STANDING COMMITTEE ON PUBLIC ACCOUNTS
COMITÉ PERMANENT DES COMPTES PUBLICS
Wednesday 2 March 2016 Mercredi 2 mars 2016
The committee met at 1231 in room 151.
2015 Annual Report, Auditor General
Ministry of Government and Consumer Services
Consideration of section 4.09, ServiceOntario.
The Vice-Chair (Ms. Lisa MacLeod): Good afternoon, everyone. Thank you for joining us here at the Standing Committee on Public Accounts. We are here to consider ServiceOntario, section 4.09 of the 2015 annual report of the Office of the Auditor General of Ontario.
You, our guests, have 20 minutes collectively to make a presentation to the committee. After that, each of the caucuses, starting with the official opposition, will take two rounds for questions. Again, the rotation will start with the official opposition.
You are free to start.
Ms. Angela Coke: Thank you, Madam Chair, members of the committee, Auditor General and legislative staff. My name is Angela Coke. I am the deputy minister of the Ministry of Government and Consumer Services. I’m pleased to be here to talk about the—
The Vice-Chair (Ms. Lisa MacLeod): We’ll just take a brief recess to find out what this is, and we can start again.
The committee recessed from 1232 to 1233.
The Vice-Chair (Ms. Lisa MacLeod): Okay. Why don’t we start from the beginning? Go ahead.
Ms. Angela Coke: Okay. Thank you. I’m pleased—
The Vice-Chair (Ms. Lisa MacLeod): Excuse me. I’m so sorry. Now the microphones are not working.
The Vice-Chair (Ms. Lisa MacLeod): We will recess.
The committee recessed from 1233 to 1235.
The Vice-Chair (Ms. Lisa MacLeod): We’re good to go. I’m going to restart your time here, if that’s okay.
All right. Welcome to the committee, for the third time. Our microphones are now working. I would like to ask Angela Coke, the deputy minister from the Ministry of Government and Consumer Services, to restart her presentation, and thank her for her patience.
Ms. Angela Coke: Okay, thank you. I’m pleased to be here to talk about the Auditor General’s December 2015 follow-up report on the recommendations made in her 2013 annual report.
Joining me today are a number of ServiceOntario and ministry senior executives who I’d like to introduce. David Denault is here, the CEO and associate deputy minister of ServiceOntario; Bev Hawton, the assistant deputy minister of business improvement; Helga Iliadis, the assistant deputy minister of customer care; Robert Mathew, the assistant deputy minister, central services; David Ward, the assistant deputy minister, business development; Clare McMillan, the chief administrative officer; and Catherine Ballantyne, our deputy director of legal.
I understand that I have 20 minutes to make some remarks, and then we’ll be happy to take your questions.
Before I get started, though, I did want to say how very much we appreciate the input and recommendations from the Auditor General and her staff. They’ve been very helpful in terms of helping us on our continuous improvement journey.
ServiceOntario, as you know, provides our front-facing, integrated services for individuals and businesses, with a focus on customer experience excellence. ServiceOntario delivers over 80 services. Some are services that we own end-to-end, like vital events, land and personal property and business services, and other services we deliver on behalf of partner ministries, related to driver and vehicle, health cards, Outdoors cards, information and intake services.
We manage approximately 49 million service transactions annually, using a mixed-delivery model, public and private, and multi-channels—in-person, contact centres, online services—to ensure that a diverse range of individuals and businesses can access our services.
Our early mandate was to be the public-facing service delivery organization for high-volume, routine government services. That mandate has evolved, as we play a greater role and add more value to transform government service delivery, building on our strengths as a service integrator.
As we move forward, our direction and focus is on increasing digital services by addressing digital enablers, such as digital identity and policy changes, by improving the quality and introducing new online services; improving the customer experience by focusing on integrated service delivery and customer-centred design; building new and stronger partnerships within the OPS, across all levels of government and with public and private partnerships; and enhancing the organizational excellence within ServiceOntario.
We have a history of success—for example, integrating service bundles, online options, money-back guarantees—and the organization has built a strong culture of continuous improvement. We research, we plan, we implement, we evaluate, but most importantly, we learn and we improve.
We’re not perfect. We have many operational issues that we tackle on a daily basis, and we have longer-term strategic priorities to drive forward. But we are very committed to providing excellent services and to maximizing our resources, so that we achieve the best outcomes for our customers and the government.
I’d like to take this opportunity to commend our executive team and all the staff at ServiceOntario across the province for their dedication and hard work.
As I mentioned, we welcome review and input from independent third parties, such as the Auditor General, to validate our work and to show us areas where we could focus our improvement efforts.
On a regular basis, ServiceOntario consults with industry leaders in other jurisdictions to ensure that we’re taking advantage of the best practices and standards in our numerous lines of business. As a recognized leader in public sector service delivery, we are also asked to share our experiences by those same organizations and by governments from around the world.
We’re very gratified that the Auditor General’s comments in her December press conference noted our exemplary performance in implementing her recommendations. I’d just like to speak briefly to the progress and the results that we’ve achieved.
Regarding service delivery costs, two of the three recommendations have been fully implemented. ServiceOntario conducted research using Ipsos Reid, a leading Canadian market research firm, to better understand the reasons why people choose in-person services over online options. The findings have resulted in a refresh of our action plan to encourage higher usage of the online channel. ServiceOntario also continues to explore transactions that can be moved online and recently added online driver’s licence renewal, small claims e-filing and online security guard licensing to our suite of offerings.
Regarding the recommendation to examine our pricing strategy to shift people toward online services, this is an area that ServiceOntario has considered in the past, but is not pursuing at this time. We feel it’s important to ensure that services are broadly accessible and that certain segments of our population are not disadvantaged. For example, not all areas of Ontario are equally served with high-speed Internet access. In addition, while online services are well suited for routine transactions, some of our customers have more complex cases that require human judgment or case management and it’s not feasible to be handled through an online channel. For those customers, in-person services are necessary, and we believe that a higher fee would be unfair for required personal services such as vital statistics documents.
Nonetheless, we do recognize that many people who are in line at our counters could complete some of their transactions online, so we’re using a number of different methods to promote greater use of online transactions. For example, we’re improving our promotional activity to raise awareness of online options and applying lessons learned from successful efforts to nudge people toward the Web, such as online licence plate renewals. Over the past year, usage of the online channel has increased by 7.7%.
We’re also redesigning our online forms to make them easier and faster to use, and we’re bundling services so that people can complete multiple transactions at one time. We’re also working with our partners to develop common design standards for digital services that put the customers first, and exploring how to create a single way for people to identify themselves online.
In terms of reducing costs at our publicly run in-person service centres, ServiceOntario has implemented a number of actions to do just that. In fact, we’ve decreased operating expenses at the same time that we’ve had to manage increased volumes of customer interactions. This was accomplished by initiatives such as increasing flexible staff mix, adjusting operating hours, rationalizing public offices and expanding the capacity of privately operated retail offices.
Moving on to the next area regarding service levels, the Auditor General made four recommendations. Three out of those four have been completed, with substantial progress on the final one. At ServiceOntario, we understand that we are the face of the Ontario government and we take that role very seriously. We spend a lot of time and effort tracking the number of people who visit our centres, how long they wait and what they think of their experience. In particular, we’re using new methodology to better estimate the number of customers who wait longer than 20 minutes, and we’re in the process of replacing the existing queuing system in 20 large retail offices with new technology.
We know timeliness is a key driver of customer satisfaction and we’re committed to continuous improvement of wait times. In the third quarter of 2015-16, 96% of our customers said that they were either “satisfied” or “very satisfied” with the service they had received.
The Auditor General’s report spoke of the need to examine service levels at our contact centres. In 2013, ServiceOntario contact centres did experience a temporary dip in performance while we were transitioning to a new contact centre technology platform. Through ongoing efforts, the ServiceOntario contact centre optimization committee successfully optimized the new technology. Service levels and performance levels have stabilized and have been sustained, and the most recent third-quarter customer satisfaction survey results are that 90% of people are “satisfied” or “very satisfied.”
With respect to the recommendation about survey methods in our in-person service centres, based on consultations with Ipsos Reid, we made a number of changes in 2014-15. For example, we no longer notify local managers immediately prior to the administration of in-person surveys, and independent interviewers conduct customer interviews as far away from the service agents as is practical.
While many retailers would use mystery shoppers to identify successes and flaws in service delivery, given the nature of our services and products, they don’t lend themselves to mock transactions by anonymous people. I would also note that this is not the only way that we collect customer feedback. For example, customers are encouraged to provide feedback directly to our customer experience office. Customer satisfaction continues to remain high, with 96% being “satisfied” or “very satisfied” with our in-person services.
With respect to the issue of customers being turned away, we held staff focus groups and found out that about 80% of turn-aways were the result of customers visiting with incomplete documentation. The groups most affected were youth, new immigrants and people for whom English is a second language. We provided some multilingual handouts and reached out to community groups with brochures outlining what documents are required when applying for a health card and driver and vehicle licences.
The next recommendation in the report is related to fees customers are charged for services. In 2014, we completed an expenditure analysis of the four lines of business that we own and deliver end to end: vital events, business registration, personal property and real property. The results allowed us to determine the cost per transaction of these services and enabled us to compare the cost of various channels.
In the context of our overall ServiceOntario strategic plan and timelines for key transformation initiatives, we will need to complete a full analysis of our revenues and fees. This will involve a set of complex considerations about the overall cost incurred to deliver a service or product, and we will need to take into account a number of important business and system improvements that are planned or under consideration.
We’ll also need to align with the government-wide strategy, as referenced in the budget, to review all service fees in a way that is fair, reasonable and balanced. I would also note that the vast majority of our fees have not been increased in 15 to 20 years.
With respect to issuing and managing licences and registrations, in total, there are seven recommendations. Of these, six are either fully completed or well on their way.
As recommended, last spring we studied and then successfully introduced a more secure and durable polymer material for birth certificates. This material helps reduce fraud and identity theft.
In relation to the recommendation to complete enough guarantor audits on birth certificates, we completed an analysis of the effectiveness of guarantor audits and determined that random audits of guarantors did not add any value to the existing application screening process, as the guarantor audit process is not designed to verify the eligibility of applicants or the information provided. As a result, discontinuing the guarantor audits does not affect the security of our birth certificates.
By March 31, we will roll out a number of enhanced supports for staff at the in-person service centres for processing of higher-risk transactions, such as specific health card registrations.
In relation to our plans to remove red-and-white health cards from circulation, we are well on our way. In fact, as of January 2016, 90% of Ontarians have a more secure photo health card. Since 2013, we have reduced the number of red-and-white cards in circulation by 1.5 million, and we will continue with our plan to meet our 2018 target date.
The Auditor General recommended examining the benefits of a smart card that would combine multiple forms of ID. Our initial review of this found that the cost savings from simply integrating several cards into one would not justify the investment required. However, as part of our strategic plan, ServiceOntario is exploring a broader, longer-term approach. Our research indicated that card integration, smart card technology and the ability to promote greater electronic access to government services should be considered together as part of an integrated strategy.
In this regard, we are examining the feasibility of a single digital identity and possible card strategy. Privacy-friendly design, cost-effectiveness and the potential for use across government programs are key themes that are being explored before bringing forward any proposed solution for consideration.
As recommended, with our partners at the Ministry of Transportation, we have implemented changes to improve verification requirements for those registering farm vehicles.
