IM NETWORK MEETING 20 TH JULY, 2010 CONSULTATION WITH 3 RD PARTIES.

Slides:



Advertisements
Similar presentations
HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
Advertisements

Protect Our Students Protect Ourselves
The Data Protection Act - an absolute right to ask but a qualified right to receive Maureen H Falconer Senior Policy Officer, ICO CELCIS, Scottish University.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training
Christian Vargas. Also known as Data Privacy or Data Protection Is the relationship between collection and spreading or exposing data and information.
Right to Privacy: The Unwritten Right
Freedom of Information What does it mean for us? Introductory Training Session.
BC Freedom of Information and Protection of Privacy Act
DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
Data Protection and Records Management
2/16/2010 The Family Educational Records and Privacy Act.
FERPA: Protect our Students by Protecting their Records Prepared by Rebekah D. Mathis-Stump, JD.
The Family Educational Rights and Privacy Act (FERPA) The Importance of Protecting Student Records This session will help you better understand the law.
Transparency in Public Administration – FOI and EIR
Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.
"Can I give this out?" What Frontline Staff Need to Know About FOI and Privacy 2010 LGMA Administrative Professionals' Conference Paul Hancock, City of.
1 OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002.
DATA PRIVACY PERSONNEL FILES “P-FILE”. Wisconsin Public Records Wisconsin Statue – Wisconsin Statue – Wisconsin Statue 230 Wisconsin.
13 July 2006Susan Joseph Health Privacy It’s My Business Health Records Act 2001 (Vic) eReferral Service Co-ordination System.
Public rights of access to information Grisilda Ponniah, Corporate Information Governance Manager Mary Elliott, FOI Officer Legal & Democratic Services.
OCR Nationals Level 3 Unit 3.  To understand how the Data Protection Act 1998 relates to the data you will be collecting, storing and processing  To.
Data Protection Act AS Module Heathcote Ch. 12.
CONFIDENTIALITY Q & A’s for School Staff. What Laws Apply to Records of Students? ► 2 Federal Laws  Family Education Rights and Privacy Act (FERPA) 
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
Data Protection Act & Freedom of Information Simon Mansell Corporate Governance and Information Team.
FERPA Basics From the University of Northern Iowa and Office of the Registrar.
CIVIL RIGHTS FOR SCHOOL NUTRITION PROGRAMS Presented to School Nutrition Managers and Employees North Carolina Department of Public Instruction Safe and.
OPEN UP! Introduction to handling Freedom of Information requests.
1 CONFIDENTIALITY. 2 Requirement Under IDEA 34 CFR Sec (c) All staff collecting or using personally identifiable information in public education.
IT Applications Theory Slideshows By Mark Kelly Vceit.com Privacy Laws.
IM NETWORK MEETING 20 TH JULY, 2010 Disclosure Logs.
FOI CIRCULARS Natasha Bodden Policy Analyst FOI Unit June 2009.
Freedom of Information (General) Regulations, 2008 Natasha N. Bodden, LLB FOI Policy Analyst FOI Policy Analyst Freedom of Information Unit Cayman Islands.
12/12/2015 Data Protection Act /12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal.
Family Educational Rights and Privacy Act.  What is FERPA?  What Information May Be Released?  Request Non-Release of Directory Information  What.
When Can You Redact Information Without Requesting an Attorney General Decision? Karen Hattaway Assistant Attorney General Open Records Division Views.
ANONYMISATION Research Data Management. c Research Data Management Sensitive Data Sensitive Data is information covering: The racial or ethnic origin.
Introduction Data protection is relevant to every individual, business or organisation today, not just Local Government. As well as protecting privacy,
An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.
The Protection of Personal Information Bill 13 February
19 th Theater Support Command Inspector General NEED ASSISTANCE? Before You Tell it to Your Inspector General….Give Your Chain of Command a Chance to Solve.
Privacy Compliance in Schools Darrebin A/P’s Network 7 May 2009.
FREEDOM OF INFORMATION Getting to grips with the Act.
Your Rights! An overview of Special Education Laws Presented by: The Individual Needs Department.
Procedural Safeguards for Parents What Educators Should Know Michelle Mobley NELA Cohort III.
CONFIDENTIALITY. Three Confidentiality Laws 1.FERPA-Family Education Rights and Privacy Act (State Policy 4350: Procedures for the Collection, Maintenance.
© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.
Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.
Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Freedom of Information Act ‘What you need to know’ Corporate Information Governance Team Strategic Intelligence.
Understanding Privacy An Overview of our Responsibilities.
Disclaimer This presentation is intended only for use by Tulane University faculty, staff, and students. No copy or use of this presentation should occur.
TRANSBORDER DATA FLOWS INA MEIRING. THE PROTECTION OF PERSONAL INFORMATION ACT (“POPI”) > 'personal information' means information relating to an identifiable,
LAW RIGHT TO PRIVACY NOTES 1. Def: Right protecting citizens from unreasonable interference by government 2. No right to privacy in the Constitution.
Students’ Unions 2011 Data Protection and Students’ Unions Mairead O’Reilly 19 July 2011.
HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.
Rights and responsibilities of providers and individuals
Privacy principles Individual written policies
IT Applications Theory Slideshows
Data Protection Legislation
Data Protection & Freedom of Information- An Introduction
GENERAL DATA PROTECTION REGULATION (GDPR)
Move this to online module slides 11-56
New Data Protection Legislation
G.D.P.R General Data Protection Regulations
How we use Your Health Records
Understanding Data Protection
Presentation transcript:

IM NETWORK MEETING 20 TH JULY, 2010 CONSULTATION WITH 3 RD PARTIES

Objects of the Law (s.4) - TAP To reinforce and give further effect to certain fundamental principles underlying the system of constitutional democracy, (a) transparency (b) accountability and (c) public participation in national decision- making, by granting to the public a general right of access to records held by public authorities

Rights of third parties A “third party” is any person referred to in a requested record who is not the applicant. A “third party” is any person referred to in a requested record who is not the applicant. The personal information of third parties is to be protected. The personal information of third parties is to be protected. A third party has the right to appeal if: A third party has the right to appeal if: An applicant has requested the third party’s personal information, AND An applicant has requested the third party’s personal information, AND The public authority intends to release it. The public authority intends to release it.

s. 23 –Personal information The purpose of this section is to protect personal information and privacy of natural persons, including deceased persons. The purpose of this section is to protect personal information and privacy of natural persons, including deceased persons. This a non absolute exemption that recognizes that there may be a public interest in disclosure in some individual cases. This a non absolute exemption that recognizes that there may be a public interest in disclosure in some individual cases. This exemption does not apply when the applicant requests their own information - s. 23(2) says records are NOT exempt where the application for access is made by the person to whose affairs the record relates! This exemption does not apply when the applicant requests their own information - s. 23(2) says records are NOT exempt where the application for access is made by the person to whose affairs the record relates!

s. 23 – Personal information 1. identify the personal information 2. consider whether the disclosure would be unreasonable. Personal information is defined in the FOI Regs - but is not an exhaustive list. Personal information is defined in the FOI Regs - but is not an exhaustive list. Personal information is information whether true or not about an individual whose identity is apparent or can be ascertained from the information (e.g.: by name, address, position, other elements). Personal information is information whether true or not about an individual whose identity is apparent or can be ascertained from the information (e.g.: by name, address, position, other elements).

What is “unreasonable” disclosure? Factors that could be considered include: Factors that could be considered include: Whether the information is already in the public domain Whether the information is already in the public domain The circumstances in which the information was obtained e.g in confidence The circumstances in which the information was obtained e.g in confidence The nature of the information e.g bland vs information of misconduct The nature of the information e.g bland vs information of misconduct Consideration of any objection Consideration of any objection Whether the information relates to matters of personality, private characteristics or disposition. Whether the information relates to matters of personality, private characteristics or disposition.

What is NOT Personal Information? Where the individual occupies or has occupied a position in a public authority, the name of the person or information relating to the position or its functions or the terms upon and subject to which the person occupies or occupied that position or anything written or recorded in any form by the person in the course of and for the purpose of the performance of those functions; Where the individual occupies or has occupied a position in a public authority, the name of the person or information relating to the position or its functions or the terms upon and subject to which the person occupies or occupied that position or anything written or recorded in any form by the person in the course of and for the purpose of the performance of those functions;

What is NOT Personal Information? Where the individual is or was providing a service for a public authority under a contract for services, the name of the individual or information relating to the service or the terms of the contract or anything written or recorded in any form by the person in the course of and for the purposes of the provision of the service; Where the individual is or was providing a service for a public authority under a contract for services, the name of the individual or information relating to the service or the terms of the contract or anything written or recorded in any form by the person in the course of and for the purposes of the provision of the service;

What is NOT Personal Information? The view or opinions of the individual in relation to a public authority, the staff of a public authority or the business or the performance of the functions of a public authority. The view or opinions of the individual in relation to a public authority, the staff of a public authority or the business or the performance of the functions of a public authority. Information that would routinely or previously be released before the FOI Law came into effect! Information that would routinely or previously be released before the FOI Law came into effect!

What IS Personal Information?

An individual’s: name, home or business address or home or business telephone number name, home or business address or home or business telephone number race, national or ethnic origin, colour or religious or political beliefs or associations race, national or ethnic origin, colour or religious or political beliefs or associations age, sex, marital status or family status age, sex, marital status or family status identifying number, symbol or other particular assigned to the individual identifying number, symbol or other particular assigned to the individual finger prints, other biometric information, blood type, genetic information or inheritable characteristics finger prints, other biometric information, blood type, genetic information or inheritable characteristics

What IS Personal Information? Information about the individual’s health and health care history, including information about a physical or mental disability Information about the individual’s health and health care history, including information about a physical or mental disability Information about the individual’s educational, financial, employment or criminal history, including criminal records where a pardon has been given Information about the individual’s educational, financial, employment or criminal history, including criminal records where a pardon has been given Anyone else’s opinions about the individual, and Anyone else’s opinions about the individual, and The individual’s personal views or opinions, except if they are about someone else. The individual’s personal views or opinions, except if they are about someone else.

When must third parties be notified? Per the FOI Regulations, each authority must: Log the date a FOI application is received Log the date a FOI application is received Check whether the application will result in the release of the personal information of any third party Check whether the application will result in the release of the personal information of any third party Notify those third parties in writing within 14 days, and delay access so they have 28 days (after notification) to object Notify those third parties in writing within 14 days, and delay access so they have 28 days (after notification) to object >> If no release would normally occur, no notice is required.

How third parties must be notified The authority must take all reasonable steps to locate the third parties. The first notice should be in writing, but if there is no response try phone, fax, , and all other possible methods. The authority must take all reasonable steps to locate the third parties. The first notice should be in writing, but if there is no response try phone, fax, , and all other possible methods. Contents of the notice: Contents of the notice: “A FOI request has been made for information which includes your personal information” “A FOI request has been made for information which includes your personal information” Describe the request and the record(s) concerned Describe the request and the record(s) concerned “Within 28 days you may either agree to disclosure or explain why the information should not be disclosed” (the latter in written form) “Within 28 days you may either agree to disclosure or explain why the information should not be disclosed” (the latter in written form) “14 days after we hear from you (or after the 28 days expires), we will make our decision about release and advise you accordingly” “14 days after we hear from you (or after the 28 days expires), we will make our decision about release and advise you accordingly”

Third parties: making the decision Information Managers may use their discretion to extend the 28 days allowed for responses by third parties (especially if there is difficulty contacting them) Information Managers may use their discretion to extend the 28 days allowed for responses by third parties (especially if there is difficulty contacting them) Decision on access should be made within 14 days of the response being received from the last of the third parties (or the 28 days expiring) Decision on access should be made within 14 days of the response being received from the last of the third parties (or the 28 days expiring)

The Information Manager must give written notice of each decision on access. The Information Manager must give written notice of each decision on access. Where third parties have been notified and the decision is to grant access, this written notice goes to: Where third parties have been notified and the decision is to grant access, this written notice goes to: a) the applicant; a) the applicant; b) the third party or parties; and b) the third party or parties; and c) the Information Commissioner. c) the Information Commissioner. The notice to the third parties must include details of their rights of appeal of the decision directly to the Information Commissioner. The notice to the third parties must include details of their rights of appeal of the decision directly to the Information Commissioner. Third parties: who is informed when access is to be granted

The decision letter advises that access will be given unless a third party appeals (against the decision) to the Information Commissioner. Third parties must appeal within 30 days after the date of the decision. Third parties must appeal within 30 days after the date of the decision. The Information Commissioner can optionally extend this period a further 30 days. The Information Commissioner can optionally extend this period a further 30 days. Therefore, in order to make sure there is no appeal, the authority must delay access (to the applicant) until 60 days have passed. Therefore, in order to make sure there is no appeal, the authority must delay access (to the applicant) until 60 days have passed. Third parties: rights of appeal

Where the decision is not to grant access, the written notice to the applicant must include information about the applicant’s rights of appeal against the decision to exempt the information. The applicant has the right to request an internal review and/or appeal to the Information Commissioner. Third parties: who is informed when access is not granted

Consulting third parties about requests for other than personal information When considering release of the following, check whether any third party may have sent or supplied the information or have a close and direct interest in it: When considering release of the following, check whether any third party may have sent or supplied the information or have a close and direct interest in it: Contracts and tenders Contracts and tenders Other commercial information Other commercial information Information provided by foreign governments Information provided by foreign governments Consultation with third parties may play an important part in considering whether exemptions apply, particularly those relating to confidence & commercial sensitivity. Consultation with third parties may play an important part in considering whether exemptions apply, particularly those relating to confidence & commercial sensitivity.

Where information is non personal: Where information is non personal: Consultation with interested third parties is “informal” only; the third parties’ views are not binding Consultation with interested third parties is “informal” only; the third parties’ views are not binding Third parties have no rights of appeal under the FOI Law Third parties have no rights of appeal under the FOI Law Public authorities have the statutory authority to decide on access without formal consultation…with one exception… Public authorities have the statutory authority to decide on access without formal consultation…with one exception… Consulting third parties about requests for other than personal information

Consider whether the release of this information would be an actionable breach of confidence: Where your authority expressly agrees or undertakes to keep information confidential, there is an express duty of confidence. Where your authority expressly agrees or undertakes to keep information confidential, there is an express duty of confidence. Where the nature of the information or the circumstances in which the information is obtained imply that your public authority should keep the information confidential, there is an implied duty of confidence. Where the nature of the information or the circumstances in which the information is obtained imply that your public authority should keep the information confidential, there is an implied duty of confidence. Requests for other than personal information: KEY EXCEPTION

Scenarios – reasonable or unreasonable to disclose? 1. Applicant asks for the salary and employment contract of a consultant / employee. 2. Applicant would like to know how many dependants an employee has. 3. An employee would like to view his entire personnel file, including the letters of complaints against him written by other staff members. 4. Criminal record of an employee. 5. Performance review of an employee.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.