprott asset management lp Natural resources an essential element of a well-structured investment portfolio Adding natural resource

More information

4.0 Health Expenditure in the Provinces and Territories

4.0 Health Expenditure in the Provinces and Territories 4.0 Health Expenditure in the Provinces and Territories Health expenditure per capita varies among provinces/territories because of different age distributions. xii Population density and geography also

More information

MULTILATERAL INSTRUMENT 33-107 PROFICIENCY REQUIREMENTS FOR REGISTRANTS HOLDING THEMSELVES OUT AS PROVIDING FINANCIAL PLANNING AND SIMILAR ADVICE

MULTILATERAL INSTRUMENT 33-107 PROFICIENCY REQUIREMENTS FOR REGISTRANTS HOLDING THEMSELVES OUT AS PROVIDING FINANCIAL PLANNING AND SIMILAR ADVICE MULTILATERAL INSTRUMENT 33-107 PROFICIENCY REQUIREMENTS FOR REGISTRANTS HOLDING THEMSELVES OUT AS PROVIDING FINANCIAL PLANNING AND SIMILAR ADVICE PART 1 PROFICIENCY REQUIREMENTS 1.1 Proficiency Requirements

More information

Health and Safety - Are you in danger? Health and Safety Awareness. Why is health and safety awareness important?

Health and Safety - Are you in danger? Health and Safety Awareness. Why is health and safety awareness important? Health and Safety - Are you in danger? This summer, thousands of students across Canada will become employed in small and medium businesses, and in institutions such as hospitals and schools. Some will

More information

The Regulation and Supply of Nurse Practitioners in Canada: Health Expenditure Estimates

The Regulation and Supply of Nurse Practitioners in Canada: Health Expenditure Estimates The Regulation and Supply of Nurse Practitioners in Canada: Preliminary Technical Provincial Appendix and Territorial Government Health Expenditure Estimates 1974 1975 to 2004 2005 The Regulation and

More information

Government of Canada Update. Municipal CIO Summit April 10-12, 2014 Banff, AB

Government of Canada Update. Municipal CIO Summit April 10-12, 2014 Banff, AB Government of Canada Update Municipal CIO Summit April 10-12, 2014 Banff, AB Outline Government of Canada Update Road Map & Policy Architecture Cyber Authentication Statistics Usage Statistics to date

More information

HEALTH INFORMATION ACT (HIA) BILL QUESTIONS AND ANSWERS

HEALTH INFORMATION ACT (HIA) BILL QUESTIONS AND ANSWERS HEALTH INFORMATION ACT (HIA) BILL QUESTIONS AND ANSWERS KEY HIA CONCEPTS AND PROVISIONS Q. What is the purpose of the legislation? To protect clients personal health information. To set rules on the collection,

More information

Bill C-27: First Nations Financial Transparency Act

Bill C-27: First Nations Financial Transparency Act Bill C-27: First Nations Financial Transparency Act Overview of Act Bill C-27: First Nations Financial Transparency Act was introduced in the House of Commons on November 23, 2011 and is identified as

More information

Electronic Health Records

Electronic Health Records Electronic Health Records AN OVERVIEW OF FEDERAL AND PROVINCIAL AUDIT REPORTS APRIL 2010 Office of the Auditor General of Canada Bureau du vérificateur général du Canada PARTICIPATING LEGISLATIVE AUDIT

More information

AN INTRO TO. Privacy Laws. An introductory guide to Canadian Privacy Laws and how to be in compliance. Laura Brown

AN INTRO TO. Privacy Laws. An introductory guide to Canadian Privacy Laws and how to be in compliance. Laura Brown AN INTRO TO Privacy Laws An introductory guide to Canadian Privacy Laws and how to be in compliance Laura Brown Air Interactive Media Senior DMS Advisor A Publication of 1 TABLE OF CONTENTS Introduction

