Treasury Board examines privacy risks in BI rollout

Salary information, retirement eligibility and a host of other personal data about federal government employees is being turned into reports by a business intelligence system that puts their privacy at risk, according to a report from Treasury Board of Canada Secretariat.

In conjunction with the 2005-2006 annual report on the Access to Information Act and the Privacy Act published Wednesday, Treasury Board Secretariat (TBS) also released the summary of a privacy impact assessment of the corporate business intelligence (BI) system. The source data that is analyzed through the system is being extracted from the federal government’s SAP financial software, as well as its human resources and salary forecasting databases. Some reports have been run through this system since 2004, but a financial reporting summary only went live this past April and others have yet to be deployed.

The summary says the BI software, which is Ottawa-based Cognos’s flagship product, is designed to replace a number of standalone reporting mechanisms, and to improve internal planning and decision-making. “It also provides data at the level of individuals and transactions,” it says. “Deployment of (the software) will signify changes to business processes and systems that will re-design information delivery within the departments.”

A TBS spokesman said the BI system will be available only to managers and senior administrative assistants. “It will be restricted to a need-to-know basis,” Robert Makichuk said. “Not everybody gets to see this stuff.”

The privacy impact assessment summary highlighted three areas of potential risk, which were described as “low to moderate” overall but not specifically rated in the summary. They included the security of the system, the accuracy of personal information that is extracted from source databases and run through the BI tool, and the tool’s reporting capabilities.

“The report concluded that the analysis of this data could possibly generate new facts about employees,” the summary said. “Snapshot reports used to make administrative decisions about employees will be retained on personal files and in accordance with departmental retention schedules.”

Makichuk said examples of this new information could include salary forcasts, budget free balances and employee counts. These would arise from calculations that are applied to transaction data from the financial and HR systems.

The office of the Privacy Commissioner of Canada Jennifer Stoddart conducted its own informal review of the software, but a spokeswoman for Stoddart said it would not comment publicly on what kind of feedback it provided TBS about the use of BI.

Fazila Nurani, a lawyer and founder of Toronto-based PrivaTech Consulting, said the TBS case shows the contrast between the federal Privacy Act — which governs the capture, storage and disclosure of public sector information – and the more stringent Personal Information Protection and Electronic Documents Act (PIPEDA), which covers the private sector.

“It would be absolutely unacceptable to do this in the private sector without getting consent from employees for assimilating this kind of data,” she said, noting that the Privacy Act contains a clause called “consistent purposes” that says you do not need to get consent if you use personal information that has already been collected in a way that is consistent with the purpose for which you have collected it. “It allows you to get away with this without the public being aware.”

The Privacy Act has not been updated since 1983, Nurani noted, and given that PIPEDA is already under review this year, it is unlikely it will face major revisions anytime soon.

Because the BI software only processes the data, the summary document said errors will have to be corrected at the source, such as the SAP financial system or the HR system, and will be logged. That is a much harder job than it sounds, according to Keith Gile, an analyst who specializes in BI at Cambridge, Mass.-based Forrester Research.

“Even slight variations on a theme – spelling IBM with a capital ‘I’ versus a small ‘i’ – something like that will rear its head in a report system,” he said. “You have match merging, incomplete data sets, duplicates . . . it’s an amazing scenario that many large organizations are going through.”

Nurani said errors will almost be inevitable. 

“You’re going to have inaccurate representations, especially if you’re taking disparate pieces of data and bringing it together,” she said. “It’s not even anonymous data. It’s quite shocking to see it happening in the federal government. “

Gile said there has been a recent trend in BI to try to clean the data before it enters the warehouse, if not at the source. That’s one of the factors behind the purchase of data quality tool providers, such as Business Object’s acquistion of First Logic and SAS’s acquisition of DataFlux, he said. 

The Corporate Services Branch of TBS will be responsible for providing guidance on use of the BI tool and to validate the accuracy of information in the reports, and will make sure they continue to comply with the Privacy Act, according to the report.

Comment: info@itbusiness.ca

Share on LinkedIn Share with Google+