In January 2016, we introduced a new policy and have put in place improved permit design and processes for issuing accessible parking permits, to be more secure and to help ensure that they’re only issued to those who meet the requirements. Stakeholders representing persons with disabilities believe these improvements are a good balance between verifying a person’s need for accessible parking while ensuring ease of access to an important service.
With respect to the recommendation about our internal audit activities, we’ve taken steps to expand our audit program for all our service centres, both public and privately run. The program includes auditing health card registrations, conducting more frequent audits and establishing new risk frameworks that help us target our efforts more effectively.
In addition, we implemented a new quality assurance program in July that provides expanded analytics capacity to identify training needs, policy clarification and process improvement opportunities.
ServiceOntario has worked closely with partner ministries, including health and long-term care and transportation, to improve the security and the integrity of registration and licensing databases—for example, improving death notification controls. We have continued to share vital events data with various government partners as part of a shared commitment to data integrity and to mitigate the risk posed by erroneous and duplicate identity documents. ServiceOntario has also worked closely with partners to review the feasibility of expanding existing information-sharing agreements.
As we continue to explore further ways to integrate products and the delivery of services to improve the customer experience, ServiceOntario is very mindful of the need to balance that with privacy protection. The sharing of address change information between multiple programs requires broader policy and legal review, and consultation with the Information and Privacy Commissioner. ServiceOntario is reviewing this in the context of the potential for a single digital identity solution, as well as a policy and legislative framework that enables further integration and provides greater authority for data sharing.
The final recommendations are related to the monitoring and performance of Teranet, the company that operates Ontario’s electronic land registration system. Teranet receives independent assurances from third-party auditors that are measured against well-recognized, international standards for IT management adherence in electronic land registration systems. In addition, as recommended, we obtained independent verification from Ernst and Young that Teranet’s performance assessment was consistent with the standards of the Chartered Professional Accountants of Canada. Ernst and Young’s reports also concluded that controls were suitably designed and were operating effectively.
The last recommendation is to periodically test our copy of Teranet’s land registry program software. We did investigate this, but doing so would cost the government approximately $3 million to start up and then an additional $300,000 each subsequent year. As we already have very robust and extensive provisions in the contract with Teranet to ensure business continuity in the event of a disaster, we don’t believe this expense would be justified.
The business continuity plan clearly details each party’s rights and responsibilities. The licence agreement also requires that the disaster recovery plan be tested annually and updated every five years or as needed. That being said, we will still investigate if there’s a more cost-effective way to verify the electronic land registry system without having to replicate it.
Before I close, Madam Chair, I’d like to say that we have taken the Auditor General’s recommendations very seriously. Again, we thank her and her staff for their feedback. We have implemented the vast majority of the recommendations. We know, however, that we still need to sustain and further improve on these results. That is what we will do as we manage our large day-to-day operations and, at the same time, plan and implement a number of business and system improvement projects.
I thank you for your time and the opportunity to provide this update. My team and I are happy to take any questions.
The Vice-Chair (Ms. Lisa MacLeod): Thank you very much, Deputy Minister. You were right under the time line; we appreciate that.
I’d now like to invite my colleagues in the official opposition to have 20 minutes of questioning. I remind all members of the committee that our researcher, Mr. Elling, has a number of questions that he has put forward at the back of his report.
We’ll be starting with Ms. Munro.
Mrs. Julia Munro: Thank you very much for coming today to provide us with the insight into the details that the auditor has provided.
Obviously, one of the most important aspects of this process, as you began, was around the issues of cost. Certainly, that’s where I’d like to start because I’m looking at it from the point of view not only of a taxpayer and the kind of prudence that one looks for, but also some fundamental problems that I think you face with the question that comes when you look at the in-person visit versus the online visit. It’s clear, obviously, that the in-person one is going to be more expensive.
One of the things that I wondered if you’d comment on is—you divided it up into a 70-30 percentage, but of that percentage of people who require assistance, can you identify general categories that are more likely to need that kind of assistance, who aren’t going to use an online visit? Are they more likely to be birth certificates? Are they more likely to be truck—things like that.
Ms. Angela Coke: I’ll ask Bev Hawton and Helga to provide some more details on that.
Ms. Bev Hawton: Thank you. Good afternoon. My name is Bev Hawton. I’m the assistant deputy minister of business improvement, ServiceOntario.
Thank you for your question, honourable member. With respect to what drives a person to either go online or use the in-person services, ServiceOntario has done quite a bit of research on this. Let me just pull it out here.
From June until August 2013, we used Ipsos Reid, which is a leading Canadian market research vendor, to better understand customer behaviour with respect to our channels. Initially, we performed an online survey of about 600 Ontarians to explore barriers to online usage where Internet was not a factor.
The key findings were that consumers need to be convinced that online is more convenient than other channels, such as how much faster it is to access services online, as we do know that timeliness is one of the key drivers of satisfaction. Customers also need to be reassured that accessing services online is foolproof, so they feel confident that the task will be done correctly. As well, some people are just more comfortable. They like to or they need to deal with people face to face to get an answer to their question. Those are some of the key reasons why people may opt for an in-person service versus an online service.
With respect to the nature of the services or line of business, my colleague, Helga Iliadis, can comment on that.
Ms. Helga Iliadis: Sure. Good afternoon, all. I’m Helga Iliadis. I’m the assistant deputy minister responsible for customer care with ServiceOntario.
Certain interactions require a higher level of adjudication and/or authentication. For example, at this time, renewing a health card would require an in-person visit for sure in order to meet the very stringent eligibility requirements. That would be one example. Whereas, for example, if someone was going to apply for a fishing licence or a hunting licence, they’d be encouraged to do that online. There’s really no material reason why they would need to deal with us in person.
Sometimes certain customers as well will require some special consideration, which we’re happy to provide. That is why we exist. We really do understand that no matter how technology evolves, for us to really be the best service delivery organization we can be, we have to remain a multichannel organization. Wherever the customer wishes to do business with us, that’s where we need to be. But as Bev mentioned, we want to make the online experience as attractive and appealing and convenient as possible.
Mrs. Julia Munro: And would you anticipate that that 70-30 balance will shift as time passes?
Ms. Bev Hawton: Maybe I’ll take that one. Yes, we do anticipate that it will shift. As a matter of fact, over the past year, we have seen a shift, in total, of one percentage point, so we’ve moved from 30% to 30.9%. While one percentage point may seem insignificant, what it represents is a 7.7% annual growth rate, year over year. There are an additional 700,000 transactions that have been done online in the last year, compared to the previous year.
We also have a number of initiatives that are under way that will help to increase online transactions. I can talk about some of those, if you like.
Ms. Helga Iliadis: Maybe I’ll add a comment, if I may.
Ms. Bev Hawton: Yes.
Ms. Helga Iliadis: There is a very broad strategic plan that very much focuses on a digital-first strategy, and our colleague David Ward is the expert on that. We’re working with Cabinet Office and other ministries, looking at policy issues, looking at customer-centric service design principles. We’re researching with other jurisdictions as well, to ensure that we can optimize those digital services. We’re actually applying some of our learnings thus far to some of our classic online services to see if we can prove out our learning, to see that we can increase uptake because of the quality of the design.
Mrs. Julia Munro: I think it’s obviously very important that that happen, but I know, as an MPP, that there’s always going to be a group that is going to want to actually physically be there. It will be an ongoing challenge to find the ways by which you can direct them and make them feel more comfortable with the online.
How much of an impediment is the actual physical geography of where they can access online service or not? There are places in Ontario where people don’t have Internet and things like that. My question is, just simply, how many people, in a rough estimate, would be impacted by simply the technology not being available?
Ms. Angela Coke: I don’t know if we have an exact number, but we do take into consideration the fact that some areas won’t have the same level of quality of access.
Mrs. Julia Munro: But do you have a sense of how invasive that is, in terms of identifying places in the province where it wouldn’t be available?
Ms. Angela Coke: I don’t know if we have that exact information. We can certainly get back to you with that. But part of our commitment to stick with the multi-channel is because we know that there are some places. How much, what is the extent of it, I don’t know exactly.
Mrs. Julia Munro: I just wondered how much of the 70% was actually based on those practical problems.
Ms. Bev Hawton: Maybe I could just answer.
Ms. Angela Coke: Okay.
Ms. Bev Hawton: I have a little bit of information. What we do know is that 86% of Ontario has the highest speed of Internet, and 99% of Ontario is available for broadband coverage at the standard speed of five megabytes per second.
In northern Ontario, the population makes up for 6%. I don’t actually have the specific communities, but what we do know is that it’s difficult to entice Internet service providers to build the infrastructure in northern Ontario. So even though broadband may be available, it is often at a higher cost.
As the deputy said, we do not want to disadvantage any particular group or individuals who live in a certain region. We’re committed to ensuring a broad accessibility of all of our services.
Mrs. Julia Munro: Thank you.
The Vice-Chair (Ms. Lisa MacLeod): Any further questions? Mr. McDonell.
Mr. Jim McDonell: Yes. An issue that comes to mind for me is that we seem to have a lot of clients come into our office who have been to ServiceOntario and, for some reason, have not received the service they need—we’ve had discussions locally—to the point that they’re giving out cards and saying, “Well, go to the MPP’s office and fill it out.” We’re just wondering, where does that come into good service? I mean, people coming in. I understand that there used to be a PC that they could work on in ServiceOntario; that was removed. I’ve heard anecdotes from people who work there that if they are seen to give too much time to a customer they are talked to afterwards. They have to move them on and send them over to our office because they don’t have time. I haven’t really noticed large lineups, myself. I’m just wondering what the policy is on that.
Ms. Helga Iliadis: I will be happy to address that. Yes, we have had that conversation and we’re open to more conversation to strike the right balance. Generally speaking, we prefer, if at all possible, for customers to fill in their own forms for the sake of utmost accuracy and liability.
The other thing is, of course—as you know, and you commented on this—we need to be a little cognizant of how many other customers are waiting. I will say that this is not a production-type organization; it is a service organization. We would never want the speed at which we do something to compromise the quality. We would encourage our staff to utilize their judgment. If there is not a long waiting line and someone is requesting help, there’s no harm in giving them a hand, just with the caveat that, “Can you please make sure that this is completely accurate? Because normally you should be filling this out.”
We’re also very grateful that we do have a network of constituency offices that we can partner with for customers who need that help, but we don’t want to overuse that help. So if there are specific concerns with a given site, we’re always open to having further conversations so that we can strike the best partnership.
Mr. Jim McDonell: Yes. I won’t say it doesn’t seem to be something that’s more of a local issue because I don’t think I heard of that elsewhere.
Ms. Helga Iliadis: Okay.
Mr. Jim McDonell: The other thing: I know that there was a recommendation on your evaluation of customer service. It really takes away the usefulness of a survey if everybody knows when it’s being done. I think there was a recommendation and you kind of went partway there, but you’re holding it in the lobby outside. If you really want to get the facts, sometimes you have to do it so that people don’t know that today is the day that they have to step up their service. Any comments on the direction you might take on that one?
Ms. Angela Coke: We no longer let people know that the survey is coming. We let the managers know, at the beginning of the year, what the surveying program is, but we don’t give anybody advance warning that it’s happening. That change has been made.
We do use independent people to do those surveys, and to the extent possible, to do them as far away from the agents as possible, taking into consideration weather, location and so on.
