Audit Report
April 22, 2013
Project Number: 80590-77
- Executive Summary
- Introduction
- Background
- Audit Objectives
- Scope
- Approach and Methodology
- Authority
- Findings, Recommendations and Management Responses
- Control Environment for the Management of the Agreement
- Data Stewardship
- Physical and Information Technology (IT) security
- Appendices
- Appendix A: Audit Criteria
- Appendix B: Acronyms
Executive Summary
Data Sharing Agreements (DSAs) are a key Statistics Canada business process. In recent years, data sharing has become a growing and increasingly complex area to manage. Ensuring confidentiality of data is a challenge. Health Statistics Division (HSD) enters into DSAs with provincial Health Ministries under the authority of section 12 of the Statistics Act. The DSAs currently in place with the British Columbia Ministry of Health (the Ministry) allow for sharing of statistical health survey information obtained through the Canadian Community Health Survey (CCHS) and the National Population Health Survey (NPHS).
Currently, Statistics Canada is replacing its existing DSAs with an Omnibus data sharing agreement governing the collection and sharing of information from several selected health surveys with the British Columbia Ministry of Health. The Omnibus DSA includes terms and conditions (T&Cs) governing the use, confidentiality, access, monitoring and compliance of information, and physical and information technology security. This audit was conducted as the Ministry prepares to implement the T&Cs of the Omnibus DSA, in order to assess the extent to which practices are in place to meet the requirements set forth in the Omnibus DSA.
The objective of this audit is to provide assurance to the Chief Statistician (CS) and Statistics Canada's Departmental Audit Committee (DAC) that:
- The Terms and Conditions of the Omnibus data sharing agreement between Statistics Canada and the British Columbia Ministry of Health are met.
The audit was conducted by Internal Audit Services in accordance with the Government of Canada's Policy on Internal Audit.
Key Findings
Authorities, responsibilities and accountabilities for the management and handling of Statistics Canada health survey information are appropriately segregated and formally defined, documented and communicated at the Ministry's Senior Management level; however further work is required to ensure functional roles and responsibilities are documented, communicated and understood at the operational level.
The Ministry has established appropriate internal protocols to meet the requirements set out in the Omnibus data sharing agreement. The Ministry has transferred responsibility for the management of Statistics Canada health survey information out of the program area (where it previously resided), and into the Ministry's Health Sector Information Management and Information Technology Division. The Ministry has designed a set of practices for protection and safeguarding of Statistics Canada health survey information that is housed within the Ministry.
The Ministry has yet to put in place revised third party agreement templates reflective of the requirements set forth in the Omnibus data sharing agreement. This is an important activity for the Ministry to undertake, to ensure that appropriate safeguards are in place over the full lifecycle of Statistics Canada health survey information.
Effective controls for physical access to the Ministry's premises and physical storage have been designed. The Ministry's Policies and Procedures Manual provides prescriptive guidance and direction in the areas of physical and electronic access;identification and authentication safeguards, IT storage and transmission; and information copying, retention and records management to meet the requirements set out in Statistics Canada's Omnibus data sharing agreement. It is important to note that at the time of the audit, the Ministry was implementing these requirements.
Overall Conclusion
Statistics Canada is replacing its existing DSAs with an Omnibus data sharing agreement governing the collection and sharing of information from several selected health surveys with the British Columbia Ministry of Health. The Omnibus DSA includes terms and conditions governing the use, confidentiality, access, monitoring and compliance of information, and physical and information technology security.
An examination of the adequacy and, where possible, the effectiveness of the processes and practices put in place by the Ministry to comply with the requirements set out in the Omnibus data sharing agreement revealed that the Ministry has taken steps to design practices, policies and procedures to meet the requirements set forth in the Omnibus data sharing agreement. However, further work is required in two areas, prior to the release of statistical health survey information to the BC Ministry of Health: (1) Functional roles and responsibilities for the management and handling of Statistics Canada health survey information need to be clearly defined and communicated to staff at the operational level. (2) Third party agreement templates must fully reflect the requirements of the Omnibus data sharing agreement that is being implemented between Statistics Canada and the BC Ministry of Health.
Conformance with Professional Standards
The audit was conducted in accordance with the Internal Auditing Standards for the Government of Canada, which includes the Institute of Internal Auditors (IIA) Internal Standards for the Professional Practice of Internal Auditing.