More information

New Brunswick Minimum Wage Factsheet

New Brunswick Minimum Wage Factsheet New Brunswick Minimum Wage Factsheet Post-Secondary Education, Training and Labour September 2016 Contents INTRODUCTION... 3 PART 1 - MINIMUM WAGE RATES IN NEW BRUNSWICK... 3 1.1 Recent history of minimum

More information

AGREEMENT IN PRINCIPLE Labour Mobility Chapter of the Agreement on Internal Trade/Teaching Profession 1999 09 29

AGREEMENT IN PRINCIPLE Labour Mobility Chapter of the Agreement on Internal Trade/Teaching Profession 1999 09 29 AGREEMENT IN PRINCIPLE Labour Mobility Chapter of the Agreement on Internal Trade/Teaching Profession 1999 09 29 This agreement in principle is developed in conformity with the provisions of Chapter 7

More information

Notices / News Releases

Notices / News Releases Chapter 1 Notices / News Releases 1.1 Notices 1.1.1 CSA Staff Notice 45-314 Updated List of Current Exempt Market Initiatives January 28, Introduction CSA Staff Notice 45-314 Updated List of Current CSA

More information

A Year in Review: CIHI s 2013 2014 Annual Privacy Report

A Year in Review: CIHI s 2013 2014 Annual Privacy Report A Year in Review: CIHI s 2013 2014 Annual Privacy Report Our Vision Better data. Better decisions. Healthier Canadians. Our Mandate To lead the development and maintenance of comprehensive and integrated

More information

PROVINCIAL-TERRITORIAL APPRENTICE MOBILITY TRANSFER GUIDE JANUARY 2016

PROVINCIAL-TERRITORIAL APPRENTICE MOBILITY TRANSFER GUIDE JANUARY 2016 PROVINCIAL-TERRITORIAL APPRENTICE MOBILITY TRANSFER GUIDE JANUARY 2016 TABLE OF CONTENTS About This Transfer Guide... 4 Provincial-Territorial Apprentice Mobility Guidelines... 4 Part 1: Overview and Introduction

More information

National Instrument Definitions. (3) In a national instrument or multilateral instrument

National Instrument Definitions. (3) In a national instrument or multilateral instrument PART 1 DEFINITIONS AND INTERPRETATION 1.1 and Interpretation (1) Every term that is defined or interpreted in the statute of the local jurisdiction referred to in Appendix B, the definition or interpretation

More information

Engineers Canada 2012 Membership Survey

Engineers Canada 2012 Membership Survey Engineers Canada 2012 Membership Survey June 3, 2013 Contents List of Tables... i List of Figures... ii Descriptions of Membership Categories... iii 1 Introduction... 1 2 Membership Composition... 1 2.1

More information

PROVINCIAL/TERRITORIAL COUNCIL Of MINISTERS OF SECURITIES REGULATION (Council) ANNUAL PROGRESS REPORT January 2013 to December 2013

PROVINCIAL/TERRITORIAL COUNCIL Of MINISTERS OF SECURITIES REGULATION (Council) ANNUAL PROGRESS REPORT January 2013 to December 2013 PROVINCIAL/TERRITORIAL COUNCIL Of MINISTERS OF SECURITIES REGULATION (Council) ANNUAL PROGRESS REPORT January 2013 to December 2013 BACKGROUND Since its formation in 2004, the Provincial-Territorial Council

More information

SUMMARY REPORT. Page 1 of 5

SUMMARY REPORT. Page 1 of 5 The role of nurses in assigning, delegating, teaching and supervising patient care activities to unregulated care providers in home care: A jurisdictional scan of legislation, regulation and policy in

More information

Employment termination and group insurance coverage

Employment termination and group insurance coverage HEALTH & DENTAL / DISABILITY, LIFE AND AD&D 14-11 Employment termination and group insurance coverage This GroupLine is a revised version of GroupLine 07-02. Previous versions also include 05-21, 02-11

More information

Public Accounting Rights for Certified General Accountants in Canada. Issue Brief