I don’t know, Helga, if you want to add any more to that.
Ms. Helga Iliadis: I think Bev is the expert in that regard.
Based on the Auditor General’s recommendations, we did undertake a thorough review and research with the experts in surveying. As you know, I think our deputy mentioned the mystery shopper scenario might have been something that would have been considered. But with our type of services we’re not really able to emulate a real customer transaction without getting into utilizing real records and into privacy complications. That really doesn’t lend itself.
Bev, I know I’m not the expert, so I’ll turn it back over to you.
Ms. Bev Hawton: Thank you. I think the majority of the points that I would have made have been covered. However, I’ll just add one final thing, and that is that our overall customer satisfaction measurement program has been designed and implemented with assistance from nationally recognized market research vendors. This includes firms like Ipsos Reid and Harris/Decima, so we’re comfortable that our program conforms to industry best practices and that the results are statistically reliable.
Once we implemented some of the recommendations that were made by the Auditor General, we continued to see a high level of satisfaction in our in-person survey. Actually, last quarter we had implemented several of the recommendations. We continue to see 96% of customers who are satisfied or very satisfied with their in-person service experience. So we’re very proud of that result, and we’re confident that we have a best-practice survey methodology.
Mr. Jim McDonell: My comment only comes because of the observation by the AG that you’re doing it outside, within view. So your phase 2 is not really an improvement, if you’re trying to get the real impressions of somebody on a normal day not knowing something, because everybody knows.
You also say that your uptake is not very high on the online. I just wonder, how many people actually know? I see some things about your licensing; that’s one thing. I don’t remember seeing any advertisements. I’m just wondering, would that be an avenue? Because, obviously, it seems to be frozen at a low number. I see a lot of Ontario advertisements, but I’ve never really seen any that talked about the online services. In rural Ontario, I know many people would much prefer to save driving the 30 or 40 miles into Cornwall, if they could do it online.
Ms. Angela Coke: Actually, when we did some of the research, one of the findings that we did hear from people is that they’re not aware—clearly, a gap in terms of communication and promotion.
We have employed some tactics that have proven to sort of nudge people, and people, if they’re aware of the service, are willing to try it. But that is a gap that we’ve had, and we have been doing some promotional activities.
Bev, if you’ve got anything to add?
Ms. Bev Hawton: Yes, I can add a little bit more. We did do a study specifically around how many people were aware of our online services. This particular study did find that only 50% to 55% of users were aware that the vehicle licence sticker renewal could be done online. That represents quite a large opportunity for us. As a result, in February 2015, we updated the messaging on the licence plate sticker renewal notices, and we encouraged people to do it online.
The issue is that the current notices look a little bit like, “Here’s a form. Fill it out, and bring it back in.” We changed the messaging and said, “Do it online.” In trial, that resulted in a 4.3% increase in online renewals.
Since that time, we have rolled it out in production or in market, and online sticker renewals are now at 13.8% online, compared to 12.4% at the end of 2013. So we can’t be sure that it’s all related to that messaging, but we’re really pleased with the results. That’s an 11% growth rate.
So while we don’t do big TV advertising campaigns, we’re using a variety of methods to inform the public about our online services. We advertise them on social media, for example.
The Vice-Chair (Ms. Lisa MacLeod): You have about a minute left.
Mr. Jim McDonell: Okay. You are saying there’s a large percentage of the population, the youth, that really use the Internet a lot. Maybe just quickly, one question I have about it is this: On your health cards, what’s the policy as far as health cards with pictures or not with pictures, just to clarify? I think it’s under a certain age and over a certain age that you don’t have a picture on the health card. It just came up this morning. What’s the clarification on that?
Ms. Helga Iliadis: I didn’t hear that correctly.
Ms. Bev Hawton: I believe the question is, what is our policy around when you need a photo on the new photo health cards—the age.
Mr. Jim McDonell: Yes.
Ms. Bev Hawton: My understanding is—and I’d have to confirm this—I believe it is when an individual turns either 16 or 17 that they actually have to have their photo taken. We can get back to you on that.
Mr. Jim McDonell: Sure. Okay.
The Vice-Chair (Ms. Lisa MacLeod): You have 30 seconds.
Mr. Jim McDonell: Oh. It’s not a recognized ID card as well, by legislation. I know the banks can’t use it. Is there any reason why? I mean, it’s a good ID. I go back to my son in university. He had to carry his passport around, because his driver’s licence wasn’t enough—they wanted two pieces—and the health card doesn’t count.
The Vice-Chair (Ms. Lisa MacLeod): You have eight seconds.
Ms. Bev Hawton: Ontario now has the Ontario photo card—
Mr. Jim McDonell: That’s with the photo card—
The Vice-Chair (Ms. Lisa MacLeod): Okay, thank you.
Mr. Jim McDonell: I’ll ask it later.
The Vice-Chair (Ms. Lisa MacLeod): We’re going to now move on to the third party: Mr. Singh.
Mr. Jagmeet Singh: I can finish off your question. What was it?
Mr. Jim McDonell: I’ll get it in the next round.
Mr. Jagmeet Singh: Okay. Oh, you get another round. Yes, that’s right.
Hi, there. Good morning, or good afternoon. I’m still stuck in the morning. Hope you’re doing well.
I have a number of questions around protocols and systems that are in place around the privacy and security of information. I’ll break it down, beginning with the online—I think it’s a great tool. I think it’s useful and convenient, if it’s promoted that way, as you’ve indicated. If it truly is more convenient, people will use it.
I’m just curious about what type of protocols are in place to ensure security of the data that’s transmitted online and that’s accessed when—
Mr. Jagmeet Singh: I see someone coming to the front: data expert.
Mr. David Ward: I listened carefully to your question, though.
Mr. Jagmeet Singh: That’s it. I’m wondering what protocols are in place; what’s the system in place; how secure are the transactions; what type of encryption is being used, if there’s encryption being used. Give me some of that juicy stuff.
Mr. David Ward: I don’t know how juicy it is, Mr. Singh, but let me try to address your question, and thank you for it.
We have data-sharing agreements in place that follow a series of rules and protocols with Ontario ministry partners—the Ministry of Transportation, the Ministry of Health, anybody that we are exchanging vital events statistics with: death, change of name, birth, that type of thing—
The Acting Chair (Mrs. Julia Munro): Excuse me. I don’t want to interrupt you, but I must. I need you to introduce yourself for Hansard.
Mr. David Ward: Absolutely, Madam Chair. My name is David Ward. I’m the ADM for business development at ServiceOntario.
The Acting Chair (Mrs. Julia Munro): Thank you very much.
Mr. David Ward: You’re quite welcome.
The Acting Chair (Mrs. Julia Munro): Please continue.
Mr. David Ward: Thank you.
As I was saying, we have data-sharing agreements with our ministry partners. Information is encrypted, and it’s shared electronically with our partners, particularly in the province.
You might imagine that we also have data-sharing agreements with our colleagues in the federal government. We use a system called the National Registration Database system, which is a secure system. The data is encrypted and it is sent to the National Registration Database system. Federal departments, such as citizenship and immigration and other departments—Service Canada—can access that information.
Again, it’s all secure, it’s all encrypted, and we have data-sharing partnership agreements in place. As to what that information gets used for, we share a common objective of program integrity, as well as, from our perspective, protecting citizens’ privacy.
Hopefully, that gives you a little bit.
Mr. Jagmeet Singh: Yes, a little bit. In terms of the data-sharing agreements, are those agreements available, and would you be able to make those available to us—what the agreements are or what the policy is?
Mr. David Ward: Yes. Typically, they’re not; they’re between partners. But, of course, we live in a world where information is shared—Open Government and all the rest of it. We could make that sample data-sharing agreement available through—
Mr. Jagmeet Singh: Through the Chair.
Mr. David Ward: You bet.
Mr. Jagmeet Singh: That would be lovely. I’d love to see that.
What type of encryption is used?
Mr. David Ward: I don’t have that information. I’m not an IT expert.
Mr. Jagmeet Singh: Sure. That’s okay. I’m just curious about these things. I think it’s important.
One of the things that we find, when it comes to high-level encryption, is that it needs to be peer-reviewed. Do you know if there’s open peer review of the level of encryption, that it’s independently assessed by an outside company that assesses its level of security?
Mr. David Ward: I do not, but I can certainly get that information for you.
Mr. Jagmeet Singh: Okay.
The encryption itself: Is it a public code? When it’s public, then you can assess the strength of the security.
The Electronic Frontier Foundation has set out some guidelines around what makes something good encryption. It needs to be publicly accessible so that people can analyze whether or not it’s truly secure. Do you have that information?
Mr. David Ward: Not on hand, but once again, it sounds like I’ve got a series of questions that I’m very happy to get back to you on.
Mr. Jagmeet Singh: Perfect. That’s good.
That’s online. With respect to the telephone: I’m not absolutely clear on this, and you might have said this, and I apologize for missing it. Telephone access: Is that something that’s public, or is that privately run?
Ms. Helga Iliadis: Our telephone channel is what you’re asking about?
Mr. Jagmeet Singh: Yes.
Ms. Helga Iliadis: Okay. I’d be happy to take that question, if I may. I’m responsible for the telephone channel.
Mr. Jagmeet Singh: Perfect.
Ms. Helga Iliadis: It is a key element of our multi-channel strategy. Its purpose: It is there for customers to be able to get answers to their general inquiries, to be redirected, to find out what they need before they make a visit somewhere or whether a service is online. It also, more and more, as the future unfolds, will be key to our digital-assist strategy to, again, help make that digital option as appealing and user-friendly as it possibly can be.
We have not yet rolled it out, but one of the features with the newer technology that we have in place now is Web chat. That will be something that we’ll be exploring in the near future.
Mr. Jagmeet Singh: That’s excellent. So the telephone channel doesn’t currently exist, or it does currently exist?
Ms. Helga Iliadis: Oh yes, it does. We actually handle about 4.2 million calls a year.
Mr. Jagmeet Singh: My question, then: When you said it’s not rolled out yet, you were referring to the Web chat?
Ms. Helga Iliadis: Yes.
Mr. Jagmeet Singh: Who does the telephone? Who is providing that service? Is that publicly delivered?
Ms. Helga Iliadis: Oh, you’re asking whether the employees are public?
Mr. Jagmeet Singh: Yes.
Ms. Helga Iliadis: Yes, it’s public employees at this time.
Mr. Jagmeet Singh: So it’s through the government of Ontario?
Ms. Helga Iliadis: That’s correct.
Mr. Jagmeet Singh: It’s Ontario-funded.
Ms. Helga Iliadis: Yes.
Mr. Jagmeet Singh: What are the protocols with respect to personal information that’s provided when they’re speaking on the phone? Are there protocols in place?
Ms. Helga Iliadis: Yes. Again, I don’t have the exact specifics with me, but there is a definite protocol for every call type that would, in the very early stages, after greeting and determining the customer’s request, identify the degree to which we need to authenticate the customer in order to provide the information that they’re asking for.
Usually we’re dealing with more general inquiries, so privacy would not be as much of an issue, but where they are getting into a very specific scenario, yes, indeed, there are protocols in place that would have the rep ask for information to ensure that they’re speaking to the correct party.
Mr. Jagmeet Singh: Okay. In terms of the rep, does the representative have access to personal information as well—on their computer terminal, I’m assuming?
Ms. Helga Iliadis: Yes, they do, in some cases. Again, it depends. We have varying levels of customer service representatives. Our CSR 1s, for example, would just handle straightforward, simple inquiries with little interaction with databases, but our CSR 2s would handle more complex interactions with some adjudication, potentially, involved, and troubleshooting. So yes, they would have access to private information.
Mr. Jagmeet Singh: I feel very comfortable about public employees having access because they’re governed by and accountable to the government. I think that’s absolutely something that I am comfortable with. I’m just wondering: Are there certain guidelines about what they can do with the information and how they can access it? And if they do access information, is it logged that information was searched? Are there different protocols or systems in place for that?
Ms. Helga Iliadis: That’s an excellent question. We have very stringent guidelines for our employees on how to uphold privacy.
Mr. Jagmeet Singh: I’m not surprised, because public service employees do great work.
Ms. Helga Iliadis: Thank you for that. Clearly, privacy is one of the most sensitive issues that customers entrust us with, so we take that very seriously. When employees first join the government, they sign an oath which is very specific about the kinds of things they need to be aware of and uphold as representatives of the government. More recently, we have also engaged in a service-delivery-specific training that we have launched and we will now be doing every year to keep it very fresh and top of mind for our staff.
For the very rare circumstances, if something goes wrong, we do deal with it very severely.
Mr. Jagmeet Singh: Okay. In terms of when the information is accessed, is that logged? Are you able to determine if private information is accessed?
Ms. Helga Iliadis: In most systems, yes, it would be logged.
Mr. Jagmeet Singh: Is there a reason that needs to be provided when information is accessed?
Ms. Helga Iliadis: Yes. The intent is that, generally, staff would only access information in the course of their duties, to help a customer. If it is not relevant to a customer request, they should not be touching it.
Mr. Jagmeet Singh: I’m actually building this up to contrast the, I think, very robust policies that seem to be in place, and I’m curious if the same policies are in place on the private side as well. That’s what I’m going to be moving towards—
Ms. Helga Iliadis: For example, in our in-person network on the private side?
Mr. Jagmeet Singh: —in case you want to know where I’m going. It’s not like a cross-examination; it’s open.
What I’d like to ask first, though—so that’s telephone. If we can move to, then, the in-person on the public side, there’s more access now, because now you’re actually dealing with a person. You can authenticate them. Like you were saying before, there’s a certain higher level of identification that’s required because with things like the health card, you need to authenticate it more. In those cases, are there similar protocols with respect to when information can be accessed and how it can be accessed?
Ms. Helga Iliadis: Absolutely. Again, similar to our staff, when they first join, they’re screened, and so are all of the employees who will be accessing our systems. They go through a security screening, a background check, all of that. Once again, our private partners, who are small to medium-sized business owners across Ontario, operate to the exact same standards that we do, the very same expectations. They’re all very clearly outlined in the contract. We utilize the same reference material, and we utilize the same training content, so that is pretty much identical.
Once again, I would say, based on experience, we do not find a difference in the quality of service being provided, or the quality of the customer experience, between our private part of the network and our publicly operated part of the network.
Mr. Jagmeet Singh: Okay. I would raise some questions about the quality, so I’m glad you addressed that. But I’m more concerned with the policies with respect to the protection of the privacy of the consumer, or the client. In the public case, the public employee is accountable to the government. In the private case, what levels of accountability are there, and in terms of if information is logged?
I’ll give you a scenario. I would assume—I don’t know if this is how it works—that an employee would log in with their employee ID, and once they’re logged in, during work hours, they would be able to access information. Are you able to determine if someone is logging in after work hours, or if private information is being accessed at a time that may not make sense? How is that logged or tracked? Yes, I’ll start with that—if it’s logged and tracked in the first place.
Ms. Helga Iliadis: Whenever someone accesses individual data records in the system, it would generally be logged. If there is any question or concern, especially if it’s privacy-related, we would consult with our head of privacy for ServiceOntario, a very expert resource. As required, we would also engage our quality assurance experts, who would help us investigate it in the system, to see if there are any improprieties involved, and we can also engage our IT colleagues for forensic investigations as required.
These types of scenarios are extremely rare. I am confident that even on the private side, our owners of the individual offices would understand that they must uphold the highest standard, or they would put their business with us at risk. These kinds of breaches—if an individual were to engage in inappropriate behaviour like this within our private network—would generally result in them being banned from the system for life, which essentially makes them no longer employable by us.
Mr. Jagmeet Singh: Some of the things you indicated—the forensic analysis—are all after the fact? What goes on, on a regular basis, to ascertain whether or not anything is going on in the first place?
Ms. Helga Iliadis: We have a very robust, ongoing quality assurance process. It was something I know that the Auditor General and their team quite rightly commented on in their 2013 audit. Even at that time, it was already on our radar screen as needing a fundamental rethink and redesign, and there has been a great deal of work done on that since that time.
Our updated quality assurance program that we launched in July looks at all aspects of the service. It looks at program integrity, so, transactionally, the degree of compliance with process and policy. It looks at privacy compliance. It looks at census financial review. It looks at how we manage controlled stock. There are also on-site reviews, looking at things like technology, security and the customer experience.
We have a dedicated team of people. Their entire mission in life is constantly auditing transactions, looking at them for the paperwork that is saved, and comparing that to whether it has been accurately captured in the database and we have met all the requirements of the program. Privacy is a top, high-risk item that they evaluate on.
Mr. Jagmeet Singh: Okay. By providing this type of service, I think we have a lot of experience around what entails the proper guidelines around quality. In terms of how quickly the service is delivered, and the customer satisfaction, I think most people have a grasp around that.
My concern is, moving forward in a more digital era, that we don’t have as much—and I’m not criticizing you specifically or your organization. Just broadly speaking, I don’t think we have really wrapped our heads around what digital privacy really means and how important it is in this new world that we’re in. That’s why I’m asking a lot of questions around digital privacy.
Ms. Helga Iliadis: Understood.
Mr. Jagmeet Singh: To me, it’s a very important issue. I don’t think we have developed a very robust system around it. In terms of the privacy compliance component of quality assurance, is there a specific policy? What are the checkpoints that need to be established to say that, “Okay, you are following the appropriate guidelines around privacy”? If that specific policy could be made available, I’d love to evaluate it and analyze it.
Ms. Helga Iliadis: We can follow up on that and provide more detail on that for you, sure.
Mr. Jagmeet Singh: Sure.
Let me just do a quick check on my time. How am I doing?
The Acting Chair (Mrs. Julia Munro): You’re fine.
Mr. Jagmeet Singh: How much time?
The Acting Chair (Mrs. Julia Munro): You have about four and a half minutes.
Mr. Jagmeet Singh: Four and a half minutes. Okay. Thank you.
I understand the information that one logs into from a computer terminal at an in-person location is data that is centrally located. The information that’s obtained, is it—
Ms. Helga Iliadis: Oh, yes, it is. Yes, it is.
Mr. Jagmeet Singh: And it’s stored on, could I say, a cloud server? Like, it’s stored online; it’s not in a—
Ms. Helga Iliadis: We wish. Some of the systems we work on are very much legacy, so we’re not talking cloud server. But yes, for sure, we do have centralized access and there are, again, dedicated expert teams. We will often partner with our ministry partners, and they are the ones who would access that information.
Mr. Jagmeet Singh: Okay. Then the IT requirements to set up a ServiceOntario location and a certain level of Internet access—it accesses directly to a server or does it access online storage?
Ms. Helga Iliadis: When we establish a service provider office, we actually provide them with a specially designed computer terminal set-up. It allows them the necessary access to each of the systems that will allow them to process the transactions that they’ll be facing. It does not allow them complete access to internal government Internet services at this time.
Mr. Jagmeet Singh: That’s good. Just so I understand it correctly and if it’s something—I did a little bit of computer science in undergrad so I have a little—
Ms. Helga Iliadis: I wish our IT prime was here. He could answer these much better.
Mr. Jagmeet Singh: I’m sure your IT guy would talk circles around me, because I’m not that knowledgeable; I just know a little bit. It’s always a dangerous thing when you know just a little bit, right? So I accept my own ignorance.
But with respect to the way it’s set up, I’m just wondering—because I know that some of these questions are important to evaluate the level of security—is the data then downloaded into the particular office and they have a certain amount of data, or is it data that’s stored somewhere else? I notice some head nodding—maybe you know the answer.
Ms. Helga Iliadis: Do you want to comment on that?
Ms. Bev Hawton: Well, maybe I can say a little bit.
Mr. Jagmeet Singh: Yes, yes.
Ms. Bev Hawton: The data, as I understand, is stored on servers at our very secure Guelph data centre. That is actually where the data repositories are. So it is not downloaded, it’s not on local machines, either in ServiceOntario publicly operated offices or privately operated offices.
Mr. Jagmeet Singh: Okay. I missed the data centre. You said?
Ms. Bev Hawton: Guelph.
Mr. Jagmeet Singh: Oh, it’s a Guelph data centre. I see. I heard “Welf,” and was like, “Is that the name?” Okay. Excellent.
That helps. Thank you so much for those questions. Maybe in the second round, I’ll come back to some more, if I can think of some more in that area.
There’s one question that came up—I don’t know if my colleague asked it or not. It was something that came up through the researcher and through the presentation by the Auditor General. I’ll just read it out. It says that despite the finding by both the auditor and ServiceOntario that some fees charged are significantly greater than costs incurred, no steps have been taken to change this. Is that something that you’ve been able to address or are there some comments around that?
Ms. Angela Coke: Sorry. This is around the fees?
The Acting Chair (Mrs. Julia Munro): Maybe we can have the question answered in the next round.
Mr. Jagmeet Singh: Sure. My time is up—
The Acting Chair (Mrs. Julia Munro): We’ve run out of time.
Mr. Jagmeet Singh: —so we’ll go around then. Thank you.
The Acting Chair (Mrs. Julia Munro): Yes, Mr. Milczyn, please?
Mr. Jagmeet Singh: Sorry, Madam Chair. My apologies for interrupting you.
The Acting Chair (Mrs. Julia Munro): No, no. I caught you right at the time you finished the question.
Mr. Jagmeet Singh: Oh, you did.
The Acting Chair (Mrs. Julia Munro): They can think about the answer. We’ll move on. Everything’s fine.
Mr. Jagmeet Singh: Perfect. I just wanted to ask, briefly, what’s the next round? How many minutes do we have?
The Acting Chair (Mrs. Julia Munro): I haven’t done the math. Between 18 and 20.
Mr. Jagmeet Singh: Thank you.
Mr. Peter Z. Milczyn: Thanks for your presentation today. I wanted to ask you about some of your risk mitigation strategies, because that was one of the issues that the Auditor General highlighted. But I want to take it a little bit further than what is specifically in here and relate it a little bit to access to the services.
A number of years ago, you had what I thought was a very useful service, the stand-alone kiosks, which my family used. You withdrew those because of certain security considerations. I saw those kiosks as the midpoint between in-person and online because it’s a stripped-down technology. It walks you through what you need to do, and it was located in places where maybe somebody who doesn’t have access to their own computer or to high-speed Internet or to broadband might be able to conveniently access it and do a self-service function.
I was just wondering if you could explain to us why that’s no longer an option and how that ties into your risk mitigation strategies to ensure that only the people who should be securing a service are getting it, and the issues that my friend across was raising about protection of data and so on—how all of those interrelate.
