YORK REGION DISTRICT SCHOOL BOARD. Policy and Procedure #158.0, Information Access and Privacy Protection

Similar documents
FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY A. 38

Freedom of Information and Protection of Privacy

Routine Disclosure Plan

Opening the Door Hospitals & FOI. Applying PHIPA and FIPPA to Personal. Information: Guidance for Hospitals.

The Personal Health Information Protection Act

REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust. Signed Administrative Approval On File

AN OVERVIEW OF FIPPA for FACULTY, INSTRUCTORS & ADMINISTRATORS. Information and tips on how to keep you FIPPA FRIENDLY

PERSONAL HEALTH INFORMATION PROTECTION ACT (PHIPA) Frequently Asked Questions (FAQ s) Office of Access and Privacy

PRIVACY BREACH MANAGEMENT GUIDELINES. Ministry of Justice Access and Privacy Branch

IVAN FRANKO HOME Пансіон Ім. Івана Франка

A Deep Dive into the Privacy Landscape

INVESTIGATION REPORT

PRIVACY AND ANTI-SPAM CODE FOR OUR DENTAL OFFICE Please refer to Appendix A for a glossary of defined terms.

What to do When Faced With a Privacy Breach: Guidelines for the Health Sector. ANN CAVOUKIAN, Ph.D. COMMISSIONER

Infection Prevention and Control Lapse Disclosure Guidance Document

New rules, new law affect workplace health and safety

Food Safety Protocol, 2018

Overview. COTBC Practice Standards for Managing Client Information, Tel: (250) Toll-Free BC: 1 (866) Fax: (250)

PRIVACY AND ANTI-SPAM CODE FOR OUR ORGANIZATION

Office of the Australian Information Commissioner

POLICY STATEMENT PRIVACY POLICY

Information Sharing Drivers and Recommendations. Sherry Liang. Assistant Commissioner. Big Picture Issues The Regulators Perspective October 3, 2015

New York Notice Form Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information

NOTICE OF PRIVACY PRACTICES

Privacy and Management of Health Information

NOTICE OF PRIVACY PRACTICES

Data Integration and Big Data In Ontario Brian Beamish Information and Privacy Commissioner of Ontario

Health Information Privacy Policies and Procedures

DUTIES OF A CUSTODIAN

UCLA HEALTH SYSTEM CODE OF CONDUCT

Report of the Information & Privacy Commissioner/Ontario. Review of Cancer Care Ontario:

Mandatory Reporting and Breach Notification Changes to PHIPA and what you need to know

Compliance with Personal Health Information Protection Act

Ministry of Education Saskatchewan Québec Student Exchange Program Criminal Records Check Policy and Procedures

Catholic Charities Disabilities Services. In-Home Behavioral Support Services (2017)

Lutheran Brethren Homes, Inc. NOTICE OF PRIVACY PRACTICES

Report of the Information & Privacy Commissioner/Ontario. Review of the Cardiac Care Network of Ontario (CCN):

Your Privacy. Ontario s Information and Privacy Commissioner.

Facility Standards & Clinical Practice Parameters for Midwife-Led Birth Centres Effective January 1, 2019

Compliance Program And Code of Conduct. United Regional Health Care System

NOTICE OF PRIVACY PRACTICES Mid-Atlantic Women s Care, PLC Effective Date: September 23, 2013 Last Revised: February 15, 2018

The Code of Ethics applies to all registrants of the Personal Support Worker ( PSW ) Registry of Ontario ( Registry ).

Healthy Babies Healthy Children Program Protocol, 2018

YORK REGION DISTRICT SCHOOL BOARD

NOTICE OF HOSPICE EL PASO S PRIVACY PRACTICES

HANDBOOK FOR THE INDIGENOUS ECONOMIC DEVELOPMENT FUND. January 2018

Notice of Privacy Practices

ACC Privacy Policy. Policy Statement. Objective. Scope. Policy system. Policy standards. Collection

EMPLOYEE HANDBOOK EMPLOYEE HANDBOOK. Code of Conduct

DATA PROTECTION POLICY

physicians, nurses, and technicians and other Facility personnel for review and learning purposes. We may also combine the medical information we

Accountability Framework and Organizational Requirements

NOTE: The first appearance of terms in bold in the body of this document (except titles) are defined terms please refer to the Definitions section.

To ensure proper disclosure and release of Protected Health Information (PHI) Division/Department: All HealthPoint Policy/Procedure #:

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT OF AGING 555 Walnut Street - 5th Floor Harrisburg, Pennsylvania

PRIVACY POLICY. 1. Privacy Statement

Data Breach Notification Guide Policies and Procedures

National Cervical Screening Programme Policies and Standards. Section 2: Providing National Cervical Screening Programme Register Services

Reporting and Investigating Privacy Breaches and Complaints Approval: Original Signed by R. Cloutier. Date: September 2017

Procurement Processes Policy

Defense Security Service Academy OCA Desk Reference Guide

COLLECTION STATEMENT

PRIVACY POLICY 18/8/2016

Catholic Charities Disabilities Services 2017 Family Reimbursement Grant For Respite Funds 1 Park Place, Suite 200 Albany, NY (518)

PUBLIC SERVICES POLICY

Use And Disclosure Of Protected Health Information (PHI) For Research

AUTHORIZATION FOR INDIRECT COLLECTION OF PERSONAL INFORMATION. Ministry of Health & Ministry Responsible for Seniors

NOTICE OF PRIVACY PRACTICES

Workplace Violence & Harassment Policy Final Draft August 3, 2016 Date Approved October 1, 2016

Dr. Kristin Heins, ND Thrive Natural Family Health 110 Eglinton Avenue East, Suite 502 Toronto, Ontario M4P 2Y1 Telephone: (647)

POPULATION DATA BC. Privacy in Health Research. Caitlin Pencarrick Hertzman Population Data BC University of British Columbia CFRI, April 2012

A PHIPA Update from the IPC

Two midwives will attend your birth. In certain circumstances, a senior midwifery student may attend your birth as the 2 nd midwife.

What is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996

Southwest Acupuncture College /PWFNCFS

The National Patient Experience Survey Programme. Statement of information practices

NOTICE OF PRIVACY PRACTICES

Greenwood Connections Notice of Privacy Practice

Notice of Privacy Practices

Overview of. Health Professions Act Nurses (Registered) and Nurse Practitioners Regulation CRNBC Bylaws

ADMINISTRATIVE PROCEDURE 408 Reporting & Investigating Workplace Violence

OMDC Film Fund Production Guidelines, including Diversity Enhancement

Rights and Responsibilities. A guide for patients, carers and families

Associates in ear, nose, throat/ Head & Neck surgery, pllc

HIPAA Notice of Privacy Practices DFD Russell Medical Center Effective April 14, 2003 Updated April 10, 2013

STEADMAN HAWKINS SPORTS MEDICINE SERVICES CONSENT AND AUTHORIZATION

PRIVACY BREACH GUIDELINES

Getting Ready for Ontario s Privacy Legislation GUIDE. Privacy Requirements and Policies for Health Practitioners

Consumer Complaints Management and Resolution Policy

KAWARTHA PINE RIDGE DISTRICT SCHOOL BOARD ADMINISTRATIVE REGULATIONS. SAFETY: WORKPLACE VIOLENCE Policy Code Reference: HR-4.1 PREVENTION Page 1

INSTITUTION OF ENGINEERS RWANDA

CHAPTER 411 DIVISION 20 ADULT PROTECTIVE SERVICES -- GENERAL

Career Development Fellowships 2018 Guidelines for Applicants. Applications close 12 noon 05 April 2018

Aboriginal Community Capital Grants Program Guide

PATIENT NOTICE OF PRIVACY PRACTICES Effective Date: June 1, 2012 Updated: May 9, 2017

VQA WINE SUPPORT PROGRAM PROGRAM GUIDELINES 2017/18

Notice of. Privacy Practices. Dartmouth-Hitchcock Affiliated Covered Entity

Aboriginal Economic Development Fund (AEDF) Handbook

Current Status: Active PolicyStat ID: Origination: 09/2004 Last Approved: 02/2017 Last Revised: 09/2013 Next Review: 02/2019

NOTE: The first appearance of terms in bold in the body of this document (except titles) are defined terms please refer to the Definitions section.

Transcription:

YORK REGION DISTRICT SCHOOL BOARD Policy and Procedure #158.0, Information Access and Privacy Protection Application The Information Access and Privacy Protection policy and procedure addresses the administration of the provisions of the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) as it applies to all information in the custody or under the control of the Board. Stakeholder Groups with Responsibilities Under this Policy Board of Trustees Director of Education Assistant Manager, Records Management/MFIPPA All staff members Members of the public Relationship to Board priorities Safe and supportive schools and workplaces the protection of an individual s privacy rights and personal information is foundational to a safe school and workplace. Inappropriate collection, use, access, disclosure or destruction of personal information can create risk for an individual physically, financially, etc. Demonstrating professionalism and accountability for high standards of practice in all Board operations adherence to this policy and procedure ensures legal compliance. Enhancing confidence in public education by increasing civic engagement MFIPPA and this policy and procedure encourage civic engagement by promoting information accessibility. Document History and Previous Versions Revised 2001 It is the expectation of the York Region District School Board that all employees, students and persons invited to or visiting Board property; or partaking/volunteering in Board or school-sponsored events and activities will respect the policies and procedures of the Board. The term parents refers to both biological/adoptive parents and guardians in all Board policies and procedures.

Board Policy #158.0 Information Access and Privacy Protection Document Integration Project Format Policy Statement The York Region District School Board is committed to accountability and transparency in its operations, and to the protection of personal information. The Board will make general information that is not confidential in accordance with Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) and other relevant legislation and regulations accessible to members of the public. All personal information is treated as confidential, and is collected, used, disclosed and disposed of only in accordance with relevant legislation and regulations including the Canadian Standards Association Model Code for the Protection of Privacy. Responsibilities The Board of Trustees is responsible for: reviewing the Information Access and Privacy Protection policy in accordance with the priorities in the Trustees Multi-Year Plan and the approved policy review cycle; and understanding and communicating with members of the community about the Information Access and Privacy Protection policy, as required. The Director of Education is responsible for: implementing and operationalizing the Information Access and Privacy Protection policy; and making the decision to disclose information where grave environmental, health or safety hazards exist and where compelling public interest applies to information. Administrative Services is responsible for: ensuring requests for general information are processed, in accordance with relevant legislation and regulations; and ensuring the appropriate collection, use, disclosure and destruction of personal information. Staff members are responsible for: treating personal and general information in accordance with relevant legislation and Board policies and procedures. Legislative Context Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) Education Act

Definitions General Information General information refers to recorded information in the Board s custody or control that is not of a personal nature and is not exempt from public access under MFIPPA unless an access exemption applies. Examples of general information that can be routinely released include, but are not limited to, policies, Ministry guidelines and memoranda, travel expense statements, collective agreements, Board plans, public minutes, or school events and programs. Personal Information Personal information is any recorded information that renders an individual identifiable. Examples of records of personal information include, but are not limited to, report cards, letters of suspension, private minutes, vendor and supplier resumés or hearing files. Information about a staff member s professional identity, such as, but not limited to, name, work location or job title, is not personal. Note that most employment related and labour relations related information is excluded from the provisions of MFIPPA. Department Administrative Services Director s Office Policy History Revised 2001 It is the expectation of the York Region District School Board that all employees, students and persons invited to or visiting Board property; or partaking/volunteering in Board or school-sponsored events and activities will respect the policies and procedures of the Board. The term parents refers to both biological/adoptive parents and guardians in all Board policies and procedures.

Board Procedure #158.0 Information Access and Privacy Protection Document Integration Project Format This procedure outlines the administration of the provisions of the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) in the York Region District School Board. Definitions Access Request An access request is a formal application made under MFIPPA for general or personal information or requesting a correction or deletion of one s own personal information. Access requests are placed with the Assistant Manager, Records Management, MFIPPA. Access Appeal A person who has made an access request under MFIPPA may appeal any decision of the Board concerning the request. Access appeals are placed with the Information and Privacy Commissioner of Ontario. Privacy Complaint A privacy complaint is a complaint lodged with the Information and Privacy Commissioner of Ontario against the Board, where it is believed the Board has compromised or breached privacy protection rights by inappropriately collecting, using, disclosing or destroying personal information. Privacy Impact Assessment A Privacy Impact Assessment is an essential assessment of all new or revised processes, programs, or services that collect, use or disclose confidential or personal information. Privacy Impact Assessments are completed by the Assistant Manager Records Management, MFIPPA. Privacy Breach A privacy breach is any event causing personal information to be compromised when it is collected, used, disclosed, retained or destroyed in a manner inconsistent with legislation. Responsibilities The Director of Education shall: allocate staff and resources to support the Information Access and Privacy Protection procedure; and grant or deny access to information requested under MFIPPA. The Assistant Manager, Records Management, Municipal Freedom of Information and Protection of Privacy (MFIPPA) shall: process formal access requests and privacy complaints in accordance with the legislated and regulated process requirements; represent the Board on access appeals; review and approve forms that collect and/or disclose personal information; complete Privacy Impact Assessments;

administer the Privacy Breach Protocol when there is a privacy breach; prepare an annual report to the Information and Privacy Commissioner of Ontario and the Board of Trustees; communicate the public s right of access to general information and an individual's right of access to their personal information; and provide consultation and support regarding information access and privacy protection for staff and members of the public. Staff members shall: release general information, where appropriate; release personal information to the person to whom it relates or to his/her parents, in accordance with MFIPPA; consult with the Assistant Manager, Records Management, MFIPPA when there is uncertainty about the accessibility of information that has been requested; refer all requests for information referencing MFIPPA to the Assistant Manager, Records Management, MFIPPA; and support the protection of personal information by; providing the following information when collecting personal information, what authorizes the collection of the information, such as but not limited to, the Education Act, the purposes for which the information is collected, and the contact information for a person who can explain why the information is required, ensuring that forms that collect and/or disclose personal information are approved by the Assistant Manager, Records Management, MFIPPA, retaining personal information using secure methods for a minimum of 12 months, respecting an individual s right to, access and have copies of their personal information, with limited exceptions, request removal of or corrections to personal information, and lodge a privacy complaint, using the Agreement for the Confidentiality of Information when personal information is to be shared with outside service providers, contacting the Assistant Manager, Records Management, MFIPPA to perform a Privacy Impact Assessment when proposing or revising a program or service involving personal information, and contacting the Assistant Manager, Records Management, MFIPPA if there is a suspected breach of personal information. Members of the public shall: understand that the costs of information access shall be recovered in accordance with the MFIPPA. Department Administrative Services Director s Office Document History and Previous Versions Revised 1999 Revised 2005 It is the expectation of the York Region District School Board that all employees, students and persons invited to or visiting Board property; or partaking/volunteering in Board or school-sponsored events and activities will respect the policies and procedures of the Board. The term parents refers to both biological/adoptive parents and guardians in all Board policies and procedures.

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback