VIU Workshop: Creating a Culture of Privacy Awareness June 12, 2013 By Justin Hodkinson OIPC Policy Analyst/Investigator Office of the Information & Privacy.

Slides:

Advertisements

Similar presentations

Protect Our Students Protect Ourselves

Advertisements

Family Educational Rights and Privacy Act (FERPA) Basics For Faculty and Staff.

Privacy and Confidentiality at Mohawk College Good afternoon: Now I know that you have been waiting for this topic, but I would ask that you keep.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

NAU HIPAA Awareness Training

1 Opening the Door: Access to Government Information A primer for Media Students Mohawk College Sept. 18, 2002 Bob Spence Communications Co-ordinator Office.

PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.

The Problem Solvers TM Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.

Research and the Health Information Act Rachel Hayward Office of the Information and Privacy Commissioner of Alberta.

The Privacy Office U.S. Department of Homeland Security Washington, DC t: ; f: Safeguarding.

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

BC Freedom of Information and Protection of Privacy Act

Presentation by Mark Grady Vancouver Island University June 13, 2012.

Developing a Records & Information Retention & Disposition Program:

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

DEED WorkForce Center Reception and Resource Area Certification Program Module 2 Unit 1b: WorkForce Center System II Learning Objectives III.

Anglican Province of Canada Privacy Policy. Commitment to Privacy The Privacy Policy, including the Web Privacy Statement, is the Anglican Province of.

Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Act. Lesson Objectives To understand the data protection act.

HIPAA Privacy & Security EVMS Health Services 2004 Training.

Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.

Practical Information Management

13 July 2006Susan Joseph Health Privacy It’s My Business Health Records Act 2001 (Vic) eReferral Service Co-ordination System.

Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

HIPAA PRIVACY AND SECURITY AWARENESS.

Confidentiality, Consents and Disclosure Recent Legal Changes and Current Issues Presented by Pam Beach, Attorney at Law.

Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.

Privacy and Information Management ICT Guidelines.

Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.

Family Educational Rights and Privacy Act. From the moment a child enters the school system, sensitive information is collected about the child (and even.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.

Family Educational Rights and Privacy Act (FERPA) UNION COLLEGE.

The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.

The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;

PIPEDA and Receivables Management Robin Gould-Soil Receivables Management Association of Canada November 16, 2011.

Privacy Challenges for Condominium Corporations and Condominium Managers presented to the Association of Condominium Managers of Alberta by Carmen Mann,

0 Managing Student Records Legally and Effectively Tiffany Hogue Provost’s Office Spring 2009.

IT Applications Theory Slideshows By Mark Kelly Vceit.com Privacy Laws.

Data Practices in Minnesota December Outline for this presentation Minnesota data practices laws Classification of government data Government entity.

An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.

Privacy Information for Advisors. Agenda PIPEDA Advisor Required Privacy Program Our MGA Privacy Program Recommendations for Advisors.

Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.

Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.

Taylor County Schools FERPA (Confidentiality) Training August 17, 2010.

Data protection and data sharing

Protecting PHI & PII 12/30/2017 6:45 AM

Referral to Community Support Services

Protection of CONSUMER information

Privacy principles Individual written policies

Obligations of Educational Agencies: Parents’ Bill of Rights

IT Applications Theory Slideshows

Privacy principles Individual written policies

Privacy & Access to Information

Move this to online module slides 11-56

G.D.P.R General Data Protection Regulations

Managing Student Records Legally and Effectively

Move this to online module slides 11-56

Data protection and data sharing

GDPR Quiz Today’s trainer: Click here to use Kahoot! 1

On the Cutting Edge – Update on Privacy Legislation

HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.

HIPAA Overview.

Government Data Practices & Open Meeting Law Overview

Good Spirit School Division

Government Data Practices & Open Meeting Law Overview

Move this to online module slides 11-56

The Freedom of Information and Data Protection Legislation An Overview

IT and Society Week 2: Privacy.

Presentation transcript:

VIU Workshop: Creating a Culture of Privacy Awareness June 12, 2013 By Justin Hodkinson OIPC Policy Analyst/Investigator Office of the Information & Privacy Commissioner for British Columbia Protecting privacy. Promoting transparency.

Agenda Protection of Privacy60 minutes Privacy Quiz 5 minutes Coffee/Tea Break10 minutes FIPPA Basics25 minutes Question Period20 minutes Exam20 minutes Office of the Information & Privacy Commissioner for British Columbia

VIU Privacy Policies Arriving Soon! Office of the Information & Privacy Commissioner for British Columbia

Privacy Breaches Not a question of IF But a question of WHEN & HOW BIG Office of the Information & Privacy Commissioner for British Columbia

Common Privacy Breaches Stolen laptops or local hard drives Lost or stolen documents Blowing out of garbage trucks Lost, stolen or misplaced recycling bins Files on car roofs Inappropriate or unauthorized behaviour Browsing database Blogs Inadvertent disclosures Mailing system errors Faxing errors Office of the Information & Privacy Commissioner for British Columbia

Protecting PI Outside off Campus Office of the Information & Privacy Commissioner for British Columbia

F12-02 U of Vic Investigation Report Importance of a Privacy Management Framework & Encryption Office of the Information & Privacy Commissioner for British Columbia

Layering Approach to Security Office of the Information & Privacy Commissioner for British Columbia

Social Media Background Checks Office of the Information & Privacy Commissioner for British Columbia

Issues with Social Media Background Checks Accuracy Collecting irrelevant or too much information Overreliance on consent Third party information Office of the Information & Privacy Commissioner for British Columbia

Before you check…remember Personal information you collect is subject to FIPPA Consider less intrusive ways to meet your purpose Assess the risks Ensure you have authority to collect Develop policies and procedures to address risks Be prepared to respond to requests for access, correction or for withdrawal of consent Office of the Information & Privacy Commissioner for British Columbia

… don’t x Wait until after you check to assess the risks x Assume you are only collecting information about one person x Assume that the information will be accurate x Use a personal account to perform the check x Ask a 3 rd party to do the check x Think the person will not find out Office of the Information & Privacy Commissioner for British Columbia

What is Cloud Computing? Office of the Information & Privacy Commissioner for British Columbia

Weighing Your Options Office of the Information & Privacy Commissioner for British Columbia

Cloud Computing: Issues Office of the Information & Privacy Commissioner for British Columbia

What should you ask your prospective cloud provider? Office of the Information & Privacy Commissioner for British Columbia

What should you ask yourself? Office of the Information & Privacy Commissioner for British Columbia

Privacy Emergency Kit What data can VIU share during an emergency? Office of the Information & Privacy Commissioner for British Columbia

VIU Alumni Association’s Use of PI Office of the Information & Privacy Commissioner for British Columbia

Sharing PI between VIU Departments Office of the Information & Privacy Commissioner for British Columbia

Sharing Health Information Office of the Information & Privacy Commissioner for British Columbia

PIAs & Self-Generated Research Office of the Information & Privacy Commissioner for British Columbia

S. 35 of FIPPA Research Agreements Office of the Information & Privacy Commissioner for British Columbia

Sharing Students’ Addresses Office of the Information & Privacy Commissioner for British Columbia

Privacy Quiz Time! Office of the Information & Privacy Commissioner for British Columbia Protecting privacy. Promoting transparency. Presented by: Justin Hodkinson, Investigator

Office of the Information & Privacy Commissioner for British Columbia 1. What does P.I.A. really mean?

Office of the Information & Privacy Commissioner for British Columbia 2. Where can you store personal information?

Office of the Information & Privacy Commissioner for British Columbia 3. Retention

Office of the Information & Privacy Commissioner for British Columbia 4.Who are you gonna call?

5.Speed Round The Dean of the Business Department approaches you, the Registrar, & asks for a student’s home address. The Dean explains that she has reason to believe that the student is about to commit suicide & she wants to warn the student’s older sister, who still lives with their parents. How would you respond to this request for student information?

Office of the Information & Privacy Commissioner for British Columbia Web Cam & VideoSurveillance Video Surveillance

Office of the Information & Privacy Commissioner for British Columbia More Information Video Surveillance: ance_Guidelines(March2008).pdf Social Media Background checks: SocialMediaBackgroundChecks.pdf Cloud Computing: r_SMEs_guidance_document.pdf

Office of the Information & Privacy Commissioner for British Columbia

FOI ACCESS Office of the Information & Privacy Commissioner for British Columbia

10 Principles for Privacy Compliance Be accountable Identify the purpose Obtain consent Limit collection, use, disclosure Limit retention Be accurate Use appropriate safeguards Be open Give access Challenging compliance

Office of the Information & Privacy Commissioner for British Columbia About the OIPC… Independent office of the Legislature Oversees privacy and access issues in the public (FIPPA) and private sector (PIPA) Power to investigate, mediate & adjudicate Guidelines, public education & reports

Role of the OIPC Office of the Information & Privacy Commissioner for British Columbia

What is “personal What is “personal information” ? information” ?  Information that can identify an individual: name, address, phone number, ID number.  Information about an identifiable individual: physical description, educational qualifications, blood type.

Office of the Information & Privacy Commissioner for British Columbia Access basics Anyone can ask for their own personal information Student can ask for exam questions but VIU will not disclose them Must remove certain information May remove other information

What is purpose of FIPPA? FIPPA passed in Purposes of this Act 2 (1) The purposes of this Act are to make public bodies more accountable to the public and to protect personal privacy by (a) giving the public a right of access to records, (b) giving individuals a right of access to, and a right to request correction of, personal information about themselves, (c) specifying limited exceptions to the rights of access (d) Preventing the unauthorized collection, use or disclosure of personal information by public bodies, … Office of the Information & Privacy Commissioner for British Columbia

Employee Records & Investigations Office of the Information & Privacy Commissioner for British Columbia

Reasons for Extensions Office of the Information & Privacy Commissioner for British Columbia

Safeguarding basics Security Practices Retention Practices Disposal Practices

Custody & Control Office of the Information & Privacy Commissioner for British Columbia

Clarify Requests & Talk with Applicants Office of the Information & Privacy Commissioner for British Columbia

Fees Office of the Information & Privacy Commissioner for British Columbia

Fee Estimates Office of the Information & Privacy Commissioner for British Columbia

Questions? Office of the Information & Privacy Commissioner for British Columbia

Thank you Office of the Information and Privacy Commissioner for British Columbia Telephone: (250) (general) (250) (my direct line) Toll-free access call Enquiry BC at one of the numbers listed below and request a transfer to (250) : Vancouver: (604) Elsewhere in BC: (800) or Facsimile: (250)