Introduction
Background
The Health Statistics Division (HSD) at Statistics Canada has the mandate to provide accurate, timely and relevant information regarding the health of Canadians. HSD provides statistical information about the health of the population, the determinants of health, and the scope and utilization of Canada's health care resources. This information is used to assist and support health planners and decision-makers at all levels of government, to sustain demographic and epidemiological research, and to report to the Canadian public about their collective health and health care system. The HSD works in partnership with provincial and territorial vital statistics registrars and cancer registries as well as data providers and users at the federal level (Health Canada and the Public Health Agency of Canada), provincial level (provincial ministries of health), and the regional level (health authorities).
To achieve its mandate, Statistics Canada may, pursuant to section 12 of the Statistics Act (the Act),enter into an agreement for the exchange of information collected from a Respondent, and the Chief Statistician may, pursuant to paragraph 17(2)(a) of the Act, disclose information collected by persons, organizations or departments for their own purposes and communicated to Statistics Canada. These agreements cover a majority of household surveys, and enjoy certain exceptions regarding the release of confidential respondent information provided that the legal requirements for the provision of data-sharing information, consent rights, and confidentiality protection are respected by all parties.
Statistics Canada is replacing its existing data sharing agreements (DSAs) with the British Columbia Ministry of Health (the Ministry) with an Omnibus data sharing agreement for the collection and sharing of information from several selected health surveys, including the Canadian Community Health Survey (CCHS) and the National Population Health Survey (NPHS).
The Canadian Community Health Survey (CCHS) is a cross-sectional survey which collects information related to health status, health care utilization and health determinants for the Canadian population. It is an annual survey which relies upon a large sample of respondents and is designed to provide reliable estimates at the health region level. The uniqueness of these surveys arises from the regional nature of both content and survey implementation. These aspects allow for analysis of health data at a regional level, across Canada.
The National Population Health Survey (NPHS) collects information about the health of the Canadian population and related socio-demographic information. Every two years, the same individuals provide current and in-depth information on their physical and mental health status, use of health care services, physical activities, life in the workplace and social environment. The NPHS has now been discontinued.
The data collected through CCHS and NPHS are used extensively by the research community and other health professionals. Federal and provincial departments of health and human resources, social service agencies, and other types of government agencies use the information collected to plan, implement and evaluate programs to improve health and the efficiency of health services. Non-profit health organizations and academic researchers use the information for research on ways to improve health.
Audit Objectives
The objective of the audit is to provide assurance to the Chief Statistician (CS) and Statistics Canada's Departmental Audit Committee (DAC) that:
- The Terms and Conditions of the Omnibus data sharing agreement between Statistics Canada and the Ministry are met.
Scope
Under the Omnibus data sharing agreement, the Ministry may share the data with third party recipients such as Health Authorities (HAs) within its jurisdiction; recognized provincial or university Research Institutes or Organizations; and researchers under contract to the Ministry. To protect the confidentiality and sensitive nature of the information collected by Statistics Canada, the agreement contains Terms and Conditions (T&Cs) to ensure that confidentiality of the information is not compromised.
The scope of this audit included an examination of the adequacy and, where possible, the effectiveness of the processes and practices put in place by the Ministry to comply with the requirements set out in the Omnibus data sharing agreement. The audit focused on the confidentiality and security (physical access, IT storage and transmission, physical storage, information copying, retention, and records management) safeguards that have been put in place by the Ministry to ensure data is protected and confidentiality is maintained.
Approach and Methodology
A site visit was conducted in December 2012 to assess the processes and procedures the Ministry has put in place to ensure the T&Cs of the new Omnibus data sharing agreement between Statistics Canada and the Ministry are met in preparation for receiving Statistics Canada confidential health survey information. The approach consisted of interviews with key Senior Management and personnel, and review of the processes, procedures and guidelines developed by the Ministry to meet the T&Cs of the agreement between Statistics Canada and the Ministry.
This audit was conducted following the Standards for the Professional Practice of Internal Auditing as per the Institute of Internal Auditors (IIA) and in accordance with the TBS Policy on Internal Audit.
Authority
This audit was conducted as a result of a risk-based senior management request.