Ms. Bev Hawton: Thank you for your question. Indeed, ServiceOntario did shut down the network of kiosks. I believe that was in 2012.
I’d like to point out that all of the services that were available at the kiosks are available online 24/7, and our online channel is absolutely secure.
It was after a thorough investigation into ServiceOntario’s kiosk system that it was decided to close the system permanently. We undertook months of careful analysis, consultation with experts and testing of multiple options and solutions, and we did determine that even if we spend millions on security improvements, the kiosks may still be vulnerable to high-tech crime.
The government at the time wanted to ensure that the kiosks were 100% secure if they were going to be brought back into service. Again, I will say all of the products and services that were available on the kiosk network are available online, and we would encourage people to use the online option.
Mr. Peter Z. Milczyn: That was a risk specifically to the hardware that you had.
Ms. Bev Hawton: The hardware, yes.
Mr. Peter Z. Milczyn: It wasn’t a risk to the online services or to the back-office functions. It was just that particular piece of hardware.
Ms. Bev Hawton: That’s correct, yes. My limited understanding is that there was some kind of device that could be put on the front of the kiosk that was used to skim an individual’s personal or financial information.
Mr. Peter Z. Milczyn: Into the heart of the risk mitigation strategies which the Auditor General highlighted: We know that there’s all manner of identity theft going on, so there’s this issue of guarantors for certain types of applications. Could you explain a little bit to us about how you validate or audit those types of applications, and what you do to ensure the integrity of those applications?
Ms. Angela Coke: I’ll ask Robert Mathew to answer that question. He has done quite a bit of work and research on this and can provide some more details.
Mr. Robert Mathew: My name is Robert Mathew. I’m the assistant deputy minister for the central services division at ServiceOntario.
I will start by saying that Ontario has one of North America’s strongest birth certificate systems. We have that to ensure that every certificate we issue is secure and reliable.
As you know, birth certificates are the government of Ontario’s only foundation identity document for people born in Ontario, and it is required to access many other programs and services. Many other levels of government and the private sector rely on the integrity of Ontario’s vital event data and certificates.
The integrity of the vital event products and services processes in delivering this is absolutely critical to ServiceOntario. So ServiceOntario will continue its existing detailed authentication process to verify the eligibility of applicants to obtain birth certificates. We’re going to do that by comparing the information provided by the applicant with the birth registration information on record.
ServiceOntario has stringent checks and balances in place to prevent fraudulent applications, and, when necessary, we will contact applicants for clarification, and the guarantors who are verifying that information.
Just to give you a little bit of information about the background on the guarantor audit: Post-9/11, the Office of the Registrar General introduced the new security measures to its paper application process at that time and required that all applicants provide a qualified guarantor.
Further to the Auditor General’s report in 2014, ServiceOntario completed an analysis of the effectiveness of the guarantor audit. We determined at that time that the random audit of guarantors did not add any value to the existing application screening process as the guarantor process is not designed to verify the eligibility of applicants or the information provided by the applicant.
The guarantor audit process involved contacting the guarantor to verify that he or she is a practising member of a profession or an occupation with a professional body. It did not verify the information, nor did it assist in completing any missing information in the application process. However, we do have a separate adjudication process in place that we follow if there are incomplete applications or we feel that the applications did not meet the stringent criteria to confirm the eligibility of the applicant. The guarantor audit process has never identified any fraudulent applications because we were just calling the guarantor and finding out whether he or she belonged to a professional organization.
The point I want to mention is, Ontario is the only Canadian jurisdiction that requires guarantors for birth certificate applications. ServiceOntario will retain the requirement that applicants provide guarantor information. As I stated, this information can be used to verify whether or not the statements provided in an application are accurate.
We do contact guarantors in some cases to confirm the intent of applicant situations when an applicant does not have all of the required information to request a certificate. Let me give you an example. A foster child may not have all of the information required to request a certificate. He or she may not have that information available because they don’t know every piece of information related to their parent or they don’t know what was included in the birth registration information. At that time, what we will do is, we will contact the guarantor just to make sure that the intent is not fraudulent. Based on that conversation, we issue the birth certificate.
Due to all of these reasons, ServiceOntario will continue to collect guarantor information. However, we have decided to cease the practice of auditing guarantors.
Mr. Peter Z. Milczyn: I think Mr. Fraser wants to speak to—or Mr. Dong.
The Acting Chair (Mrs. Julia Munro): Yes, Mr. Dong.
Mr. Han Dong: Thank you, Chair. First of all, thank you for the presentation. I have to say that I applaud you for recognizing the diverse nature of our province, and I encourage you to continue finding those innovative ways to service the multilingual community in our province. As the member for Trinity–Spadina, it’s very good for me.
Speaking of which, in my community I often find that there are vehicles parked with accessibility permits on them, and it is a concern I’ve heard a few times. I recognize that in the auditor’s report, one of the recommendations was to improve the process for issuing accessibility parking permits and introduce changes that would make it easier to identify abusers.
I just wonder if you can tell us more about the permit security features and if you’re concerned that the new policy for accessible parking permits may create a barrier for people who have a disability.
Ms. Angela Coke: I would just start off by saying that we do have a new policy, as we mentioned. We do have new secure features on the permit card and new processes that really improve and ensure that we are approaching this in the best possible way. We did also get feedback from organizations—stakeholders that represent people with disabilities—and they believe that the changes that we’ve made are very fair and balanced and will in fact help make sure that the right people who require this service get it.
I’ll turn it over to Helga to provide a little bit more detail on that.
Ms. Helga Iliadis: I’d be happy to comment on it as well. It was really important to us, in the updating of the APP policy, that we strike that right balance that you commented on, to ensure that the service was only being provided to those who really needed it but also to preserve that convenient access for vulnerable customers for whom this is really, really important.
As our deputy mentioned, lots of consultation and research went into this, and work with stakeholder groups as well. I will say, also, in consultation with our minister’s office, that we thought about: Should we inject a reasonable degree of flexibility into our policy? One area, for example, where the policy was being tightened up is, sometimes third parties come in on behalf of an applicant to request an accessible parking permit. This policy tightening-up was going to require that not only did we need to be able to verify the identity of the applicant for the APP but also we wanted to have a letter of authorization for the third party. We realized that that was going to raise a difficulty, a hurdle, to be able to do that. We agreed that since this is a transition, if a third party came in, as long as we had identity verification for the applicant, then we would go ahead. Our staff would give the third party a temporary accessible parking permit, even if they had not brought a letter of authorization. That would then give them time to return for a more permanent capability when they could meet the full eligibility requirements, so that at a later time they would return with a letter of authorization and all conditions would be met.
The last thing I would comment on as well is that no matter how thoughtful you are about a policy—and we did check back with our stakeholders and they agreed with us that it was a really good balance—the chance that you can anticipate every possible permutation that would happen in real life is not really realistic. So we also did establish a bit of an escalation process for our staff so that if they encounter one of those unique situations where the policy requirement really isn’t being met and yet common sense would dictate that this individual really needs an accessible parking permit, then we have created an escalation process so they can consult with experts and get further adjudication on that situation.
Mr. Han Dong: Good.
Do you have something to add?
Mr. Robert Mathew: Can I just add a few points?
Mr. Han Dong: Sure.
Mr. Robert Mathew: As the deputy and Helga mentioned, ServiceOntario considers the abuse of accessible parking permits totally unacceptable. That was one of the reasons that we decided to bring in these new policies, based on recommendations from the Auditor General.
The deputy already talked about the consultations, where ServiceOntario consulted with various partners and stakeholders before we introduced the new policy. We especially did a lot of consultations with municipal law enforcement to come up with strategies to streamline the seizure policies on this issue. We know that there is misuse, and the municipal law enforcement agencies are responsible for monitoring that. Once the permit is seized, we wanted to make sure that we have a fairly easy process to deal with that. So we had a lot of consultations done.
I just wanted to take a minute to give you some of the new security features in the new accessible permit.
The new enhanced permit is more secure and tamper-resistant. The new permits have many security features, including a serial number. The implementation of this serial number allows ServiceOntario to maintain a controlled stock of the permits. In the past, it was not a controlled stock, which increased the opportunities for fraud. With the introduction of the serial numbers, we definitely will be able to reduce that.
We have an embossment and micro-text printing of the permit. With that, it is difficult and harder to photocopy the permit. In the past, we know that people have photocopied temporary permit applications and gone into the offices to get temporary permits.
We also used this opportunity to further make changes and add accessibility enhancements to the permit. We made the letters larger, and raised the wheelchair symbol so that visually impaired clients will be able to manipulate and place their own permits in the car without any assistance.
The other key piece, and Helga mentioned this, is that the policies align with other product lines that ServiceOntario issues. The document requirements in the new policy that Helga talked about are identical to the Ontario photo card, health card and driver’s licence, so you can use any one of those documents for getting an accessible permit.
This will also definitely help to reduce fraud, because in the past—you may know this—a person could get a doctor’s note saying that he or she had a medical condition, and come in and request that a temporary permit be issued in their nickname. In the new policy, you will not be able to get that. The permit will be issued in your official name as shown on the identification document. Again, this helps to reduce fraud.
Mr. Han Dong: That’s very good. I’m afraid I have to change the channel a little bit and maybe turn to another question. I know the auditor’s report commented on customer satisfaction at in-person centres. You’ve been in consultation with Ipsos Reid. Can you tell us how ServiceOntario collects its information, and any steps being taken to improve ways of collecting this information? I’m speaking to the methodology of the survey.
Ms. Bev Hawton: Indeed, the Auditor General did comment on customer satisfaction measurement. That is something that we take very seriously, as a service organization. We do measure customer satisfaction across all of our delivery channels.
As I mentioned previously, the entire program has been designed and implemented with assistance from nationally recognized market research vendors. Some of the industry best practices that we use include performing an exit survey, to ensure the experience is fresh in our customer’s mind, and conducting random sampling, to prevent survey biases.
We do use a third-party research provider to ensure transparency and credibility in the research process. We conduct interviews outside our in-person centres now—weather permitting, of course—and as far away from the agents as possible.
The other point I’d like to make is that conducting the customer satisfaction surveys is just one of the many means we have for customers to provide feedback. Customers are encouraged to email feedback to our customer experience office. That’s available 24/7. Each email we receive is immediately acknowledged and, where appropriate, assigned to a program area to review and prepare a response. Based on all of the feedback we receive, management takes different actions: whether we need to make a correction to a process, or we need to undertake a specific review.
In addition to that, we—
The Vice-Chair (Ms. Lisa MacLeod): Can you hold that thought?
Ms. Bev Hawton: Yes.
The Vice-Chair (Ms. Lisa MacLeod): Now to the official opposition. I just want to say that we have about 17 minutes per caucus for the second round, okay? So we’ll start with Ms. Munro.
Mrs. Julia Munro: I have two points that I want to raise with you where I hope you’ll be able to join the dots and provide an answer.
The first part of my question is that you made reference in your opening statements about maintaining the opportunity to have lessons from other jurisdictions; my question then leads from that in terms of the issues around data sharing. It seems to me that if I come away from this meeting, that will be one of the issues that I see as a continuing challenge. So that question is, what have you seen from other jurisdictions on the specific issue of data sharing?
Ms. Angela Coke: I’ll ask my colleague David Ward to speak to that.
Mr. David Ward: First of all, thank you, honourable member, for the question.
