Closed sharlychan-cds closed 2 months ago
OCIO PDPD is working on this with our policy team
It changed, so Sharly needs to work on it
Working on comments to return back to OCIO PDPD
Please add your planning poker estimate with Zenhub @sharlychan-cds
Sharly will meet with Kayla soon to accept comments
@sharlychan-cds working on and will chat OCIO in next day or so.
Sharly working on and in contact with OCIO
Meeting OCIO today
Met with OCIO and some changes accepted, now working on draft and will ask some questions to Yael and Josh early in week
Sharly is at a meeting with OCIO this morning :)
Sharly chatted with Nisa yesterday to get some answers. Blocked time on Friday with her to work on this.
Sharly will continue working a bit on this today.
Continued worked on this on Friday. Will be ready for review soon
Moving to Sprint backlog until @sharlychan-cds returns Did some pairing before holidays with table of data we collect, show how collected, stored, use which is one of last pieces of work required.
February 16, 2023: Sharly and Nisa (Policy) reviewed and sent back final comments to TBS. Waiting for their final approval. Next steps: Giving PM and Head of Notify a tl;dr review of the the document (and any edits needed) before accepting.
Josh and Yael have accepted. Now to dev review for specific sections!
Dev review https://docs.google.com/document/d/1oODAdd-O9j1JlzxzdVHiwXk3zRnNZj__/edit# for pages 5,7-11, 18-19
@jimleroyer to review to see if the technical descriptions are still accurate https://docs.google.com/document/d/1oODAdd-O9j1JlzxzdVHiwXk3zRnNZj__/edit# for pages 5,7-11, 18-19
Does a deadline of Thursday March 16 work? We're hoping to move this along quickly 🙏
waiting for @jimleroyer / devs to review. Melissa might be reframing slightly.
@mtoutloff @sharlychan-cds I reviewed and that looks great overall. I left a few comments. Please ping me if you have any question!
Thanks @jimleroyer! Will review today and let you know if there are any questions.
Melissa still reviewing remaining risks and syncing with Forms team
Still with Jimmy for some final reviews
Melissa has meeting with Jimmy this aft for remaining risk
Melissa and Jimmy met about auditing Met with TBS about risk Melissa documented some key points, will review with Nisa Dependant on ISA signatures issue (PRDD says about Forms)
Melissa at monthly meeting with Privacy folks today so maybe waiting for info from PRDD or Forms team.
Met with PRDD this morning and they are expecting to provide us their advice on the SIN collection for Forms this week. Once we receive it, I will review to see if it has any impacts on the risks identified in the analysis.
No update since last week.
No updates Still waiting on PRDD but majority of their team is out so moving to product backlog
Emailed PRDD about their thoughts on the risks and to get their feedback. Received their response yesterday (June 20) and need to review
Emailed final draft analysis to PRDD on June 27th, once reviewed it will be ready for approval.
Heard back from PRDD yesterday - they're good with our changes but taking through their management (approvals). They'll follow up on approval timelines shortly.
Will be following up with PRDD this week for update on the status of their review
PRDD review should be completed this week, next step will be to proceed to sign-off, back by the end of the week?
Received minor comments from PRDD this week and made a few edits to address their comments. With Nisa for review.
Sent back Analysis to PRDD for final review
Melissa working on a briefing for Leanne and Josh. PRDD gave the thumbs up
Draft briefing shared with Mohamed and Yael. Meeting set up to brief Leanne and Josh on Aug 9
Will need to make some updates to the Analysis following transfer to ESDC. Waiting for more info from legal.
Decided to finalize the Privacy Analysis with what we know so far following our transition to ESDC and can update it down the road if needed
With Nisa for review. Meeting to brief Ioana set up for tomorrow
Briefed Ioana, she's reviewing and once done will set up meeting with Leanne to brief and finalize.
Ioana reviewed, will be briefing Leanne on Monday, Feb 5
Briefed Leanne: She agrees that we can consider this version of the Privacy Analysis done and dusted: https://docs.google.com/document/d/1L3eLNGW7dJ776XADA7PvEIEbbOx5Uh7BRMicH7KRt4Y/edit#heading=h.1chp7uuqxp8x
Sending to translation
Confirm with Melissa next week if this has been sent to translation
Still with translation
Followed up with translation. The doc still needs to be proofread, but there have been many urgent requests, so it's been on hold for now
Followed up with translation and they expect have it finished tomorrow (july 23)
Give your user story a simple, clear title
Description
We have a draft Privacy Impact Assessment (PIA) for Notify. Work was started with TBS ATIP and we need to incorporate their comments, update and re-evaluate it since it was written. A formal PIA is not needed and we're working with OCIO PDPD on a Notify Privacy Analysis document (a PIA-lite).
The goal is to create a technical Notify Privacy Analysis with a privacy compliance-based govt audience. Will re-evaluate to see if we can adapt it to make it public and plain language.
Acceptance Criteria** (Definition of done)