Findings, Recommendations and Management Responses
Objective: The Terms and Conditions of the Data Sharing Agreement (DSA) between Statistics Canada and the Ministry are met.
Control Environment for the Management of the Agreement
Canada health survey information are appropriately segregated and formally defined, documented and communicated at the Ministry's Senior Management level; however further work is required to ensure functional roles and responsibilities are documented, communicated and understood at the operational level.
Authorities, responsibilities and accountabilities should be clearly defined and understood at all levels, to support effective management of the T&Cs of the Omnibus data sharing agreement. Monitoring of practices as outlined in the Omnibus data sharing agreement T&Cs should be in place to detect errors or potential errors which would otherwise increase operational risk.
Authority
Statistics Canada exercises its mandate to enter into statistical data sharing agreements with other organizations under the authority of sections 11 and 12 of the Statistics Act. The statistical health survey information provided to the BC Ministry of Health supports the Ministry in policy development, evaluating programs to improve health and the efficiency of health services, and sustaining demographic and epidemiological research.
Under section 12 of the Statistics Act, Statistics Canada is replacing its existing DSAs with the Ministry with an Omnibus data sharing agreement for the collection and sharing of information from several selected health surveys.
Roles and Responsibilities
The audit determined that roles and responsibilities for the management and handling of Statistics Canada health survey information are formally defined in two key documents: the CCHS Secure Lab Process document and the Ministry of Health Statistics Canada Health Survey Information: Policies and Procedures Manual.
Three levels of signing authority have been defined for the handling of Statistics Canada health survey information: the Assistant Deputy Minister, the Chief Data Steward, and the Data Custodian.
The Chief Data Steward and Executive Director, Information Management & Knowledge Services (IMKS) branch of the Ministry's Health Sector Information Management and Information Technology Division (HSIMT) will be the designated "Receiving Party's Official", responsible for ensuring processes and procedures are in place to fulfill the requirements set out in the DSA, and for ensuring that adequate protection is in place to provide for the security of the health survey information.
The Data Access and Stewardship Director, as the Data Custodian will be responsible for receipt and distribution of Statistics Canada health survey information. The Data Custodian will assume the responsibilities set out in Appendix 'C' of the Omnibus DSA for the whole lifecycle of Statistics Canada health survey information: data receipt, handling, storage, and transmission. As well, the Data Custodian will assume the responsibilities set out in the Ministry's information management policies, procedures and practices.
The Data Access and Stewardship group is supported in the handling and management of Statistics Canada health survey information by Data Warehouse Operations. The Director, Data Warehouse Operations serves as back-up for the Data Custodian. Data Warehouse Operations provides information technology support to IMKS branch, and will provide support for the secure lab housing Statistics Canada health survey information. This support includes the physical set-up of the secure lab, and performance of data processing and handling activities on an on-going basis.
At the operational level, responsibility for the management of third party contracts resides with the Data Access and Stewardship group. One team lead within the Data Access and Stewardship group will handle provincial university research institutes and British Columbia Health Authorities, and the second team lead will handle Information Sharing Agreements (ISAs) for researchers requested by the program areas. Members of the teams will deal with all the requests the Ministry receives from recognized provincial or university Research Institutes or Organizations, Health Authorities, and researchers. The team will review and adjudicate data requests, working with subject matter experts within program areas to determine whether information being requested is only that which is required to perform the work.
The audit found that while roles and responsibilities are defined and understood at the senior level within the Ministry, the same level of clarity and understanding is not in place at the operational level. Functional roles and responsibilities for the team leads and team members in Data Access and Stewardship are not clearly defined and documented. Team members are not certain of how their roles will evolve once the Omnibus data sharing agreement is in place, and Statistics Canada confidential health survey information is received.
Lack of clearly defined and documented functional roles and responsibilities at the operational level may result in the prescribed T&Cs not being met, and Statistics Canada confidential health survey information not being adequately and effectively protected.
Monitoring
Clauses with respect to monitoring are prescribed by Statistics Canada in the Omnibus data sharing agreement. The Omnibus DSA states that
"Statistics Canada shall have the right, when it determines necessary, to perform reviews of compliance with this Agreement". The DSA also prescribes that third party agreements entered into by the Ministry "shall contain a clause stipulating the right of Statistics Canada or the Ministry (the Receiving Party) to review compliance with the terms of this Agreement".
The audit found that the Ministry has not engaged in monitoring of agreements entered into with third parties in the past.
Interviews revealed that the Ministry intends to include a clause pertaining to monitoring of third parties when it revises its third party agreement templates. However, at the time of the audit, these revisions had not been completed. As a result, the audit team could not review the third party agreement templates to confirm whether or not a monitoring clause has been included. (This finding is addressed through the recommendations made under Data Stewardship.)
Recommendation:
The Assistant Chief Statistician (ACS) Social, Health and Labour Statistics Field should communicate with the Ministry to ensure the following is implemented:
- Functional roles and responsibilities at the operational level, related to the handling of Statistics Canada Health Survey Information are defined, documented and communicated.
Management Response:
Management agrees with the recommendation.
- The Director, HSD will request a list of all employees and their roles and responsibilities in terms of handling Statistics Canada Health Survey Information.
Deliverable and Timeline: Letter to the Ministry, by April 2013. - As part of the Health Statistics process for on-going monitoring of access that will be implemented, the Ministry will be required to provide a list of employees with access to Statistics Canada Health Survey Information, including their roles and responsibilities.
Deliverable and Timeline: A list of employee names with access to Statistics Canada Health Survey Information, including their roles and responsibilities, every six months.
Data Stewardship
The Ministry has established appropriate internal protocols to meet the requirements set out in the Omnibus data sharing agreement. The Ministry has transferred responsibility for the management of Statistics Canada health survey information out of the program area (where it previously resided), and into the Ministry's Health Sector Information Management and Information Technology Division. The Ministry has designed a set of practices for protection and safeguarding of Statistics Canada health survey information that is housed within the Ministry.
The Ministry has yet to put in place revised third party agreement templates reflective of the requirements set forth in the Omnibus data sharing agreement. This is an important activity for the Ministry to undertake, to ensure that appropriate safeguards are in place over the full lifecycle of Statistics Canada health survey information.
The Ministry has established an appropriate framework to manage the requirements set out in the Omnibus data sharing agreement. Internal protocols for the sound management of data should be in place to ensure the protection and safeguarding of Statistics Canada health survey information over the full lifecycle of the information.
Data Management
The BC Ministry of Health has transferred responsibility for the management of Statistics Canada health survey information from the Population and Public Health Division to the Health Sector Information Management and Information Technology (HSIMT) Division. This is a key control, as HSIMT is the Ministry's dedicated group for the management of health data, and not the ultimate users of the data.
Within HSIMT, responsibility for the administration and management has been appropriately segregated between two areas: Data Access and Stewardship, and Data Warehouse Operations.
As described under the Control Environment for the Management of the DSA, the Director of Data Access and Stewardship will be the designated Data Custodian and recipient, and will act as the liaison between Statistics Canada and the Ministry. Three Research Officers (ROs) reporting to the Data Custodian will be authorized to use the secure lab facility to work with the Statistics Canada confidential information. The ROs' role will include initial record linkage for survey respondents who have agreed to have their information linked; validation work; information maintenance; implementation of study specifications, and working in the secure lab to prepare research extracts.
Three Data Base Analysts (DBAs) reporting to the Director, Data Warehouse Operations group, will be authorized to use the secure lab facility, where they will provide the technical skills needed to prepare data files for use by the ROs.
Third Party Sharing
The Ministry can provide access to Statistics Canada confidential health survey information to:
- Researchers working under contract directly for the Ministry to provide a Survey-related product or service for the sole benefit of the Ministry.
- Provincial/territorial or university research institutes working under contract directly for the Ministry to provide a Survey-related product or service for the sole benefit of the Ministry.
- Six British Columbia regional Health Authorities. However, Statistics Canada health survey information can only be provided to HAs if respondents were notified that their Survey Reponses would be provided to HAs in their province of residence. Otherwise, the HA can only work under contract for the Ministry to provide a Survey-related product or service for the sole benefit of the Ministry.
The Ministry confirmed that the above-stated third party recipients will only have access to Statistics Canada confidential health survey information from which Personal Identifiers (i.e. person's name, address, telephone number or other direct means of identifying an individual) have been removed as prescribed in the Omnibus agreement. The Ministry also confirmed that these third parties will not have access to the Ministry secure lab housing Statistics Canada confidential health survey information.
