PSC discloses information in an audit

The PSC audited the staffing actions of a small government organization. In its report of findings, it cited examples of specific staffing actions that it had examined. Our Office found that, while the report did not contain any names, it provided enough detail about some specific cases that the individuals could be identified. Furthermore, as the audit was made public, its findings were reported in the media. 

Audits are generally negative in nature, and it is not unusual that they should contain examples of scenarios portrayed in negative terms. This is not problematic when speaking of staffing processes for federal institutions with hundreds of employees in particular job classifications. However, when it is a small institution, it is a different matter. Furthermore, calling into question the selection process of a position when the individual is identifiable directly reflects on the person’s competence and qualifications. 

Our Office concluded that the information released by the PSC in its audit was clearly the individuals’ personal information and should not have been disclosed without each person’s consent. The complaints were therefore well-founded.

Our Office is pleased to report that the PSC now requires all of its audits to be reviewed by its Access to Information and Privacy Branch before they can be released to determine if they contain information which is subject to the Privacy Act.