Freedom of Information and Protection of Privacy

Similar documents
FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY A. 38

YORK REGION DISTRICT SCHOOL BOARD. Policy and Procedure #158.0, Information Access and Privacy Protection

Routine Disclosure Plan

Opening the Door Hospitals & FOI. Applying PHIPA and FIPPA to Personal. Information: Guidance for Hospitals.

AN OVERVIEW OF FIPPA for FACULTY, INSTRUCTORS & ADMINISTRATORS. Information and tips on how to keep you FIPPA FRIENDLY

STEP BY STEP SCHOOL. Data Protection Policy and Privacy Notice

Personal Information Bank (PIB) Details

Getting Ready for Ontario s Privacy Legislation GUIDE. Privacy Requirements and Policies for Health Practitioners

PROCEDURE-STUDENT RECORDS

Sarnia Police Service Directory of General Records and Personal Information Banks

Dr. Kristin Heins, ND Thrive Natural Family Health 110 Eglinton Avenue East, Suite 502 Toronto, Ontario M4P 2Y1 Telephone: (647)

DATA PROTECTION POLICY

The Personal Health Information Protection Act

Policy Number: Disclosure of Personal. Health Information to Police Approval Signature: Original signed by A. Wilgosh.

OHA Primer: A Practical Guide for Hospital Records Management Programs

INFORMED CONSENT FOR TREATMENT

Summary Privacy Notice

Report of the Information & Privacy Commissioner/Ontario. Review of the Cardiac Care Network of Ontario (CCN):

Your Privacy. Ontario s Information and Privacy Commissioner.

Ministry of Education Saskatchewan Québec Student Exchange Program Criminal Records Check Policy and Procedures

What to do When Faced With a Privacy Breach: Guidelines for the Health Sector. ANN CAVOUKIAN, Ph.D. COMMISSIONER

Office of the Australian Information Commissioner

AUTHORIZATION FOR INDIRECT COLLECTION OF PERSONAL INFORMATION. Ministry of Health & Ministry Responsible for Seniors

SCARF. Serving Children and Reaching Families, LLC. Client Handbook

Application Guidelines

Department of Defense DIRECTIVE

VERMONT JUDICIAL BRANCH EMPLOYMENT APPLICATION

PRIVACY POLICY 18/8/2016

A Deep Dive into the Privacy Landscape

I. PURPOSE DEFINITIONS. Page 1 of 5

Department of Defense DIRECTIVE

PRIVACY BREACH MANAGEMENT GUIDELINES. Ministry of Justice Access and Privacy Branch

PEDIATRIC HEALTH ASSOCIATES HIPAA NOTICE OF PRIVACY PRACTICES

Privacy Toolkit for Social Workers and Social Service Workers Guide to the Personal Health Information Protection Act, 2004 (PHIPA)

Newcomer Settlement Program

PATIENT NOTICE OF PRIVACY PRACTICES Effective Date: June 1, 2012 Updated: May 9, 2017

TITLE 67 CHAPTER 65 RESIDENTIAL LICENSING TRANSITIONAL LIVING LICENSING STANDARDS & REGULATIONS

Information Sharing Drivers and Recommendations. Sherry Liang. Assistant Commissioner. Big Picture Issues The Regulators Perspective October 3, 2015

J.C. Blair Memorial Hospital Huntingdon, PA

UCLA HEALTH SYSTEM CODE OF CONDUCT

The University of Toledo. Corporate Compliance and HIPAA Training. Presented by: The Compliance and Privacy Office

National Industry Standards Code of Ethics and Conduct for Homeownership Professionals

INFORMED CONSENT FOR TREATMENT

NOTICE OF PRIVACY PRACTICES

Access to Health Records Application (Subject Access Request)

POLICY STATEMENT PRIVACY POLICY

Standard Operating Procedures (SOP) Research and Development Office

SUMMARY OF JOINT NOTICE OF PRIVACY PRACTICES (HOSPITAL AND MEMBERS OF ITS MEDICAL STAFF)

MANITOBA GOVERNMENT INVENTORY OF PERSONAL INFORMATION SYSTEMS WORKSHEET. Here are a few important pointers to help you fill out the Worksheet:

Freedom of Information Policy

NOTICE OF PRIVACY PRACTICES

COUNTY OF PERTH. Chief Administrative Officer. Clerk s Office Business Plan. January 2017

[Enter Organization Logo] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW. Policy Number: [Enter] Effective Date: [Enter]

Notice of privacy practices

Alumni Foundation Database

Date last amended: (refer Version Control Table) Director, Governance and Legal Division

PRIVACY POLICY. 1. Privacy Statement

GDPR Records Management Policy

CHARTER ON PATIENTS & HEALTH SERVICE PROVIDERS RIGHTS & RESPONSIBILITIES

Local Health Integration Network Authorities under the Local Health System Integration Act, 2006

NOTICE OF PRIVACY PRACTICES Mid-Atlantic Women s Care, PLC Effective Date: September 23, 2013 Last Revised: February 15, 2018

Registering as a dentist with the General Dental Council (EU/EEA/Switzerland)

System of Records Notice (SORN) Checklist

PRIVACY AND NATURAL MEDICINE PRACTITIONERS

NOTICE OF PRIVACY PRACTICES UNIVERSITY OF CALIFORNIA RIVERSIDE CAMPUS HEALTH CENTER

Data Integration and Big Data In Ontario Brian Beamish Information and Privacy Commissioner of Ontario

1 LAWS of MINNESOTA 2014 Ch 250, s 3. CHAPTER 250--H.F.No BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA:

NOTICE OF PRIVACY PRACTICES

NOTICE OF PRIVACY PRACTICES Effective Date: April 14, 2003

IVAN FRANKO HOME Пансіон Ім. Івана Франка

HIPAA Privacy Rule. Best PHI Privacy Practices

New Patient Information

Newcomer Settlement Program

I SBN Crown copyright Astron B31267

PRIVACY MANAGEMENT FRAMEWORK

PRIVACY AND ANTI-SPAM CODE FOR OUR ORGANIZATION

Registration and Renewal Policy

NOTICE OF PRIVACY PRACTICES

Amendments to The Workplace Safety and Health Act

New York Notice Form Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information

Patient name (print) Signature of Patient/ Legal Representative. Relationship to Patient FOR OFFICE USE ONLY

HIPAA IMPLICATIONS: Patient Rights Under HIPAA

Snooping Rights and Responsibilities

Regulatory Issues Facing Student Health Centers Presented by: Richard T. Yarmel and Edward H. Townsend

Notice of Health Information Privacy Practices Acknowledgement

POPULATION DATA BC. Privacy in Health Research. Caitlin Pencarrick Hertzman Population Data BC University of British Columbia CFRI, April 2012

If you have any questions about this notice, please contact our privacy officer Dr. Jev Sikes at

PARAGOULD DOCTORS CLINIC PRIVACY NOTICE

A Patient s Bill of Rights and Responsibilities, Including Visitation Rights

appendix a: freedom of information and protection of privacy fact sheet

Health Information Privacy Policies and Procedures

Compliance Program And Code of Conduct. United Regional Health Care System

AUSTRALIAN RESUSCITATION COUNCIL PRIVACY STATEMENT

Notice of Privacy Practices

Do You Qualify? Please Read Carefully:

JOINT NOTICE OF PRIVACY PRACTICES

Handout 8.4 The Principles for the Protection of Persons with Mental Illness and the Improvement of Mental Health Care, 1991

INVESTIGATION REPORT

WELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.

physicians, nurses, and technicians and other Facility personnel for review and learning purposes. We may also combine the medical information we

Transcription:

Freedom of Information and Protection of Privacy 1

INTRODUCTION The Freedom of Information and Protection of Privacy Act (FIPPA) has two main purposes in the context of Ontario Universities: Providing a right of public access to university-held records Protecting the privacy of universityheld personal information 2

Key FIPPA Principles ACCESS Right of access to university records For the most part, business as usual Formal access process available Exemptions to access are limited and specific Independent review: All decisions can be appealed to the Information and Privacy Commissioner of Ontario 3

What is a Record? A record is any record of information, however recorded, whether in printed form, on film, by electronic means or otherwise This INCLUDES drafts, post-it notes, hard drive files, Blackberrry, e-mail, voice mail, agendas, address books 4

Privacy Privacy protection respecting university-held personal information Statutory rules for collection, use, disclosure, retention and disposal of personal information by institution in its activities Right to access and request correction of own personal information Right to complain to Information and Privacy Commissioner when privacy rights have been violated 5