If Statistics Canada health survey information access is provided on the premises of the university research institutes or HAs, then the Ministry is required to include in their agreements the physical and IT security measures as set out in the Omnibus data sharing agreement, which states:
"The Receiving Party (the Ministry) shall ensure that the terms and conditions of this Agreement respecting the use, confidentiality, protection and security of the Information are included in all agreements and arrangements the Receiving Party (the Ministry) enters into, under the terms of which any other organization is granted access to the Information in accordance with subsection 6.2 of this Agreement".
Interviews revealed that the Ministry is currently in the process of revising its third party agreement templates. However, at the time of the audit, these revisions had not been completed. As a result, the audit team could not review the third party agreement templates to confirm whether or not the requirements respecting the use, confidentiality, protection and security of Statistics Canada health survey information have been reflected in the templates.
Recommendations:
The Assistant Chief Statistician (ACS) Social, Health and Labour Statistics Field should communicate with the Ministry to ensure the following is implemented:
- Third party agreement templates are developed and reflect the requirements set out in Statistics Canada Omnibus data sharing agreement.
Management Response:
Management agrees with the recommendation.
- The Director HSD, will request from the Ministry their proposed templates for third party agreements to ensure that they reflect the requirements set out in Statistics Canada Omnibus data sharing agreement.
Deliverable and Timeline: The Director HSD, to request from BC Ministry of Health their proposed third party agreement templates, by April 2013. - The Director, HSD will monitor on a regular basis, third party access privileges to ensure that third party templates are being used appropriately.
Deliverable and Timeline: Report from the Ministry on third party access privileges, every six months.
The Assistant Chief Statistician (ACS) Social, Health and Labour Statistics Field should ensure that:
- A review of the third party agreement templates is conducted to ensure that they include the terms and conditions contained in the Omnibus data sharing agreement respecting the use, confidentiality, protection and security of the information, and monitoring clauses, before providing Statistics Canada confidential health survey information to the Ministry.
Management Response:
Management agrees with the recommendation.
- Statistics Canada Health Survey information will only be provided after a thorough and satisfactory review of the proposed third party agreement templates by the Director HSD, to ensure that they meet the terms and conditions of the Omnibus data sharing agreements.
Deliverable and Timeline: The Director HSD will inform the Ministry of any gaps in their templates, and will notify Statistics Canada senior management once the templates are compliant, immediately upon receipt of the templates.
Physical and Information Technology (IT) security
Effective controls for physical access to the Ministry's premises and physical storage have been designed. The Ministry's Policies and Procedures Manual provides prescriptive guidance and direction in the areas of physical and electronic access; identification and authentication safeguards, IT storage and transmission; and information copying, retention and records management to meet the requirements set out in Statistics Canada's Omnibus data sharing agreement. It is important to note that at the time of the audit, the Ministry was implementing these requirements.
Information provided to the Ministry is designated as 'Protected B' information as defined in the federal Policy on Government Security. The Ministry is required to ensure that the control and protection of the information, either physically or electronically, is carried out in a manner that protects against loss, theft, compromise or improper disclosure.
Physical Access to the Ministry's Premises and Physical Storage
A physical inspection was conducted of the Ministry's site during the examination phase of the audit. The audit noted that the Ministry's policy allows visitors with unaccompanied visitor card access once signed into the building, with the exception of access to the Ministry's server room and the secure lab housing Statistic Canada health survey information. There is a card scanner outside each secured area. Staff and visitors must swipe their access card through the card scanner to enter the secured area.
Statistics Canada health survey information will be stored, accessed, used, linked and analyzed in a secure lab room located in the Ministry's HSIMT division. A motion sensor-activated security camera that can operate on an uninterrupted power supply in the event of a power failure is located facing the lab door, to record all activity occurring in front of the lab door. Facilities Management is responsible for monitoring the camera, and the tapes can only be accessed by the Chief Data Steward and Executive Director.
Access to the secure lab is permitted only to 'Identified' persons. Persons holding visitor cards cannot access the lab independently; visitors to the lab must be escorted by an 'Identified' person. A visitor log book noting name, date, time in and out, is required to be signed by escorted visitors accessing the secure lab.
The audit verified if only 'Identified' persons could access the secure lab. Three employees determined not to have access to the secure lab were asked to swipe their access cards at the card scanner located outside the lab. Their access cards did not allow them to access the secure lab. The auditors also tested their visitor access card, and the visitor access card did not allow access to the secure lab.
The audit also verified if the security camera placed outside the lab was operating as intended. The audit team viewed the camera tape for the activity of the 3 employees asked by the audit team to access the lab. The audit noted that the motion sensor-activated security camera recorded the activity of the 3 employees at the lab door.
Physical and Electronic Access to Health Survey Information Data Files
The Ministry has a formal process in place for requesting access to the secure lab from the Data Custodian. A Request for Access to Secure Area Form has to be completed and signed by every 'Identified' person, and then signed by the Data Custodian signifying authorization of that person's access to the secure lab.
As well, every 'Identified' person has to agree in writing to comply with the terms of the DSA by signing an acknowledgement. The acknowledgement states they have read, understood and agree to comply with the T&Cs of the DSA between the Ministry and Statistics Canada, as highlighted in the Ministry's Policy and Procedures Manual, and by signing a 'Protection of Confidential Information Agreement for Ministry of Health Employees', as required by appendix 'C' of the DSA. The Ministry stated that the Policy and Procedures Manual will be mandatory reading for all 'Identified' persons.
The secure lab has been set up as an isolated network with a stand-alone Oracle server on a desk-top computer and two workstations which are connected to the server by a port and Ethernet Cable. There is no internet access, as required by appendix 'A' of the DSA, and electrical cables are the only external cables in the lab. Statistics Canada information will be stored on the Oracle server and only 'Identified' persons can access the information either from the server or the two workstations.
A secured cabinet with a key lock is located in the lab to store transportable media and print-outs of Statistic Canada health survey information. The data custodian holds the key for this cabinet.
Identification and Authentication Safeguards, IT Storage and Transmission
The stand-alone Oracle server housing Statistics Canada health survey information and the two desk-top computers will have "named user accounts" for each 'Identified' person. 'Identified' persons will be required to provide their named user account ID and Oracle username ID and complex password (minimum 8 alphanumeric characters with at least one upper case letter, one lower case letter and one number) to log in and access Statistics Canada health survey information.
The card scanner outside the lab and the visitor log book will create an audit trail on physical access to the lab. As well, the named user account ID and Oracle username ID will be tracked to provide an audit trail on the two desk-top computers and the server.
The Ministry's Policies and Procedures Manual states that health survey files transmitted by Statistics Canada to the Ministry by electronic file transfer (e-FT) will be downloaded on a portable hard drive by the Data Custodian, and then saved on the Oracle server in the secure lab. No other type of transportable media such as flash memory stick, laptops, etc will be used to transport the downloaded files. The portable hard drive will utilize full encryption and require password to access. After the transport has finished, it will be securely overwritten, to prevent recovery efforts by unauthorized individuals. The portable hard drive will not be used to store Statistics Canada health survey information. When not in use, the drive will be stored in the key locked cabinet.
If survey files are transported by CDs, then information will be downloaded on the server and the CDs will be stored in the locked cabinet in the secure lab. The Policies and Procedures Manual states that backup of the Oracle server will not be maintained. If the server drives are damaged in an incident and are not recoverable, then brand new data will be requested from Statistics Canada. As well, electronic transmission by facsimile or e-mail is not allowed.
Information Copying, Retention and Records Management
The Ministry's Policies and Procedures Manual does not allow paper copies or electronic extracts of Statistics Canada health survey information. At the time of the audit, the secure lab did not have a printer. Printing outside the secure lab will not be permitted. A policy statement directing printer use will be prominently displayed in the lab and communicated to 'Identified' persons when they are granted access privileges. Statistics Canada information will only be held in the secure lab, and its transmission or transport elsewhere will not be permitted. Electronic transmission by facsimile or e-mail will not be allowed.
The DSA requires the Data Custodian to maintain a register of all data files received from Statistics Canada. The audit noted that the Ministry's Policies and Procedures Manual lists this as one of the responsibilities of the Data Custodian. The audit corroborated this understanding with the Data Custodian via interview.
Effective controls for physical access to the Ministry's premises and physical storage are in place. The Ministry's Policies and Procedures Manual provides prescriptive guidance and direction in the areas of physical and electronic access;identification and authentication safeguards, IT storage and transmission; and information copying, retention and records management to meet the requirements set out in Statistics Canada's Omnibus data sharing agreement. It is important to note that at the time of the audit, the Ministry was implementing these requirements.
Recommendation:
The Assistant Chief Statistician (ACS) Social, Health and Labour Statistics Field should ensure that:
- A follow-up audit is conducted if and when the new Omnibus data sharing agreement is signed and data has been shared with the Ministry.
Management Response:
Management agrees with the recommendation.
- The Assistant Chief Statistician (ACS) Social, Health and Labour Statistics Field, will inform Statistics Canada's Policy Committee once the Omnibus data sharing agreement is signed and data has been shared with the Ministry.
Deliverable and Timeline: Decision by Policy Committee members on if and when a follow-up audit should be conducted.
Appendices
Appendix A: Audit Criteria
Objective / Core Controls / Creteria | Sub-Criteria | Policy Instrument |
---|---|---|
1.1 Authorities, responsibilities and accountabilities, are defined, communicated, and the segregation of duties is appropriately established. | 1.1.1 Responsibilities are formally defined and clearly communicated. 1.1.2 Authority is formally delegated and delegated authority is aligned with individual's responsibilities. Where applicable, incompatible functions are not combined. |
TBS Core Management Controls Omnibus data sharing agreement |
1.2 Management at the Ministry identifies, assesses the appropriateness of existing controls to effectively manage its risks, and responds to the risks that may preclude the achievement of its objectives. | 1.2.1 Risks are identified at both the program and regional levels, respectively, and take into consideration the internal and external environments of the RDC Program. 1.2.2 Formal processes and guidelines exist to assess the controls in place to manage the identified risks. |
|
1.3 Assets are protected at the Ministry. | 1.3.1 Access to data is limited to authorized individuals and is appropriately secured in compliance with privacy legislation. 1.3.2 Access is physically restricted. 1.3.3 Procedures to safeguard the shared data upon change of duties of an employee exist and are adhered to. 1.3.4 Procedures exist to protect the use of data from abuse or fraud. 1.3.5 Logical access controls exist to ensure access to systems and data, is restricted to authorized users, e.g., systems require users to logon using unique user name and password. 1.3.6 Authentication and access procedures and mechanisms exist for and are applied in order to keep authentication and access mechanisms effective. 1.3.1 Access to data is limited to authorized individuals and is appropriately secured in compliance with privacy legislation. 1.3.2 Access is physically restricted. 1.3.3 Procedures to safeguard the shared data upon change of duties of an employee exist and are adhered to. 1.3.4 Procedures exist to protect the use of data from abuse or fraud. 1.3.5 Logical access controls exist to ensure access to systems and data, is restricted to authorized users, e.g., systems require users to logon using unique user name and password. 1.3.6 Authentication and access procedures and mechanisms exist for and are applied in order to keep authentication and access mechanisms effective. |
|
1.4 Management monitors actual performance against planned results, and adjusts course as needed, to better address the requirements/ needs of the program. | 1.4.1 Responsibility for monitoring is clear and communicated and results are reported to required authority levels. 1.4.2 Active monitoring is demonstrated. |
Appendix B: Acronyms
Acronym | Description |
---|---|
ACS | Assistant Chief Statistician |
CCHS | Canadian Community Health Survey |
CD | Compact Disk |
CS | Chief Statistician |
DAC | Departmental Audit Committee |
DBA | Data Base Analyst |
DSA | Data Sharing Agreement |
e-FT | Electronic File Transfer |
HA | Health Authority |
HSD | Health Statistics Division |
HSIMT | Health Sector Information Management and Information Technology Division |
ID | Identification |
IIA | Institute of Internal Auditors |
IMKS | Information Management & Knowledge Services |
ISA | Information Sharing Agreement |
IT | Information Technology |
LOE | Line of Enquiry |
NPHS | National Population Health Survey |
RO | Research Officer |
TBS | Treasury Board Secretariat |
T&Cs | Terms and Conditions |