Privacy Impact Assessment on the Green and Inclusive Community Buildings (GICB) Program
Privacy Impact Assessment on the Green and Inclusive Community Buildings (GICB) Program
Title of the PIA
Privacy Impact Assessment on the Green and Inclusive Community Buildings (GICB) Program
Government Institution
Infrastructure Canada (INFC)
Head of INFC or Delegate for Section 10 of the Privacy Act
Melanie Davis, Director, ATIP and Executive Correspondence
Senior Official or Executive for the New or Substantially Modified Program or Activity
Bogdan Makuc, Director, Green and Inclusive Community Buildings Program
Name and Description of the Program or Activity of the Government Institution
Green and Inclusive Community Buildings (GICB) Program
Legal Authority
The legal authority for the collection of personal information is Order in Council P.C. 2004-0325.
Personal Information Bank
There is currently no registered personal information bank for GICB. However, there is a class of personal information – Grant and Contribution Programs.
Short Description of the Project, Initiative or Change
The Green and Inclusive Community Buildings (GICB) program aims to build more community buildings and improve existing ones – in particular in areas with populations experiencing higher needs – while also making the buildings more energy efficient, lower carbon, more resilient, and higher performing. This five-year $1.5 billion program will support green and accessible retrofits, repairs or upgrades of existing public community buildings and the construction of new publicly-accessible community buildings that serve high-needs, underserved communities across Canada.
The GICB program supports the first pillar of the Strengthened Climate Plan by making it easier for Canadians to improve the places in which they live and gather, by cutting pollution (e.g. reducing GHG emissions, increasing energy efficiency, building resiliency to climate change and encouraging new builds to net zero standards), making life more affordable and supporting thousands of good jobs.
Funding is available for municipal or regional governments, public sector bodies, not-for-profit organizations, provincial or territorial governments and Indigenous recipients for eligible projects. Individuals and for-profit organizations are not eligible to apply.
Risk Area Identification and Categorization
The following section contains risks identified in the PIA for the new or modified program. The numbered risk scale is presented in an ascending order: the first level (1) represents the lowest level of potential risk for the risk area; the fourth level (4) represents the highest level of potential risk for the given risk area.
Type of Program or Activity
Program or activity that does not involve a decision about an identifiable individual.
Level of risk to privacy: 1
Type of Personal Information Involved and Context
Only personal information, with no contextual sensitivities, collected directly from the individual or provided with the consent of the individual for disclosure under an authorized program.
Level of risk to privacy: 1
Program or Activity Partners and Private Sector Involvement
Within the institution (among one or more programs within the same institution), with other government institutions, with other institutions or a combination of federal, provincial or territorial, and municipal governments and private sector organizations.
Level of risk to privacy: 4
Duration of the Program or Activity
Long‑term program or activity
Level of risk to privacy: 3
Program Population
Personal information is collected from individuals outside INFC. However, it is not used for an administrative purpose, but it is placed in a database and retrievable by name.
Level of risk to privacy: 1
Technology and Privacy
The program involves implementation of a new electronic system or the use of a new application or software, including collaborative software (or groupware), to support the program or activity in terms of the creation, collection or handling of personal information. The program also requires modifications to information technology (IT) legacy systems.
Level of risk to privacy: 3
Personal Information Transmission
The personal information is transmitted using wireless technologies.
Level of risk to privacy: 4
Risk Impact to the Individual or Employee in the Event of a Privacy Breach
Inconvenience, reputation harm, embarrassment
Level of risk to privacy: 2
Report a problem on this page
- Date modified: