Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.

Published byVincent Ball Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your."— Presentation transcript:

1 Privacy and Personal Information

2 WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your responsibilities with respect to the protection and management of personal information. Which major legislation and policies directly relate to privacy and personal information. WHAT YOU WILL LEARN:

3 Personal information is… Information about an identifiable individual that is recorded in any form

4 EXAMPLES OF PERSONAL INFORMATION: Home address Home telephone number Age, date of birth, gender Blood type Ethnicity, nation of origin, colour of skin Religious beliefs Health care/medical history Opinions about a person from others Marital status Identifying numbers SIN, PRI Credit card numbers Criminal records, fingerprints Curriculum vitae Educational history Financial history Employment information Exact salary

5 DATA ABOUT FEDERAL EMPLOYEES NOT CONSIDERED PERSONAL: Address at work Classification of job position Work-related correspondence Details of employment contract Fact that a person is or was employed by the government Name on government contract Opinion about job Responsibilities of job Salary range Telephone number at work (including business cell phone number) Fax number at work Job title Security level of position

6 Responsibility GoC employees are expected to be aware of and to follow applicable guidelines for the collection of personal information.

7 GUIDELINES: COLLECTION OF PERSONAL INFORMATION Any collection of personal information must be done in consultation with your department’s Access To Information and Privacy (ATIP) office. No personal information shall be collected unless it relates directly to an operating program or activity of the institution.

8 GUIDELINES: COLLECTION OF PERSONAL INFORMATION If you are: –designing a new program or service; –making significant changes to an existing program or service; or –converting from a conventional to an electronic service- delivery method. You should speak to your department’s ATIP office to determine if you must perform a Privacy Impact Assessment (PIA) according to the Treasury Board Secretariat and OIC Privacy Impact Assessment policies.

9 DISCLOSURE IS VERY IMPORTANT It is vital that the following is disclosed to the owners of the personal information: –Why this personal information is being collected; –How this information may be used and if the information is shared, with whom; –How and for how long this information will be held and then disposed of.

10 GUIDELINES: COLLECTION OF PERSONAL INFORMATION The personal information your department collects, uses and discloses must also be registered with the Treasury Board Secretariat in a Personal Information Bank (PIB) through your department’s ATIP office. A PIB is a summary of the type of personal information the department or agency holds that is subject to the Privacy Act. Again, your department’s ATIP office can provide advice on when a PIB is appropriate and the best methods of communicating with information owners.

11 Responsibility GoC employees have a duty to protect and manage personal information about individuals.

12 PROTECTION OF PERSONAL INFORMATION Personal information will typically fall under the security classification of Protected A. Personal information can only be disclosed to the person concerned by the information or to those federal employees who need the information to do their job (those who have a “need to know”). Please see the Information Security Module for more detail on the storage and management of Protected A materials.

13 MANAGEMENT OF PERSONAL INFORMATION: Personal information is sensitive and should be stored and managed accordingly. Personal information should not be collected until it is ready to be used. Personal information should not continue to be stored when it is no longer being used. Personal information should be disposed of two years after all administrative actions are complete.

14 LEGISLATION AND POLICIES The major acts and policies that relate to privacy and personal information are: –The Privacy Act –The Access to Information Act –Personal Information Protection and Electronic Documents Act –Privacy Impact Assessment (PIA) Policy

15 ACCESS TO INFORMATION ACT The Access to Information Act gives Canadian citizens the right to access information in federal government records. This is in keeping with the principles that government information should be available to the public and that exceptions to this should be limited and specific.

16 PRIVACY ACT The Privacy Act protects the privacy of individuals by controlling personal information collected, used, retained or disposed of by federal government institutions. The Act also provides Canadian citizens and other individuals present in Canada with the right to access personal information about themselves held by a government institution.

17 PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT The Personal Information Protection and Electronic Documents Act establishes rules to govern the collection, use and disclosure of personal information by all federally regulated private sector organizations in the course of commercial activity. The Act also provides for the use of electronic alternatives to record or communicate information or transactions, describes the characteristics of secure electronic signatures and the conditions under which electronic signatures can be used to authenticate business transactions and to provide evidence in legal proceedings.

18 PRIVACY IMPACT ASSESSMENT (PIA) POLICY A Privacy Impact Assessment (PIA) is the process used to determine whether a program complies with the Privacy Act when you consider implementing new technologies, information systems, initiatives or policies. The recommendations resulting from a PIA will be used to mitigate any risks.

19 IN SUMMARY: Personal information is information about an identifiable individual that is recorded in any form. You should collect personal information only if you need it, have the authority to do so and are following appropriate guidelines. You must use a process for the storage and management of personal information that both enables access to and protection of the information. You must ensure that personal information is correct and you should practice “just in time” collection of personal information.

20 CONGRATULATIONS! You have just completed Privacy and Personal Information – an IM self-study module. You may now: –Test your knowledge with the following quiz. –Review other IM self-study modules in this series: Information Management 101 Managing Email Effectively Information Security Records Management and You! IM and the Departing Employee Understanding IM Within the Federal Government

Download ppt "Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your."

Similar presentations

How Compliance Fits Sandra Dolson Wholesale Compliance Manager SLF Canada.

How Compliance Fits Sandra Dolson Wholesale Compliance Manager SLF Canada.
Gaucho Round-Up FAQ’s This presentation covers some of the FAQ’s about campus clean-up day. Presentation #4 2/3/2015 1.

Gaucho Round-Up FAQ’s This presentation covers some of the FAQ’s about campus clean-up day. Presentation #4 2/3/
1 Auditing in the Public Interest Records Management in the Victorian Public Sector Audit objective Audit had two objectives : The first objective was.

1 Auditing in the Public Interest Records Management in the Victorian Public Sector Audit objective Audit had two objectives : The first objective was.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Data Protection.

Data Protection.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
Christian Vargas. Also known as Data Privacy or Data Protection Is the relationship between collection and spreading or exposing data and information.

Christian Vargas. Also known as Data Privacy or Data Protection Is the relationship between collection and spreading or exposing data and information.
Data Ownership Responsibilities & Procedures

Data Ownership Responsibilities & Procedures
MINNESOTA GOVERNMENT DATA PRACTICES ACT How the law affects University employees and recordkeeping Susan McKinney Records & Information Management.

MINNESOTA GOVERNMENT DATA PRACTICES ACT How the law affects University employees and recordkeeping Susan McKinney Records & Information Management.
Www.oaic.gov.au Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
1 Office of theCommissariat Privacy Commissionerà la protection de of Canadala vie privée du Canada Personal Information Protection and Electronic Documents.

1 Office of theCommissariat Privacy Commissionerà la protection de of Canadala vie privée du Canada Personal Information Protection and Electronic Documents.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
HIPAA Health Insurance Portability & Accountability Act of 1996.

HIPAA Health Insurance Portability & Accountability Act of 1996.
Information Privacy Policy in Canada Presented By: Sue Wu.

Information Privacy Policy in Canada Presented By: Sue Wu.
What Will My Records Retention Schedule Look Like ?

What Will My Records Retention Schedule Look Like ?
Data Protection for Church of Scotland Congregations

Data Protection for Church of Scotland Congregations

Similar presentations

Ads by Google