Data sharing is incredibly important. I talked earlier about some of the sharing agreements that we had in place with various levels of government as well as with Ontario ministries. First and foremost, we put an incredible amount of interest and expertise into our data-sharing agreements.
Your question was about jurisdictional best practices and lessons learned. What we’re finding, and it actually stitches together with a number of the themes that have been raised here today, is that whether it be kiosks or authentication of customers or driving more online services, governments around the world that are really good at offering digital services, protecting people’s privacy and maintaining secure transactions, particularly online—what we’ve found is a key enabler to enabling governments to transform is the introduction of a higher order digital authentication scheme.
What they do is they offer an opportunity, either by using a smart card or using their mobile device or simply logging on to a computer, of proving out through a consistent means that you are the person you say you are. Then you create a binded trust between the customer and, in our case, the government so that we’re able to offer a higher order of transactions online.
Often, cases of these digital authentication methods result in a more secure, privacy-friendly means of dealing with the customer online and it opens up a range of new services that can be provided. We would have heard last week in the Ontario budget about the government’s commitment to introducing an online health card. Today we already offer an online driver’s licence, but you can’t do your health card online, and so you have to go trucking off to a government ServiceOntario office.
But in order to achieve an online health card, you must be able to authenticate that person; I think my colleague talked about a higher order of authentication for health services. Today, that happens in person. We have a number of good policies in place. One must show the fact that they live in Ontario and that they’re operating in Ontario so that you don’t have people coming from another jurisdiction and using our health care services.
But there are ways and means of doing that higher order of authentication online where you actually increase a privacy-friendly service. You might build a service where you create some rules and you find out from a bank or a telco whether they’ve been operating in Ontario. So instead of having the front counter clerk rifle through your Visa statement, it’s simply a question—it’s a ping against a bank or a telco to say that you’ve been operating in that jurisdiction. That actually enhances the privacy experience of customers.
The reason why I bring this example up is because what we’ve found in our jurisdictional research is that the likes of the United Kingdom, the likes of Australia, some of our colleagues across Canada, are all moving in this direction. So we’re watching really carefully. We’re doing some of our own research. We’re currently doing an assessment—and I have to thank the auditor for bringing up the recommendation of an integrated smart card because it was the impetus for us to dig into that issue and find out that it actually isn’t just integrating cards that is going to save you the money; it is creating an identity authentication scheme that might include a card, or it might include other means that would allow us to do the things that we talked about—security, privacy—and offer an increased suite of online services. Leading jurisdictions are doing it, we’re looking carefully at it, and that’s the direction we’re headed in.
Mrs. Julia Munro: Well, you’ve provided the segue to the second part, which was the recommendation that asked you to examine the benefits and the cost of a smart card. Have you set any kind of timeline or marching orders?
Mr. David Ward: I’m happy to take the second part of that question. As I said, we were really happy that this recommendation came forward because it allowed us to better understand what leading global organizations are doing. I talked about the fact that the analysis determined that simply putting cards together wasn’t the answer, but there were other things we took from that research.
To prove out that concept that I just got through talking about, we’ve actually engaged in quite an in-depth analysis and assessment on a cost-benefit business case that takes a look at single digital identity, as I said, as well as a possible card strategy—whether or not a card is involved. Some jurisdictions use a card; some jurisdictions like the UK don’t use a card. But it is part of the identity ecosystem, if you will. So we’re taking a very close look, as was mentioned, at costs, benefits and governmental applications. I think what we’ve learned from other jurisdictions is really important.
Our colleagues in British Columbia have introduced a services card, where they’ve taken a driver’s licence and a health card and put it together. They were the first out of the gate in Canada to do that. We’ve watched them very carefully, and we’ve taken some lessons from them around the importance of public engagement, around the importance of making sure that you have a suite of government applications. Don’t think about that after you roll your card out; think about the incremental programs that a citizen of Ontario could access with the card or the digital identity and have those lined up. Make them practical, make them user-friendly, so that once you do roll out your digital identity scheme, customers actually find value in it. That’s something we learned at the outset from our friends in British Columbia, where they raced to put a smart card on the street and then had to line up their partners and their programs after the fact in order to make it a useful product for citizens.
So while we might not be leading in this area, I think there’s an awful lot of benefit to taking a look at what our colleagues are doing and learning from them. At the end of the day, the lessons learned will actually help us come up with a more reasonable time frame so that we can get this important product on the street, should the government consider this and approve this direction.
Mrs. Julia Munro: Now I know that the commercial about “all I need is my eye” is probably not that far away.
The Vice-Chair (Ms. Lisa MacLeod): Any further questions? Mr. McDonnell?
Mr. Jim McDonell: In talking about the logic of the smart card, we see issues around people trying to access—well, it could be any type of revenue they’ve received from the government—the issue around cheques being issued and trying to get them cashed. Is there any movement on the automatic deposit as far as payments from the government over to consumers’ bank accounts? It gets rid of this idea that there are banks that require 10 days for a government cheque to clear, which leads them to do other things that are not always that great. Is there any action on that, or is it outside of the scope of this?
Mr. David Ward: I’m not connecting with the question that you’re asking. Maybe you can try again.
Mr. Jim McDonell: I’m just wondering, is the government moving to an automatic deposit system for some of their payments—
Ms. Angela Coke: EFT?
Mr. Jim McDonell: —at ServiceOntario, some of their incomes or different monthly transfers that go out to different clients—
Ms. Angela Coke: Electronic funds transfer, you mean? EFT?
Mr. Jim McDonell: Yes.
Ms. Angela Coke: I know that we are trying to increase the EFT, rather than using cheques. That is handled by a different part of our organization, the enterprise financial services and systems area. This is something that they are promoting: much greater use of EFT. It is quicker, it is more convenient, and it is cheaper. That is something that they are pushing, most definitely.
Mr. Jim McDonell: I would imagine that it’s cheaper as well. But we see, basically, abuse within the system—cheques lost. Even with some of the clients needing instant access to their money, banks tend to hold on to a cheque for a number of days before they free up the cash. So as a response, we see these clients going somewhere and using other means, cashing cheques at a fairly high cost. These are people who generally need every dollar they have. They don’t need to be spending 15%, getting a cheque cashed. That’s kind of the response we see, by inaction on this program. It’s just something that certainly would help a lot of these people.
You mentioned in the last question, about the health card and using it for identification—there is, or at least there was, legislation that didn’t allow people to use it for identification. I mean, we have a good photo ID card, government-issued, and yet banks, by legislation, are not allowed to use it—or anybody, for that matter. Is there some thought—
Mr. David Ward: I would just be able to confirm for you that that is, in fact, in legislation. That legislation belongs to the Minister of Health, and it does currently exist today.
As my colleague says, one of the things that the province did to increase the range of identity products that a citizen might use, that isn’t limited to health care or driving privileges or what have you, is the Ontario Photo Card, which really reaches a greater audience, I would say. People with disabilities can access that product. People at both ends of the age spectrum can access that product. It does provide a secure means of identification for citizens. So I can comment on that. It’s our product.
Mr. Jim McDonell: A concern I have is especially students being required to have more than one ID. They don’t all have a driver’s licence, so they’re forced to carry around passports. It’s just something we’ve gone to the trouble—the money is there and spent. They’re willing to use it. People would be willing to accept it, but legally they can’t. It’s an issue to maybe take back.
We also talked about the sharing of records between ministries—addresses. It increases the accuracy. Is there movement on that, or any desire? I see that as something that there seems to be very little movement on.
Overall, it’s about getting things right. We talk about the fraud in the system. A lot of this is just when people are re-inputting stuff and mistakes are made. Some correction that allows it to say, “Oh, you’ve got a change here”—people change addresses, and don’t update records. I’m guilty of that myself.
Mr. David Ward: That’s actually a terrific question, and it’s one that we’re seized of. The Auditor General certainly raised the matter of our inability to share address information and so on across programs. Certainly, a consultation with the privacy commissioner would be of utmost importance as we continue to make progress in that area, and we are making progress. I’ll talk about that progress in a minute, because that’s exactly what the question was about.
But I would say that broader sharing of information across programs is something that we’re seized of. It’s something that does require information-sharing legislation that is not in place today.
But, having said that, there are some positive things that I want to talk about. I want to talk about a very practical thing that we do at the front counter today. If somebody comes in and changes their address on their driver’s licence, with their consent the front counter person will ask them whether or not we can also reconcile their health card address at the same time for them. So we’re proactively asking for their consent and being able to reconcile those two things at the front counter.
We’re also examining options to provide electronic name change notifications with our partners. That helps data integrity.
My colleague earlier talked about, and I believe, if I’m not mistaken—in fact, I’m quite confident that the initiative was mentioned in the budget, and that was improving our integrated online transactions. I think it was mentioned earlier that we currently offer an integrated address change online.
As part of our efforts to increase customer-centric service design, we’re applying service design principles that we’ve picked up—to Ms. Munro’s point, we’ve learned from other jurisdictions that they have such things as performance measures, customer service design principles and those kinds of things. We’ve borrowed a note from their book. We’re applying them to some of our transactions, like integrated address change, in hopes that we can make it a more user-friendly product.
But the objective is, just as you suggested, Mr. McDonell, to get better at sharing information between our two biggest programs, which is the Ministry of Transportation and the Ministry of Health.
The Vice-Chair (Ms. Lisa MacLeod): Thank you very much. My colleague, Mr. Singh, from the third party.
Mr. Jagmeet Singh: Thank you very much, Madam Chair. Good afternoon, once again. There was a question I asked you when we left off, and I don’t know if we got an answer to that question yet. Did anyone else—you probably don’t recall the question, because it was a long time ago. Let me tell you the question again. The question was: With reference to recommendation number 3, despite the finding by both the auditor and ServiceOntario that some fees charged are significantly greater than costs incurred, no steps have been taken to change this. Can ServiceOntario explain why no action has been taken on this recommendation?
Mr. Jagmeet Singh: Hi there. It’s a new person. That means this question has not been answered yet, because I’ve not seen you.
Ms. Angela Coke: That’s true. I just will reiterate—before I turn it over to Clare McMillan, who is our CAO and has been helping us with this part of the work—as I mentioned, in the context of our overall strategic plan and the timelines for some of our key transformation initiatives, we will need to do a full analysis of our revenues and fees. That will involve complex considerations about what the overall costs are that we incur to deliver the service and take into account a number of important business and system improvements that are planned or under consideration.
We will also need to align ourselves with what the government overall is committing to do in terms of looking at service fees in a way that is fair, balanced and reasonable.
I’ll turn it over to Clare to provide a bit more information in that regard.
Ms. Clare McMillan: Thank you, Deputy. Good afternoon, Madam Chair, honourable members and Auditor General. My name is Clare McMillan. I’m the assistant deputy minister of corporate services and the chief administrative officer for the Ministry of Government and Consumer Services. I’m happy to help respond to that particular question.
Let me start by saying that there are two streams of user fee revenues that we have accountability for: services that ServiceOntario manages directly and services that are offered on behalf of other ministries. ServiceOntario has four services that they are responsible for, end to end. These are company registrations, personal property security registration, vital events, and real property.
ServiceOntario completed an expenditure analysis of the four lines of business, as noted in the Auditor General’s report, that we manage end to end. The results of this analysis have allowed us to determine the cost per transaction for fiscal 2013-14. The analysis, however, as the deputy mentioned, only includes ServiceOntario expenses and some relevant expenses for Ontario shared services. It doesn’t include expenses related to transformational initiatives, nor does it include ServiceOntario’s share of other shared ministry programs like, for example, the policy for the business registration system.
When we completed this particular analysis, the primary purpose of the costing project was to formulate a channel migration strategy for the various transactions that we were offering. It was also to help inform us around project-specific initiatives that we might be developing and determining the costing around that.
The next step, as the deputy mentioned, is to complete a full revenue and fee analysis, which will follow the completion of several improvement initiatives in the lines of business, including systems modernization. Some of these systems are sitting on old legacy systems, and, while they’re running okay today, we know that the end is somewhere in sight.
It’s a complex business. These initiatives are at various stages of timing and implementation. For example, in the vital events line of business, we’ve talked already this afternoon about the polymer birth certificate. We committed to the Auditor General that we would be conducting a detailed analysis in the last quarter of 2015-16 or the first quarter of 2016-17. It’s probably going to be the first quarter of 2016-17. Again, we’ll need to look at modernization that this system, overall, might require, and then, as other initiatives come to fruition, we’ll treat them accordingly.
The Auditor General had also acknowledged in her recommendation that fees should be set at levels that would cover the costs of providing services when it is reasonable and practical to do so and also meet legal requirements that fees not be set at excessive amounts. As I mentioned earlier, any analysis needs to include that systems modernization and take into consideration full costs.
We’re also seized of the fact that the government announced, in the 2015 budget, that the province is moving forward with a multi-year, government-wide full cost recovery and indexation strategy for user fees. That was further reaffirmed last week in the 2016 budget, noting that it will continue reviewing all service fees in a way that is fair, reasonable and balanced. ServiceOntario is part of that enterprise-wide full cost recovery and indexation strategy. We have already provided to our partners and the Treasury Board Secretariat some of our baseline costing information around that.
I would also just like to note that, with the exception of real property, fees have not increased since—2002 was the last increase in the line of those particular services.
Mr. Jagmeet Singh: Okay. I’m going to just translate what you said. One, you have other costs that are coming up and so your fees are higher than the costs you incur because you have other costs that are coming up so you want to charge a bit more so that you can recover those costs—loosely.
Ms. Clare McMillan: No, we don’t know. I would say that it would be undetermined that we would be charging more at this point in time. We would need to—
Mr. Jagmeet Singh: No, no. Sorry; let me clarify. I didn’t phrase my question properly. I’m going to say that there are two things. One is that the auditor and ServiceOntario see that the fees that are currently charged are greater than the costs incurred. Your response to that issue was, one—I didn’t say this yet but I’ll say this: that the costs that the auditor analyzed don’t take into account all the costs that you actually incur. Is that one of your responses?
Ms. Clare McMillan: Correct.
Mr. Jagmeet Singh: Okay. And the second response, if I understood you correctly, is that you have other changes that you’re going to do and those are going to cost an amount, and so that’s why the rates are higher than the actual costs, because there are other expenses that you might incur. Is that what you said? That’s what I took from what you said. Say it to me directly, if you want.
Ms. Clare McMillan: What I would say is that we haven’t done the full analysis. We have analyzed our costs at a particular level. We’ve looked at what it costs ServiceOntario, but what we were looking at was a channel strategy so that we could cost each service by channel, whether it’s online, whether it’s in person or whether it’s part of our private network. We were interested in understanding what those figures were.
We looked at the very basic costs of doing those things—the direct and indirect costs that ServiceOntario was incurring. We did not look at the full suite of services that would give us a real answer in terms of whether we were charging the correct amount at this point of time. We need to do further analysis.
We didn’t look at modernization. We’re building a new business information system. There’s a cost to that that we will not actually know until we’re able to roll that out, and that requires legislation passing.
Mr. Jagmeet Singh: That’s what I thought I said, so I’m going to say it again. One: The Auditor General, you’re saying, didn’t address all of the costs that you actually incur. Do you agree with that statement or not? The Auditor General is saying that—their statement is right here. I don’t know; I’m just trying—the statement says that you’re charging more than the cost you’re incurring. That’s what they’re saying.
Ms. Clare McMillan: That is the Auditor General’s opinion, correct.
Mr. Jagmeet Singh: Yes, and you’re saying, “No, that’s not true because our costs are higher than that.”
The Vice-Chair (Ms. Lisa MacLeod): Mr. Singh, excuse me for one moment. I think that I’d like to have the auditor clarify what she—
Mr. Jagmeet Singh: Maybe I’m misreading this; I don’t know. I’m just reading it right there.
Ms. Bonnie Lysyk: I think what you’re referring to is the figure on page 258 of the original report, which deals with the comparison of fees and costs for registration programs at the point of 2012-13. Those are direct and indirect costs associated with the ministry.
What we’re talking about here, in terms of additional costs that aren’t included in here, are things like cross-ministry programs and broader government initiatives. At the time that this audit was done and those numbers were used, the concept of including that in this type of analysis wouldn’t have been discussed during the audit. It wasn’t a component.
I can see the logic that you’re bringing to the table now, that it would be something that, going forward, you would look at in order to assess fees going forward. You’d bring into play broader government costs versus the direct costs of operating these services within ServiceOntario. I think that’s the clarity around the point.
Mr. Jagmeet Singh: Sure. That makes sense to me.
The same thing I’m getting is—not that the Auditor General does any bad work; the Auditor General does great work—but just there are factors that you’re saying were not addressed. Auditor General, you’re saying that you didn’t consider those factors. Are we on the same page?
Ms. Clare McMillan: Yes.
Ms. Bonnie Lysyk: But they’re not relevant.
The Vice-Chair (Ms. Lisa MacLeod): Just one more quick clarification.
Ms. Bonnie Lysyk: I just want to clarify why we wouldn’t have considered them at the time: because they weren’t considered relevant at the time of the exercise. But now there are a lot more of these cross-government initiatives, I am interpreting here—
Ms. Clare McMillan: Correct; yes.
Ms. Bonnie Lysyk: —that we would now bring into play in determining what the fees should be for these services.
The Vice-Chair (Ms. Lisa MacLeod): You may proceed.
Mr. Jagmeet Singh: Thank you. That makes sense to me.
The second thing is that there are some issues around modernization. The equipment might need to be updated and some other technology might need to be updated. You mentioned legacy machines earlier. Because those need to be updated, that’s a cost that’s going to potentially be incurred. You’re not sure yet but it could be incurred, so that’s another issue why the fees seem to be higher but they’re not really higher if you factor in this modernization. Is that what you’re saying?
Ms. Clare McMillan: Yes.
Mr. Jagmeet Singh: All right. I love yes-or-no answers. I was a criminal defence lawyer for a number of years, and we love the yes/noes. That’s what we want. We love the yes/noes.
Ms. Clare McMillan: Yes. I will expand a little bit because I can’t help myself. The ONBIS system, for example, which we have built—we have not factored in the cost of that build and what it will take to get that up and running.
Mr. Jagmeet Singh: Sure. That makes sense. I’m satisfied now. I was trying to dig for something, but I think it’s okay now. I’m all right with that. That helps me; thank you very much for that.
I’m going to come back to some of the privacy and security questions that I asked earlier, so I guess this is going to be directed more broadly. In terms of the work that goes on—and this is something that I didn’t bring up in my first round of questioning—is there any liaison with the privacy commissioner with respect to the privacy commissioner’s guidelines with respect to privacy? Is that something that the ministry does on a regular basis? And as the privacy commissioner updates, is that something that ServiceOntario, broadly speaking, but specifically the ministry then incorporates? And how does that happen? If there’s a process, is it a yearly thing, is it a regular thing, or it just happens on an ad hoc basis?
Ms. Clare McMillan: I can actually answer that question.
Mr. Jagmeet Singh: Excellent.
Ms. Clare McMillan: The answer is yes. We have a team of staff. They report into my division and they are accountable for investigating any privacy breaches that we have. We classify those into two different categories which would be minor or low-impact breaches, and then the more high-risk breaches.
A low breach would be a mistake that one of our staff makes. Perhaps it’s a mistake on your driver’s licence, or something gets cancelled in error, etc. We have a process for dealing with that.
The more significant breaches, and you touched on that in a question a little bit earlier, is where an employee might access information that has nothing to do with their particular job and they shouldn’t be accessing that information. We would consider that a high-impact breach. In those situations, we would always be in contact with the privacy commissioner. They are very low: Given that we have 49 million interactions per year at ServiceOntario, last year there were seven of those.
The head of my privacy unit is in constant contact with the privacy commissioner. We have an excellent relationship with them in terms of making sure that the commissioner is aware of everything that is going on and weighs in with their perspective and their advice to us.
The other thing that I would say is that we have agreements with our partner ministries. With the Ministry of Transportation: When it’s a product that they have accountability for, we do a monthly report to them on any type of breach, minor or major.
Mr. Jagmeet Singh: Okay. So those—
Ms. Angela Coke: Sorry, and those are done in a proactive way.
Mr. Jagmeet Singh: Yes; that’s what I was going to ask.
Ms. Angela Coke: On that side of things, for sure, we’re very stringent and make sure that we inform the privacy commissioner as we need to, but in a proactive way in terms of, when we’re doing design—
Mr. Jagmeet Singh: That was going to be my next question. You beat me to it.
Ms. Angela Coke: Right. When we’re doing design, when we’re trying to think through, we’ll have to talk a bit more about what David was talking about in terms of single identity and those types of things. Absolutely, we will be consulting with the privacy commissioner to make sure that we get that expertise and thought in terms of the front end of things.
Ms. Bev Hawton: If I could add?
Mr. Jagmeet Singh: Yes, please.
Ms. Bev Hawton: Any new product or service or any change to a product or service, whether it’s a change in our processes, at our retail offices or online, requires a privacy impact analysis. Our head of privacy signs off on all of those. If risks are identified, then the program area or ServiceOntario is required to set out strategies to mitigate each risk.
Mr. Jagmeet Singh: That’s great.
Ms. Bev Hawton: It’s a very thorough process.
Mr. Jagmeet Singh: So the privacy impact is—
The Vice-Chair (Ms. Lisa MacLeod): You have two minutes.
Ms. Helga Iliadis: I’m not aware of any external privacy audits. Again, it’s a high-impact item that we assess in our own evaluations. We do have regular access to our privacy experts, the team that Clare mentioned as part of her division, who will come out and do privacy audits, privacy reviews and privacy education. So we do have access to it that way, but it isn’t, strictly speaking, external. It’s external to our operation, but not to ServiceOntario and the ministry.
Ms. Angela Coke: We also have access to our own ministry audit folks as well. When we do our ministry annual audit plan on a risk basis, if we think there’s a need to investigate further any of these issues, they get on our audit plan.
Mr. Jagmeet Singh: Okay. Thank you.
The Vice-Chair (Ms. Lisa MacLeod): All right. I’m going to cut you off there unceremoniously, Mr. Singh. I do apologize.
Mr. Jagmeet Singh: No, no; it’s good. That was great. Lots of ceremony was given. Thank you.
The Vice-Chair (Ms. Lisa MacLeod): I thank you all very much.
I’d now like to turn the floor over to my colleagues in the Liberal caucus. We’ll start with Mr. Fraser.
Mr. John Fraser: Thank you very much, Madam Chair.
Thank you very much for being here today. As all politics are local, I do want to say one thing: My office is about 500 feet away from a private ServiceOntario office, and we have a very good working relationship.