What is Personal Information? Recorded information about an identifiable individual including: Ethnic origin, race, religion, age, sex, sexual orientation, etc. Information on education, financial, employment, medical, psychiatric, psychological or criminal history Identifying numbers Home address, telephone number etc. Personal opinions of, or about, an individual Personal correspondence Name where it appears with or reveals other personal information Name, position and records about routine work matters NOT usually considered personal information 6

Privacy under FIPPA Personal Information: Collection Must have legal authority to collect; Must collect directly from individual Must provide notice of collection 7

Privacy under FIPPA Personal Information: Use With consent; For original or consistent purpose; For other limited circumstances; Where necessary for fundraising 8

Privacy under FIPPA Personal Information: Disclosure With consent; For original/consistent purpose In accordance with FOI request Where needed in connection with duties Compliance with legislation Law enforcement/investigation Compelling/compassionate circumstances 9

Privacy under FIPPA Personal Information: Retention - Destruction Must maintain for at least a year after last use; Only use if accurate, up to date; Dispose of effectively/securely; Use appropriate security and precautions; Must not destroy requested records; Willful disclosure without authority an offence 10

Delegation of FOI Decision Making Power Formal written delegation is framework for FOI/Privacy program President is designated as the Head for FIPPA purposes The Head delegates decision making powers to appropriate official(s) Delegation also assigns responsibility for privacy protection 11

Essential Considerations Determine identity of FOI/Privacy Officer and Coordinator Establish and communicate clear roles and responsibilities for all staff involved in the FOI process Ensure privacy requirements are communicated to all staff Determine what records can be released without a formal FOI request Ensure availability of support from legal counsel Appropriate accommodations for FOI/Privacy Office secure location Provide effective blueprint for FOI program 12

Annual Reporting IPC Required to report annually to IPC on FOI compliance Detailed statistics relating to the processing of formal FOI requests must be reported to IPC 13

Annual Reporting Directory of Records DOR must include: Description of organization and responsibilities of institution, including details of the programs and functions of each division or branch of institution An index of all Personal Information Banks including: Name and location Legal authority for its establishment Types of information maintained and how used Who information disclosed to Categories of individuals to whom information relates Record retention policy and practices A list of the General classes or types of records prepared by or in the custody or control of each institution The title, business number and address of the head 14

Additional Requirements FIPPA requires establishment of a reading room Following documents must be available for inspection and copying Manuals, directives or guidelines prepared and used to determine the eligibility of an individual for a program Instructions and guidelines re procedures, methods or objectives in administering or enforcing the provisions of any enactment or scheme that affects the public Annual report to the IPC 15

FOI/Privacy Coordinator Coordinator role includes: Process FOI requests within 30 day time limit Deal with IPC on appeals, investigations Provide privacy and access advice as required 16

FOI/Privacy Coordinator Other Possible Duties Support sound privacy practices Help identify records for routine disclosure Assist on initiatives involving personal information Help staff avoid privacy pitfalls 17

FOI/Privacy Guidelines Guidelines should describe: Roles & responsibilities for all officials involved in FOI/Privacy Accountabilities including: Who provides resources; legal support; delegation of authority; approvals and sign-off processes - Appropriate resource levels including: financial; HR; FOI staff skills and competencies; training; accommodations 18

Sample Personal Information Bank Directory Personal Information Bank Title Location Legal Authority to Collect Information Held Purpose Users Individuals in PIB Retention And Disposal Period Board Member Profiles University Secretariat McMaster University Act (1976) Name; spouse's name; children's names; home address; home telephone number; home fax number; home email address; business address; business telephone number; business fax number; business email address; staff contact information; résumé; citizenship information; photograph Government Filing requirements; notification of meetings and events; Determining Membership eligibility University Secretariat; President and Vice Presidential offices; Office of Public Relations; select information disclosed to COU and Ministry of Consumer & Business Services Members of Board of Governors and their family embers Kept Indefinitely Senate Member Contact sheets University Secretariat McMaster University Act (1976) Name; business and/or home address; business and/or home telephone number; email address; staff contact information; Notification of meetings and events University Secretariat; President and Vice Presidential offices; Office of Public Relations Members of Senate Kept Indefinitely 19

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback