FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY A. 38

Similar documents
YORK REGION DISTRICT SCHOOL BOARD. Policy and Procedure #158.0, Information Access and Privacy Protection

Freedom of Information and Protection of Privacy

Compliance with Personal Health Information Protection Act

PRIVACY AND ANTI-SPAM CODE FOR OUR ORGANIZATION

The Arizona HIO Statute

Dr. Kristin Heins, ND Thrive Natural Family Health 110 Eglinton Avenue East, Suite 502 Toronto, Ontario M4P 2Y1 Telephone: (647)

AGREEMENT BETWEEN: LA CLÍNICA DE LA RAZA, INC. AND MOUNT DIABLO UNIFIED SCHOOL DISTRICT

IVAN FRANKO HOME Пансіон Ім. Івана Франка

Mandatory Reporting and Breach Notification Changes to PHIPA and what you need to know

PRIVACY AND ANTI-SPAM CODE FOR OUR DENTAL OFFICE Please refer to Appendix A for a glossary of defined terms.

Opening the Door Hospitals & FOI. Applying PHIPA and FIPPA to Personal. Information: Guidance for Hospitals.

STEP BY STEP SCHOOL. Data Protection Policy and Privacy Notice

Routine Disclosure Plan

PRIVACY BREACH MANAGEMENT POLICY

Privacy Toolkit for Social Workers and Social Service Workers Guide to the Personal Health Information Protection Act, 2004 (PHIPA)

2) Objectives a) The Agency will: i) Provide support to the student(s) whilst engaging in the learning processes of a quality and diverse placement

Reporting and Investigating Privacy Breaches and Complaints Approval: Original Signed by R. Cloutier. Date: September 2017

Compliance Program And Code of Conduct. United Regional Health Care System

Job Description. Ensure that patients are offered appropriate creative and diverse activities within a therapeutic environment.

DATA PROTECTION POLICY

National Industry Standards Code of Ethics and Conduct for Homeownership Professionals

STUDENT ACHIEVEMENT AND WELL BEING, CATHOLIC EDUCATION AND HUMAN RESOURCES COMMITTEE

A Privacy Compliance Checklist: Organizing for Privacy Management

REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust. Signed Administrative Approval On File

Safeguarding Policy Children and Adults at Risk

PRIVACY IMPACT ASSESSMENT (PIA) For the

College of Midwives of Ontario Professional Standards for Midwives

PERSONAL HEALTH INFORMATION PROTECTION ACT (PHIPA) Frequently Asked Questions (FAQ s) Office of Access and Privacy

Reservation of Powers to the Board & Delegation of Powers

What to do When Faced With a Privacy Breach: Guidelines for the Health Sector. ANN CAVOUKIAN, Ph.D. COMMISSIONER

HIPAA Notice of Privacy Practices

AN OVERVIEW OF FIPPA for FACULTY, INSTRUCTORS & ADMINISTRATORS. Information and tips on how to keep you FIPPA FRIENDLY

PROFESSIONAL STANDARDS FOR MIDWIVES

INVESTIGATION REPORT

Getting Ready for Ontario s Privacy Legislation GUIDE. Privacy Requirements and Policies for Health Practitioners

ACC Privacy Policy. Policy Statement. Objective. Scope. Policy system. Policy standards. Collection

A Deep Dive into the Privacy Landscape

Visual Communication Alert Symbols Guidelines for Staff. Version 4.0. All Hospital Staff. Care Quality Commission s fundamental standards

The Personal Health Information Protection Act

Report of the Information & Privacy Commissioner/Ontario. Review of the Cardiac Care Network of Ontario (CCN):

REPORT OF THE BOARD OF TRUSTEES. Protection of Clinician-Patient Privilege (Resolution 237-A-17)

Overview. COTBC Practice Standards for Managing Client Information, Tel: (250) Toll-Free BC: 1 (866) Fax: (250)

Overview of. Health Professions Act Nurses (Registered) and Nurse Practitioners Regulation CRNBC Bylaws

Privacy and Management of Health Information

Practice Review Guide April 2015

Certified Advanced Alcohol & Drug Counselor (CAADC) Appendix B. Code of Ethical Standards

Overview of Privacy Legislation in Ontario

UCLA HEALTH SYSTEM CODE OF CONDUCT

Local Health Integration Network Authorities under the Local Health System Integration Act, 2006

NOTE: The first appearance of terms in bold in the body of this document (except titles) are defined terms please refer to the Definitions section.