From time to time, you get some challenges that exist around—I have a mother who’s about 60 and has a son with a complex developmental exceptionality for whom she has been caring for 36 years. They’re going through the process of getting their health care. So it’s not a simple process in a lot of ways, and they’ve been very helpful in that regard. I’m just saying thanks publicly for the kind of working relationship that we have.
I do want to talk about recommendation 1.1(b), which relates to the online strategy. I would just like Mr. Ward to elaborate on—or whoever feels best—
Ms. Angela Coke: He’s our best guy.
Mr. John Fraser: —to elaborate on what the strategy is, going forward, to increase utilization.
Having said that, one of the things I heard when I was listening to some of the testimony is that most of these services are episodic. Your driver’s licence renewal is annual, so it’s a predictable line of business. Birth certificates aren’t quite as predictable. Driver’s licences, over a longer period of time, you can predict them. But from an individual’s point of view, you’re not going online to figure out how to get your birth certificate; it’s just when you’ve lost your birth certificate or you need it. So there are challenges around how to elevate people’s knowledge and utilization of those kinds of different products.
Mr. David Ward: That’s a great point.
If I could just start off with your first question, which is to help members understand ServiceOntario’s strategic directions: ServiceOntario actually received its first mandate from government in 2006, only 10 years ago, and a lot has been accomplished in that period of time. Prior to 2006, you might imagine having to go to three different offices to get three different products. The upshot of that mandate in 2006 was really to bring services under one counter, one common clerk, one place, to make it easier for customers. Over that time, and in fact in the first couple of years, we went from an organization that registered just over 10 million transactions to one that registered just over 40 million transactions. So the growth rate was tremendous in the first few years.
We’ve invested in infrastructure. We’ve invested in call centre technology in order to allow our colleague ministries to tap into either that technology or even our human resource capability, in order to provide an opportunity for more enterprise service. We’ve created an IT platform that enables us to do things like online driver’s licences. We continue to look for transformation opportunities.
Somebody mentioned taking a manual, private security guard in investigations transaction that was run by our colleagues out of the Ministry of Community Safety—take that and completely reinvent that transaction and put it online. It’s an incredible story and transformation with incredible success.
Over that period of 10 years, we thought about what it is that we really do well at ServiceOntario and how we can offer that value up to more ministries across the system in order to drive a better customer experience, greater efficiency and so on. At the same time, we took a look at—I think I mentioned this before—jurisdictions across the world that are really good at service delivery, and what we took away from that were five key priorities. One of them is digital first; we’ve heard lots about that today. The other one was the importance of customer-centric service design. Another is the importance of effective partnerships—ServiceOntario’s business model is designed completely on successful partnerships. A sustainable network: We’ve heard lots today about the importance of the in-person network across the province. And we heard about organizational excellence—as we move to this new digital place, do we have the right kind of people with the right kind of mindset to deliver tomorrow’s service to the public?
Those are things that we’re very thoughtful—we have a list of activities under each one of those. You’ve heard about some of them today. You’ve heard about our desire to put a health card online, our desire to move more services online—creating better online services so more people will use them. You heard a lot about those strategies. We’re really excited about our new mandate, and we’re working hard to fulfill some of those priorities that I just talked about.
I am mindful of the time. I don’t think I covered the other part of your question, and I don’t know if my colleagues might be able to—
Mr. John Fraser: Just in terms of the recommendations around—you have a goal of driving up utilization. Having said that, there was some discussion of costs here. When you look at costs, it’s a complex—it’s a great thing for convenience for people. When you push this piece up, the other piece comes down. You have multiple cost centres, so you have to do a thorough analysis as you move forward with these kinds of programs to make sure that you know that you’re, first of all, recovering costs in a way that works with the progress of your plan.
Back to the question, which was really about your progress on that in terms of driving up—I know we heard 30.9%. What are you doing to drive that up?
Ms. Bev Hawton: We’re doing a number of things to promote greater use of the online channel. We do promote it today through online advertising and social media, so people who are going to use the online channel are people who are online. That’s why we prefer this particular media for promoting: because it’s cheaper and the people are already there, so you have a captive audience.
We are redesigning forms—I mentioned previously about the vehicle licence sticker renewal form—and really taking a look at what we can do to make a form not seem like a summons to come to our office, to really use the form and change the messaging on it to promote online use. We’re also redesigning some of our key services, so some that were mentioned in the 2016 budget include the used vehicle information package and our service finder, which is now a service location finder. When we improve that, we’ll make it easier for customers to navigate and they’ll be able to find a service online before they visit a service centre. We’ll be aligning how Ontarians change their addresses on a driver’s licence with health cards. That particular service is already online. We do see an opportunity to make it simpler and more customer-friendly and just simplify it to get greater uptake.
Finally, my colleague mentioned that we will be working with our colleagues at the Ministry of Health and Long-Term Care to introduce online renewals of health cards.
Those are some of the particular products and services that we’ll be focusing on in the future.
In addition to that, we’ve introduced a new service design framework that really puts the customer first. Some of the key principles are: Understand what the problem is that you’re trying to solve. Put yourself in the shoes of the customer and take a look at the customer experience end to end. Look across boundaries so that when you’re designing a service, in particular an online service, you’re not just solving part of the problem; you’re solving the entire problem. Keep it simple. Again, think from a customer’s perspective. Iterate to make it better. It doesn’t need to be perfect the first time. Use prototyping and involve customers in user experience design. Learn from that and keep it agile to continuously improve it.
I think one of my colleagues mentioned making the channels work together. As we’re promoting digital first, we understand that not everyone wants to be online. Let’s see what we can do with the telephone channel and turn that into what we call a digital assist, so individuals who want some assistance can get that assistance and still talk to a human.
Those are some of the approaches that we’re using right now and some of the products and services that we’ll be focusing on in the future.
Mr. John Fraser: I’m glad to hear two things about making the forms more informative in terms of driving people online. It does look incredibly like a summons when you get it: You open it up and there are all these numbers, and it’s got that same print when you do get a summons—not that I’ve ever gotten one.
But I think that will be a big transformation. It’s also good to hear. From my perspective, one of the things, when we’ve had some discussions around this, is that there are three different channels. There are three different service—and that’s something that has to be analyzed because people still want to come in. Now, it may decrease over a period of time. I don’t know if it will ever be eliminated. So how you treat those three levels of business, that’s your business model. You have to make sure that they all continue to function and are equally supported and balanced.
Ms. Bev Hawton: Yes.
The Vice-Chair (Ms. Lisa MacLeod): Further questions? Mr. Rinaldi?
Mr. Lou Rinaldi: First of all, thank you for being here today. You’re so well prepared—probably one of the best-prepared deputants we’ve ever had in the year and a half I’ve been here. Congratulations.
I have, I think, five ServiceOntario offices in my riding. I have a ministry-run one in Cobourg, I have a couple of chamber-driven ones, and I believe I have two private ones. Frankly, they’re all doing a fantastic job. It has been a big change from the past. I shared a ministry-run one when I first got elected in 2003, at the same location, in the same office building, and we did have some challenges. The staff are pretty pleased with the changes.
Back to the online services: I’m wearing a bit of a rural hat and a rural lens. As I said this morning to the auditor’s staff, I’m so happy that only six months ago I got about half of high-speed service where I live—half; not what I have here. There are a lot of parts of northern and rural Ontario that only have cell service. So I would just encourage you to keep that in mind as we move to the online services. I’m very fortunate that I have an eight-year-old grandson who can help me with those things. Not everybody, especially of our age—I’d just make that comment; I don’t need an answer. Just keep that in mind: that the face-to-face or telephone is important.
The question—and you touched on it a little bit—of the conversion from the red-and-white card to the photo card: I know that people have been getting letters at home. Here’s where I think it’s important that we change it to a photo card, although I wasn’t happy when it happened, because I had my taped one in my wallet for years. Just about a month ago, my youngest son, who hasn’t lived at home for about 14 or 15 years now—I got his renewal notice at my former address, not even where I live now. He probably got this health card earlier on in his school days. So I think it’s important from a security standpoint that we get that done. How would we ever find where my son is if there was something within that—because there were three different locations that we missed, to where he is now. I know the minister made some comments the other day about how we want to have an end goal to this, but are we going to get there?
The Vice-Chair (Ms. Lisa MacLeod): You have about two minutes.
Ms. Bev Hawton: Absolutely, we’re going to get there. ServiceOntario has significantly increased its efforts to convert to the more secure photo card. In the last fiscal year, more than 360,000 red-and-white card conversions were completed. In this fiscal year to date—so, as of the end of January, over 10 months—there have been nearly 800,000 cards converted. As of the end of January 2016, only 1.6 million red-and-white cards remain in circulation, compared to 3.2 million in March 2013. So, as our deputy said earlier, more than nine out of 10 people now have the more secure photo card. We’re absolutely pleased with this progress, and we’re well on our way to converting all of the red-and-white cards to photo health cards by 2018.
The other thing I would like to mention, because you brought it up, is that it’s really important for people to keep their address up to date. One of the things that we’re doing at ServiceOntario is encouraging cardholders to make sure their address is up to date so that they actually receive the conversion letter. We send the letter to the last official address that we have on our health database record, not the address that the doctor has.
The other thing I’ll mention is that switching the card is free, and it can be done at any ServiceOntario location across Ontario, almost 300 locations. You can go when it’s convenient for you, such as when you’re there to do another transaction, like renewing your driver’s licence.
The Vice-Chair (Ms. Lisa MacLeod): Thank you very much for your time.
Deputy, I would like to say thank you to you and your entire delegation for a very well prepared briefing and your generosity in extending some very good answers to my colleagues.
We are about to go into closed session, so we will recess for a few minutes as the room clears. Thank you.
The committee recessed at 1445 and continued in closed session at 1452.
Wednesday 2 March 2016
2015 Annual Report, Auditor General P-265
Ministry of Government and Consumer Services P-265
Ms. Angela Coke
Ms. Bev Hawton
Ms. Helga Iliadis
Mr. David Ward
Mr. Robert Mathew
Ms. Clare McMillan
STANDING COMMITTEE ON PUBLIC ACCOUNTS
Chair / Président
Mr. Ernie Hardeman (Oxford PC)
Vice-Chair / Vice-Présidente
Ms. Lisa MacLeod (Nepean–Carleton PC)
Mr. Han Dong (Trinity–Spadina L)
Mr. John Fraser (Ottawa South L)
Mr. Ernie Hardeman (Oxford PC)
Mr. Percy Hatfield (Windsor–Tecumseh ND)
Ms. Lisa MacLeod (Nepean–Carleton PC)
Ms. Harinder Malhi (Brampton–Springdale L)
Mrs. Julia Munro (York–Simcoe PC)
Mr. Arthur Potts (Beaches–East York L)
Mr. Lou Rinaldi (Northumberland–Quinte West L)
Substitutions / Membres remplaçants
Mr. Grant Crack (Glengarry–Prescott–Russell L)
Mr. Jim McDonell (Stormont–Dundas–South Glengarry PC)
Mr. Peter Z. Milczyn (Etobicoke–Lakeshore L)
Mr. Jagmeet Singh (Bramalea–Gore–Malton ND)
Also taking part / Autres participants et participantes
Ms. Bonnie Lysyk, Auditor General
Clerk / Greffière
Ms. Valerie Quioc Lim
Staff / Personnel
Mr. Ben Elling, research officer,