Public Accounting Rights for Certified General Accountants in Canada. Issue Brief Public Accounting Rights for Certified General Accountants in Canada Issue Brief IMPORTANT NOTE: Some information regarding Ontario is out of date pursuant to the adoption of the Public Accounting Act,

More information

A L B E R T A L A B O U R F O R C E P R O F I L E S W o m e n

A L B E R T A L A B O U R F O R C E P R O F I L E S W o m e n A L B E R T A L A B O U R F O R C E P R O F I L E S W o m e n 2 0 1 5 Highlights For the purpose of this profile, the population is defined as women 15+. Working Age Population of Women in Alberta The

More information

PROVINCIAL/TERRITORIAL COMPASSIONATE LEAVE LEGISLATION Provinces/Territories with Compassionate Care Leave Legislation

PROVINCIAL/TERRITORIAL COMPASSIONATE LEAVE LEGISLATION Provinces/Territories with Compassionate Care Leave Legislation PROVINCIAL/TERRITORIAL COMPASSIONATE LEAVE LEGISLATION Provinces/Territories with Compassionate Care Leave Legislation Almost all of the provinces and territories either had existing labour legislation

More information

UNIFICATION PROPOSAL (MAY 2013)

UNIFICATION PROPOSAL (MAY 2013) UNIFICATION PROPOSAL (MAY 2013) Unifying the Accounting Profession in Ontario Since the spring of 2011, the accounting profession has conducted a nation-wide discussion on the topic of unification. The

More information

Consistent Results Across Most of The Board

Consistent Results Across Most of The Board Canadian Health Care Trend Survey Results 2015 Consistent Results Across Most of The Board Our 2015 Health Care Trend Survey demonstrates that drug, health and dental cost trend factors have remained consistent

More information

Yukon Bureau of Statistics

Yukon Bureau of Statistics Yukon Bureau of Statistics 2 9 # $ > 0-2 + 6 & ± 8 < 3 π 7 5 9 ^ Highlights: Yukon Statistics 203 Taxation Year There were 27,200 income taxfilers in Yukon in 203, an increase of 290, or.%, compared to

More information

Proposed Amendments to the Fatal Accidents Act Discussion Paper. Prepared by the Department of Justice

Proposed Amendments to the Fatal Accidents Act Discussion Paper. Prepared by the Department of Justice Proposed Amendments to the Fatal Accidents Act Discussion Paper Prepared by the Department of Justice Contents About the proposed Amendments to the Fatal Accident Act... 3 Background and Purpose... 4 Proposed

More information

Consultation Document Automobile Insurance Reform

Consultation Document Automobile Insurance Reform Consultation Document Automobile Insurance Reform The Department of Government Services is addressing several issues related to automobile insurance reform which are in addition to the Terms of Reference

More information

DRAFT Pan Canadian Identity Management Steering Committee March 1, 2010

DRAFT Pan Canadian Identity Management Steering Committee March 1, 2010 DRAFT Pan Canadian Identity Management Steering Committee March 1, 2010 Pan Canadian Identity Management & Authentication Framework Page 1 1 Introduction This document is intended to describe the forming

More information

trc.ca Statement Gathering Frequently Asked Questions

trc.ca Statement Gathering Frequently Asked Questions trc.ca Statement Gathering Frequently Asked Questions Indian Residential Schools and the Truth and Reconciliation Commission Backgrounder Indian residential schools date back to the 1870 s. Over 130 residential

More information

Information Management and Protection Policy

Information Management and Protection Policy Document Title: Information Management and Protection Policy Document Type: Policy No. Of Pages (11) Scope: Government of Newfoundland and Labrador and Public Bodies supported by the Office of the Chief

More information

Access to Basic Banking Services

Access to Basic Banking Services Access to Basic Banking Services Opening a personal deposit account and cashing Government of Canada cheques or other instruments In order to improve access to basic banking services, legislation requires

More information

Privacy and Security Framework, February 2010

Privacy and Security Framework, February 2010 Privacy and Security Framework, February 2010 Updated April 2014 Our Vision Better data. Better decisions. Healthier Canadians. Our Mandate To lead the development and maintenance of comprehensive and

More information

BRIGHT HORIZONS IN INTERNATIONAL FRANCHISING

BRIGHT HORIZONS IN INTERNATIONAL FRANCHISING CHICAGO MARRIOTT DOWNTOWN MAGNIFICENT MILE CHICAGO, IL BRIGHT HORIZONS IN INTERNATIONAL FRANCHISING Canada British Columbia next up for franchise legislation? Case-law review New anti-spam/anti-spyware

More information

AGREEMENT ON MOBILITY OF WITHIN CANADA

AGREEMENT ON MOBILITY OF WITHIN CANADA Canadian Council of Professional Engineers OF PROFESSIONAL ENGINEERS * WITHIN CANADA * The term professional engineer is an official mark held by the Canadian Council of Professional Engineers. AMONG:

More information

How the practice of medicine is regulated in Canada

How the practice of medicine is regulated in Canada Regulatory Bodies The federal government s authority over health care is limited to issues concerning spending, criminal law, patent regulation, aboriginal health services, and matters relating to the

More information

WORKING GROUP # 8: PREQUALIFICATION, SOURCE LISTS AND STANDING OFFERS. Conference Call, November 30, 2005 RECORD OF DECISIONS

WORKING GROUP # 8: PREQUALIFICATION, SOURCE LISTS AND STANDING OFFERS. Conference Call, November 30, 2005 RECORD OF DECISIONS WORKING GROUP # 8: PREQUALIFICATION, SOURCE LISTS AND STANDING OFFERS RECORD OF DECISIONS Present: Newfoundland and Labrador, Nova Scotia, Quebec, Manitoba, Saskatchewan, Alberta, British Columbia and

More information

The 2002 Report Card

The 2002 Report Card Background This info sheet summarizes the main findings of a November 2002 report by the Canadian HIV/AIDS Legal Network, entitled Action on HIV/AIDS in Prisons: Too Little, Too Late A Report Card. The

More information

The Dietitian Workforce in Canada

The Dietitian Workforce in Canada The Dietitian Workforce in Canada Meta-Analysis Report MARCH 2011 www.dietitians.ca www.dietetistes.ca Dietitians of Canada 2011. All rights reserved. DIETITIANS OF CANADA 1 Executive Summary The purpose

More information

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies

More information

AND IN THE MATTER OF THE MUTUAL RELIANCE REVIEW SYSTEM FOR EXEMPTIVE RELIEF APPLICATIONS AND IN THE MATTER OF TD ASSET MANAGEMENT INC.

AND IN THE MATTER OF THE MUTUAL RELIANCE REVIEW SYSTEM FOR EXEMPTIVE RELIEF APPLICATIONS AND IN THE MATTER OF TD ASSET MANAGEMENT INC. July 28, 2005 IN THE MATTER OF THE SECURITIES LEGISLATION OF BRITISH COLUMBIA, ALBERTA, SASKATCHEWAN, MANITOBA, ONTARIO, QUEBEC, NEW BRUNSWICK, NOVA SCOTIA, PRINCE EDWARD ISLAND, NEWFOUNDLAND AND LABRADOR,

More information

2016 CARE. Chartered Accountancy Reciprocity Examination

2016 CARE. Chartered Accountancy Reciprocity Examination 2016 CARE Chartered Accountancy Reciprocity Examination Information for Applicants Seeking to Qualify as Chartered Professional Accountants, Chartered Accountants and as Public Accountants in Ontario Preface

More information

LIFE INSURANCE PRODUCT SUITABILITY REVIEW FINANCIAL SERVICES COMMISSION OF Ontario

LIFE INSURANCE PRODUCT SUITABILITY REVIEW FINANCIAL SERVICES COMMISSION OF Ontario LIFE INSURANCE PRODUCT SUITABILITY REVIEW FINANCIAL SERVICES COMMISSION OF Ontario market REGULATION BRANCH September 2014 Contents Executive Summary... 1 Purpose... 2 FSCO S Methodology... 3 Observations...

More information

Atlantic Provinces 71 COMMUNITIES

Atlantic Provinces 71 COMMUNITIES NATIONAL STUDY OF AUTOMOBILE INSURANCE RATES Third Release Atlantic Provinces 71 COMMUNITIES vs. British Columbia, Alberta Saskatchewan, Manitoba & Ontario 3,985,162 Auto Insurance Rates Compared October

More information

RECIPROCAL TRANSFER AGREEMENT WITH TEACHERS PENSION PLAN AUTHORITIES

RECIPROCAL TRANSFER AGREEMENT WITH TEACHERS PENSION PLAN AUTHORITIES RECIPROCAL TRANSFER AGREEMENT WITH This information sheet provides information as to whether you may be eligible to transfer a benefit under the terms of the Reciprocal Transfer Agreement between the Teachers

More information

Dear Reader: Presented herewith is the Annual Gaming Report pursuant to Section 56 of the Gaming Control Act for the year ending March 31, 2013.

Dear Reader: Presented herewith is the Annual Gaming Report pursuant to Section 56 of the Gaming Control Act for the year ending March 31, 2013. Dear Reader: Presented herewith is the Annual Gaming Report pursuant to Section 56 of the Gaming Control Act for the year ending March 31, 2013. The Annual Gaming Report covers the activities of the Alcohol

More information

The EHR Agenda in Canada

The EHR Agenda in Canada The EHR Agenda in Canada IHE Workshop June 28, 2005 Dennis Giokas, Chief Technology Officer Agenda Background on Canadian Healthcare System About Canada Health Infoway Interoperable EHR Solution Definitions

More information

RECOMMENDED CHARTER FOR THE IDENTITY ECOSYSTEM STEERING GROUP

RECOMMENDED CHARTER FOR THE IDENTITY ECOSYSTEM STEERING GROUP RECOMMENDED CHARTER FOR THE IDENTITY ECOSYSTEM STEERING GROUP 1. Identity Ecosystem Steering Group Charter The National Strategy for Trusted Identities in Cyberspace (NSTIC or Strategy), signed by President

More information

Introduction 3. What is a Privacy Breach? 3. Authority to Review Privacy Breaches 5. Survey Highlights 6. Survey Results 8

Introduction 3. What is a Privacy Breach? 3. Authority to Review Privacy Breaches 5. Survey Highlights 6. Survey Results 8 Table of Contents Introduction 3 What is a Privacy Breach? 3 Authority to Review Privacy Breaches 5 Survey Highlights 6 Survey Results 8 Response Rate 8 Personal and Personal Health Information 9 Privacy

More information

Professional Standards For Dietitians In Canada

Professional Standards For Dietitians In Canada Professional Standards For Dietitians In Canada Developed by: Dietitians of Canada College of Dietitians of Ontario in collaboration and with financial support from: British Columbia Dietitians' and Nutritionists'

More information

Working with a financial adviser

Working with a financial adviser Working with a financial adviser Canadian Securities Administrators Securities regulators from each province and territory have teamed up to form the Canadian Securities Administrators, or CSA for short.

More information

NEPAB. Nursing Education Program Approval Board

NEPAB. Nursing Education Program Approval Board NEPAB Nursing Education Program Approval Board Standards for Alberta Nursing Education Programs Leading to Initial Entry to Practice as a Nurse Practitioner January 2011 Ratified by the College and Association

More information

PRIVACY LAW. In an age of social media, cloud computing, global networks. and international data flows, incidents involving data security

PRIVACY LAW. In an age of social media, cloud computing, global networks. and international data flows, incidents involving data security Doing Business in Canada 1 O: PRIVACY LAW THE ROCKIES Canada s most visited mountain range, the Rockies, is an international destination for sports, sightseeing and escape from the daily grind. Privacy

More information

CANADA SUMMER JOBS 2016. Creating Jobs, Strengthening Communities. Applicant Guide

CANADA SUMMER JOBS 2016. Creating Jobs, Strengthening Communities. Applicant Guide CANADA SUMMER JOBS 2016 Creating Jobs, Strengthening Communities Applicant Guide Table of Contents 1.0 Purpose... 3 2.0 Introduction... 3 2.1 Objectives... 3 2.2 Assessment Criteria... 3 2.3 Application

More information

CIHI Submission: 2011 Prescribed Entity Review

CIHI Submission: 2011 Prescribed Entity Review pic pic CIHI Submission: 2011 Prescribed Entity Review October 2011 Who We Are Established in 1994, CIHI is an independent, not-for-profit corporation that provides essential information on Canada s health

More information

Aboriginal Affairs and Northern Development Canada. Internal Audit Report

Aboriginal Affairs and Northern Development Canada. Internal Audit Report Aboriginal Affairs and Northern Development Canada Internal Audit Report Management Practices Audit of the Human Resources and Workplace Services Branch Prepared by: Audit and Assurance Services Branch

More information

Atlantic Provinces Community College Consortium Business Plan 2005-2006

Atlantic Provinces Community College Consortium Business Plan 2005-2006 Atlantic Provinces Community College Consortium Business Plan 2005-2006 2 Table of Contents 1.0 Introduction.....3 2.0 The Planning Context..... 4 2.1 Vision and Mission..4 2.2 Strategic Planning Themes...4

More information

KEY ELEMENTS PSYCHOLOGIST REGULATIONS

KEY ELEMENTS PSYCHOLOGIST REGULATIONS Objective: PSYCHOLOGIST REGULATIONS The is seeking feedback from professionals and the public on the proposed key elements that will comprise the new Regulations. All feedback is welcome and may be submitted

More information

HSIN R3 User Accounts: Manual Identity Proofing Process

HSIN R3 User Accounts: Manual Identity Proofing Process for the HSIN R3 User Accounts: Manual Identity Proofing Process DHS/OPS/PIA-008(a) January 15, 2013 Contact Point James Lanoue DHS Operations HSIN Program Management Office (202) 282-9580 Reviewing Official

More information

FREQUENTLY ASKED QUESTIONS MOBILITY

FREQUENTLY ASKED QUESTIONS MOBILITY FREQUENTLY ASKED QUESTIONS MOBILITY These FAQs are intended to provide you with an overview to the provisions respecting mobility. The questions and answers are intended as a guide, only. Lawyers seeking

More information

Open Government and Information Management. Roy Wiseman Executive Director, MISA/ASIM Canada CIO (Retired), Region of Peel roy.wiseman@outlook.

Open Government and Information Management. Roy Wiseman Executive Director, MISA/ASIM Canada CIO (Retired), Region of Peel roy.wiseman@outlook. Open Government and Information Management Roy Wiseman Executive Director, MISA/ASIM Canada CIO (Retired), Region of Peel roy.wiseman@outlook.com Open Government Defined Government of Canada defines Open

More information

Express Entry Update. Conference Board Immigration Summit April 4, 2016 Jennifer Moores and Zal Karkaria

Express Entry Update. Conference Board Immigration Summit April 4, 2016 Jennifer Moores and Zal Karkaria Express Entry Update Conference Board Immigration Summit April 4, 2016 Jennifer Moores and Zal Karkaria Objectives of Express Entry On January 1, 2015, Immigration, Refugees and Citizenship Canada launched

More information

Privacy Law in Canada

Privacy Law in Canada by PATRICIA WILSON & MICHAEL FEKETE Protection of personal information remains at the forefront of public policy debate in. Federal and provincial privacy legislation has a profound impact on the way virtually

More information

Guidelines for Self-Employed Registered Nurses

Guidelines for Self-Employed Registered Nurses Guidelines for Self-Employed Registered Nurses MISSION The Nurses Association of New Brunswick is a professional regulatory organization that exists to protect the public and to support nurses by promoting

More information

Information Management

Information Management G i Information Management Information Management Planning March 2005 Produced by Information Management Branch Open Government Service Alberta 3 rd Floor, Commerce Place 10155 102 Street Edmonton, Alberta,

More information

Customer & Market Analysis. Sample Report (actual data)

Customer & Market Analysis. Sample Report (actual data) Customer & Market Analysis Sample Report (actual data) Introduction This Customer & Market Analysis is intended to provide you with a modeled view of your customers, based on statistical analysis. This

More information

Innovation Clusters on Shale Resource Development and Distributed Power Generation: A Progress Report to. Ministers

Innovation Clusters on Shale Resource Development and Distributed Power Generation: A Progress Report to. Ministers Innovation Clusters on Shale Resource Development and Distributed Power Generation: A Progress Report to Ministers Energy and Mines Ministers Conference Winnipeg, Manitoba August 2016 Innovation Clusters

More information

Citation: TD Asset Management Inc. et al, 2005 ABASC 436 Date: 20050429

Citation: TD Asset Management Inc. et al, 2005 ABASC 436 Date: 20050429 Headnote Mutual Reliance Review System for Exemptive Relief Applications investment advisor registered as such under US securities laws but operating out of Alberta is exempt from the registration requirement

More information

Occupational Therapists in Canada, 2010 National and Jurisdictional Highlights and Profiles

Occupational Therapists in Canada, 2010 National and Jurisdictional Highlights and Profiles Occupational Therapists in Canada, 2010 National and Jurisdictional Highlights and Profiles October 2011 Spending and Health Workforce Who We Are Established in 1994, CIHI is an independent, not-for-profit

More information

Workers' Compensation

Workers' Compensation Suite How to Use GrandMaster Suite Workers' Compensation This page intentionally left blank Workers' Compensation 3 Table of Contents: HOW TO USE GRANDMASTER SUITE - WORKERS' COMPENSATION...4 OVERVIEW...4

More information

CANADA-WIDE STANDARD on MERCURY for DENTAL AMALGAM WASTE

CANADA-WIDE STANDARD on MERCURY for DENTAL AMALGAM WASTE Canadian Council of Ministers of the Environment CANADA-WIDE STANDARD on MERCURY for DENTAL AMALGAM WASTE Endorsed by CCME Council of Ministers, September 22-23, 2001 1 CANADA-WIDE STANDARD on Mercury

More information

SCOTIA DEALER ADVANTAGE RETAIL FINANCING PROGRAM DEALER AGREEMENT

SCOTIA DEALER ADVANTAGE RETAIL FINANCING PROGRAM DEALER AGREEMENT SCOTIA DEALER ADVANTAGE RETAIL FINANCING PROGRAM DEALER AGREEMENT This Agreement executed on by Scotia Dealer Advantage Inc ( SDA ) and (the Dealer ). (Dealership Legal Name) WHEREAS the Dealer carries

More information

Pathways to Early Childhood Education Credentialing in Canada

Pathways to Early Childhood Education Credentialing in Canada Pathways to Early Childhood Education Credentialing in Canada Child Care Human Resources Sector Council Prepared for the Child Care Human Resources Sector Council 151 Slater St, Suite 505 Ottawa, ON K1P

More information

Analytical Bulletin Certified and Non-Certified Specialists: Understanding the Numbers

Analytical Bulletin Certified and Non-Certified Specialists: Understanding the Numbers Analytical Bulletin Certified and Non-Certified Specialists: Understanding the Numbers CIHI Physician Databases 2004:2 Introduction Physician count information is available from a number of Canadian data

More information

Comments on Illegal Insider Trading in Canada: Recommendations on Prevention, Detection and Deterrence Report (the Insider Trading Report )

Comments on Illegal Insider Trading in Canada: Recommendations on Prevention, Detection and Deterrence Report (the Insider Trading Report ) February 2, 2004 Delivered and Via E-Mail Alberta Securities Commission British Columbia Securities Commission Saskatchewan Financial Services Commission Manitoba Securities Commission Ontario Securities

More information

MFDA STAFF NOTICE ELECTRONIC SIGNATURES

MFDA STAFF NOTICE ELECTRONIC SIGNATURES Contact: Paige Ward General Counsel and Vice-President, Policy Phone: (416) 943-5838 Email: pward@mfda.ca MSN-0016 January 23, 2003 MFDA STAFF NOTICE ELECTRONIC SIGNATURES MFDA Staff Notices are intended

More information

Internet Connectivity Among Aboriginal Communities in Canada

Internet Connectivity Among Aboriginal Communities in Canada Internet Connectivity Among Aboriginal Communities in Canada Since its inception the Internet has been the fastest growing and most convenient means to access timely information on just about everything.

More information

Section V. Jurisdictional Requirements (Section V) General Instructions

Section V. Jurisdictional Requirements (Section V) General Instructions Section V General Instructions Since the insurance legislation in the various jurisdictions in Canada is not exactly the same, certain differences must be accommodated. Everything related to each jurisdiction

More information

Choose the right investment. Segregated fund policies versus mutual funds

Choose the right investment. Segregated fund policies versus mutual funds Choose the right investment Segregated fund policies versus mutual funds Choose the best option for your clients investment needs Segregated fund policies and mutual funds provide clients: Professional

More information

Legal Aid in Canada: Resource and Caseload Statistics

Legal Aid in Canada: Resource and Caseload Statistics Catalogue no. 85F0015X Legal Aid in Canada: Resource and Caseload Statistics 2010/2011 How to obtain more information For information about this product or the wide range of services and data available

More information

Your New Banking Rights. What you should know about access to basic banking services

Your New Banking Rights. What you should know about access to basic banking services Your New Banking Rights What you should know about access to basic banking services Table of Contents Protecting Consumers: The New Federal Banking Regulations...2 Opening a Personal Bank Account...3 When

More information

Day-to-Day Banking. Opening a Personal Deposit Account or Cashing a Federal Government Cheque at Scotiabank. Cheque Holding Policy

Day-to-Day Banking. Opening a Personal Deposit Account or Cashing a Federal Government Cheque at Scotiabank. Cheque Holding Policy Day-to-Day Banking Opening a Personal Deposit Account or Cashing a Federal Government Cheque at Scotiabank Cheque Holding Policy Opening A Personal Deposit Account We make it easy to open a personal deposit

More information

NCLEX-RN 2015: Canadian Results. Published by the Canadian Council of Registered Nurse Regulators (CCRNR)

NCLEX-RN 2015: Canadian Results. Published by the Canadian Council of Registered Nurse Regulators (CCRNR) NCLEX-RN 2015: Canadian Results Published by the Canadian Council of Registered Nurse Regulators (CCRNR) March 31, 2016 Contents Message from the president 3 Background on the NCLEX-RN 4 The role of Canada

More information

COLLEGE OF FAMILY PHYSICIANS OF CANADA (CFPC) MAINPRO+ CERTIFICATION APPLICATION FORM

COLLEGE OF FAMILY PHYSICIANS OF CANADA (CFPC) MAINPRO+ CERTIFICATION APPLICATION FORM To obtain Mainpro+ certification for a provincial live/face-to-face one-credit-per-hour activity, it is mandatory that a member of the scientific committee be affiliated with McGill University s Faculty

More information

CSA Staff Notice and Request for Comment 21-315 Next Steps in Regulation and Transparency of the Fixed Income Market

CSA Staff Notice and Request for Comment 21-315 Next Steps in Regulation and Transparency of the Fixed Income Market CSA Staff Notice and Request for Comment 21-315 Next Steps in Regulation and Transparency of the Fixed Income Market September 17, 2015 I. Introduction This notice describes the steps that Canadian Securities

More information