PROCEDURE-STUDENT RECORDS

Data Integration and Big Data In Ontario Brian Beamish Information and Privacy Commissioner of Ontario

INFORMED CONSENT FOR TREATMENT

INFORMED CONSENT FOR TREATMENT

PATIENT INFORMATION. In Case of Emergency Notification

Reporting a Privacy Breach to the Commissioner

QUINTE HEALTH CARE PRINCIPLES OF GOVERNANCE AND BOARD ACCOUNTABILITY

[Enter Organization Logo] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW. Policy Number: [Enter] Effective Date: [Enter]

PRIVACY BREACH MANAGEMENT GUIDELINES. Ministry of Justice Access and Privacy Branch

JOB DESCRIPTION. 2. To participate in the delivery of medicines administration depending on local need and priorities.

VISITING SCIENTIST AGREEMENT. Between NORTH CAROLINA STATE UNIVERSITY. And

SAFEGUARDING CHILDEN POLICY. Policy Reference: Version: 1 Status: Approved

NOTICE OF PRIVACY PRACTICES

Head Office: Unit 1, Thames Court, 2 Richfield Avenue, Reading RG1 8EQ JOB DESCRIPTION. Community Nursery Nurse 0-19 (25) Service - Slough

Access to Health Records Procedure

Ending the Physician-Patient Relationship

HIPAA for CNAs. This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020.

Practice Review Guide

Overarching Section 75 Agreement Adults Integrated Health and Social Care Services. Subject. Cabinet Member

JOB DESCRIPTION. Debbie Grey, Assistant Director, ESCAN

General Policy. Code of Conduct

THIS AGREEMENT made effective this day of, 20. BETWEEN: NOVA SCOTIA HEALTH AUTHORITY ("NSHA") AND X. (Hereinafter referred to as the Agency )

Guide to. Grant Aid Agreement Document. Section 39 Health Act, 2004 Section 10 Child Care Act, 1991 National Lottery

JOB DESCRIPTION. Specialist Looked After Children s Nurse

South Carolina Radiation Quality Standards Association Code of Ethics

Entrepreneurs Programme - Supply Chain Facilitation

Lyndon Township Broadband Implementation Committee Lyndon Township, Michigan

Medical Assistance in Dying

I. Preamble: II. Parties:

AGENCY SPECIFIC RECORD SCHEDULE FOR: Vermont State Hospital

EQUAL OPPORTUNITY & ANTI DISCRIMINATION POLICY. Equal Opportunity & Anti Discrimination Policy Document Number: HR Ver 4

ACCESS TO HEALTH RECORDS POLICY & PROCEDURE

APPENDIX N. GENERIC DOCUMENT TEMPLATE, DISTRIBUTION STATEMENTS AND DOCUMENT DATA SHEET and THE IMPORTANCE OF MARKING DOCUMENTS

(Example: F011 AF AFMC A (Contractor Flight Operations))

Application Guidelines

ANPR Policy Version , March 2016

HANDBOOK FOR THE INDIGENOUS ECONOMIC DEVELOPMENT FUND. January 2018

NOTICE OF PRIVACY PRACTICES

Defense Security Service Academy OCA Desk Reference Guide

H.M. 14- HARASSMENT AND DISCRIMINATION IN THE WORKPLACE

Eastern Ontario Development Program

Expression of Interest. for. Canada 150 Coordinator Bridging Meaning in Niagara Project

PATIENT BILL OF RIGHTS & NOTICE OF PRIVACY PRACTICES

Standards conduct, accountability

Title X Guidelines Revision: Program Requirements

DEPARTMENT OF DEFENSE AGENCY-WIDE FINANCIAL STATEMENTS AUDIT OPINION

COUNTY OF PERTH. Chief Administrative Officer. Clerk s Office Business Plan. January 2017

System of Records Notice (SORN) Checklist

Policy No. AD I1 ** Information from collection to retention shall be managed according to relevant legislation.

Roles and Principles of Governance Agreement

Transcription:

Select Public/Private If Private select Ed. Act. Section. REPORT TO GOVERNANCE AND POLICY COMMITTEE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY A. 38 Turning to the disciples, He said privately, Blessed are the eyes that see the things you see. Luke 10:23 Created, Draft First Tabling Review January 12, 2015 January 20, 2015 Click here to enter a date. Loretta Notten, Superintendent Governance, Policy and Strategic Planning Paul Matthews, Legal Counsel, Corporate Services Bryan Shannon, Senior Manager, Archives, Records and Freedom of Information RECOMMENDATION REPORT Vision: At Toronto Catholic we transform the world through witness, faith, innovation and action. Mission: The Toronto Catholic District School Board is an inclusive learning community rooted in the love of Christ. We educate students to grow in grace and knowledge and to lead lives of faith, hope and charity. G. Poole Associate Director of Academic Affairs A. Sangiorgio Associate Director of Planning and Facilities Angela Gauthier Director of Education Page 22 of 67

A. EXECUTIVE SUMMARY On October 31 st, 2014, arising from a trustee motion, there was a request to draft a new policy that reviewed the TCDSB s obligations in regards to. TCDSB has obligations under the Municipal Privacy Act (MFIPPA or the Act ) and this report recommends approval of a new policy that outlines those obligations. B. PURPOSE The TCDSB has obligations under the provisions of the Municipal Freedom of Information and Act 9 MFIPPA or the Act ) and to all other applicable legislation with respect to privacy and access to information. Within our Multi-Year Strategic Plan we have identified strategic priorities which are tightly linked to this responsibility. The confidentiality of all student and staff records, and the general well-being of the same, is of paramount importance and tightly connects to our goal of strengthening public confidence in the TCDSB. C. BACKGROUND 1. The TCDSB has obligation under the Municipal Freedom of information and Act and the Education Act, and while it has been compliant in its related practices, the board has been lacking in an official policy which outlines those obligations. 2. The TCDSB is responsible for the personal student and staff information under its custody or control, and is obligated to administer all requests for access in accordance with MFIPPA. These obligations extend to any third party service providers who have access to personal information through their association with the TCDSB. 3. The TCDSB provides inservicing for staff outlining our obligation under MFIPPA, but to date has been lacking in an official TCDSB policy related to the same. Page 23 of 67 Page 2 of 3

4. Any breeches of TCDSB s obligations under MFIPPA could subject the TCDSB to legal and financial risk for failure to meet our statutory responsibilities. D. ACTION PLAN 1. The TCDSB is subject to the provisions of the Municipal Freedom of Information and Act (MFIPPA). MFIPPA extends to all information in relation to staff or students under the custody of the TCDSB. 2. Given that there are statutory obligations that the TCDSB must fulfil in relation to the Act, the Board is well-served by a policy that outlines our obligations under MFIPPA. 3. The TCDSB has appointed a staff member to be responsible for administering all request for access to personal information, as well as both defending board decisions in relation to MFIPPA and overseeing protocols and procedures in terms of any breeches in practice. 4. Individual rights to access non-confidential information, as well as general records administered by the TCDSB shall be protected and further, individuals will have the right to challenge TCDSB s compliance, as per the process dictated by MFIPPA. 5. Given the nature of the governance role of the Board of Trustees, they will be informed of any disclosures of information or appeals made under MFIPPA that relate to matters of larger public interest. E. METRICS AND ACCOUNTABILITY 1. The TCDSB is responsible for reporting to the Ontario Information and Privacy Commissioner regarding its compliance with its obligations under MFIPPA, which the commissioner will assess. F. STAFF RECOMMENDATION That the Board of Trustees approves the new policy A. 38, as found in Appendix A. Page 24 of 67 Page 3 of 3

Date Approved: Date of Next Review: Dates of Amendments: Cross References: Municipal Act Education Act Information and Privacy Commissioner of Ontario A Guide to the Ontario Legislation Covering the Release of Students Personal Information, 2011 Information and Privacy Commissioner of Ontario Privacy Breach Protocol: Guidelines for Government Organization, 2014 Purpose To ensure that TCDSB complies with the provisions of the Municipal Freedom of Information and Act ( MFIPPA or the Act ) and all other applicable legislation with respect to privacy and access to information. Scope and Responsibility This policy extends to all information in the custody or under the control of the TCDSB. The Director of Education is responsible to oversee compliance, in consultation with TCDSB legal counsel, and to delegate administration of statutory requirements to a designated staff member. Alignment with MYSP: Strengthening Public Confidence Student Achievement and Well-Being Inspired and Motivated Employees Page 25 of 67 Page 1 of 6

Financial Impact Compliance with the provisions of the Municipal Act will eliminate the possibility of incurred financial penalty under the Act, or financial penalty as a result of litigation. Legal Impact The Municipal Act requires that Ontario public institutions protect the privacy of an individual s personal information, and gives individuals the right to request access to general nonconfidential information within the custody and under the control of the institution, as well as records containing their own personal information. Policy The TCDSB will collect, use, retain and disclose personal and confidential information in accordance with the statutory responsibilities provided in the Municipal Act and any other applicable legislation, and will make general information within its custody and control that is not confidential accessible to the public as prescribed by the Act and any other applicable legislation. Regulations 1. TCDSB is responsible, in accordance with MFIPPA, for personal information under its custody or control and delegates the authority relative to MFIPPA to the Director of Education to be the Head in compliance with MFIPPA and to be accountable for compliance with privacy legislation. The Director shall appoint a staff designate who shall, pursuant to applicable legislation, be responsible for: a. Administering and ensuring compliance with respect to the collection, use, disclosure and retention of personal information in accordance with MFIPPA; b. Administering all requests for access or correction to personal information in accordance with MFIPPA; Page 26 of 67 Page 2 of 6

c. Ensuring that procedures are in place regarding third party service providers who have custody of personal information on behalf of TCDSB whom are held accountable under MFIPPA; d. Providing access by the public to privacy policies and procedures prepared by the TCDSB; e. Administering all requests for access to general non-confidential information in accordance with MFIPPA; f. Where necessary, preparing for and defending decisions made under MFIPPA at an appeal; g. Establishing and overseeing protocols and procedures in terms of managing any privacy breaches that may occur in accordance the Information Privacy Commissioner of Ontario s Guidelines; h. Communicating and providing training opportunities to staff, as required, with respect to the obligations under MFIPPA and other applicable legislation; and i. Any other requirements and responsibilities that may arise with respect to the TCDSB s obligations under MFIPPA and other applicable legislation. 2. The Board of Trustees shall be advised of disclosures of information under MFIPPA that relate to matters of widespread public interest, and shall be advised of any significant breaches of personal information. 3. TCDSB shall identify the purpose(s) for which personal information is collected, and individuals shall be notified at or before the time personal information is collected, as prescribed by law. 4. TCDSB shall ensure an individual s informed consent is obtained, where practicable, for the collection, use, or disclosure of personal information, or that an individual is notified of the collection, use or disclosure of personal information, as prescribed by law. Page 27 of 67 Page 3 of 6

5. TCDSB shall limit the collection of personal information to that which is necessary for its specified purposes in accordance with its statutory duties and responsibilities. 6. TCDSB shall ensure personal information may only be used or disclosed for the purposes for which it was collected, other purposes consented to, or as prescribed by law. It may only be retained for as long as is necessary to satisfy the purposes for which it was collected, as prescribed by law, or in accordance with retention guidelines prescribed by TCDSB. 7. TCDSB shall ensure any personal information that is collected, used or disclosed should be as accurate, complete and up-to-date as is necessary in order to fulfill the specified purpose for its collection, use, disclosure and retention. 8. TCDSB shall ensure personal information shall be protected from unauthorized access, use, disclosure, and inadvertent destruction by adhering to safeguards appropriate to the sensitivity of the information. 9. TCDSB shall ensure an individual has the right to request his or her personal information and will be given access to that information in accordance with MFIPPA, subject to any mandatory or discretionary exceptions. An individual has the right to challenge the accuracy and completeness of the information and to request that it be amended as appropriate or to have a letter/statement of disagreement retained on file. An individual shall be advised of any third party service provider requests for his/her personal information in accordance with privacy legislation, subject to what is permitted under law. All requests for access to personal information from individuals other than the individual whom the information relates to, will be administered in accordance with TCDSB s privacy policy, MFIPPA, and associated legislation. Page 28 of 67 Page 4 of 6

10. TCDSB shall ensure an individual has the right to request access to general non-confidential information in the custody, or under the control of, the Board in accordance with MFIPPA. Access to general records shall be administered, subject to prescribed exemptions, in accordance with MFIPPA. 11. TCDSB shall ensure an individual has the right to address or challenge compliance with these principles through the appeal processes provided for under MFIPPA, and shall be informed of the process by which to appeal, as prescribed by MFIPPA. Definitions Personal Information: Refers to recorded information about an identifiable individual, including: a. Information relating to the race, national or ethnic origin, colour, religion, age, sex, sexual orientation or marital or family status of the individual, b. Information relating to the education or the medical, psychiatric, psychological, criminal or employment history of the individual or information relating to financial transactions in which the individual has been involved, c. Any identifying number, symbol or other particular assigned to the individual, d. The address, telephone number, fingerprints or blood type of the individual, e. The personal opinions or views of the individual except if they relate to another individual, f. Correspondence sent to an institution by the individual that is implicitly or explicitly of a private or confidential nature, and replies to that correspondence that would reveal the contents of the original correspondence, g. The views or opinions or another individual about the individual, and Page 29 of 67 Page 5 of 6

h. The individual s name as it appears with other personal information relating to the individual, or where the disclosure of the name would reveal other personal information about the individual. i. General Information: Refers to recorded information in the Board s custody or under its control that is not of a personal nature, and is not exempt from public access under MFIPPA. Metrics 1. Compliance with the provisions and principles of MFIPPA will be measured by means of annual reporting to the Ontario Information and Privacy Commissioner. Additionally, it is the mandate of the Ontario Information and Privacy Commissioner to monitor compliance with the provisions of MFIPPA and to investigate instances of non-compliance. Page 30 of 67 Page 6 of 6

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback