Download presentation
Presentation is loading. Please wait.
2
Privacy and Information Management ICT Guidelines
3
Every one of us has a responsibility to safeguard the personal information we deal with on a daily basis.
4
Access to Personal Information Under the Education Act, Board employees are granted the right to access an individual’s personal information, when that access is directly tied to the needs of the role.
5
What is Personal Information? Under the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), “personal information” is any recorded information that can identify an individual, such as: demographic information such as name, address, phone ethnic background medical and/or health records student achievement employment history criminal history
6
What is Consent? Under the Education Act, school boards have the authority to collect personal information about students when they register. Consent is explicit as parents fill in the information and provide it to the school personally at the time of registration Informed consent is when it is defined for parents why you’re collecting, what you’re collecting, what you will do with it and who you will share it with It’s when the information has to be shared with others that problems can arise. There are some good basic rules to follow, however.
7
Seven Virtues of Privacy Protection The Information and Privacy Commissioner of Ontario and the Access and Privacy Office of the Ontario government offer advice for safeguarding personal information: 1.Collect only as much personal information as you need to do your job. 2.Collect information directly from individuals, or for students under 18, directly from their parents or guardians – not from third parties. 3.Explain why you need to collect the information and exactly how it will be used.
8
Seven Virtues of Privacy Protection 4.Get consent from students, or for students under 18, from parents, for the collection, storage and use of personal information. 5.Store personal information securely. Keep hard copies under lock and key, such as in a locked filing cabinet; keep electronic documents on a password-protected computer. A clean desk will help prevent sensitive information being misplaced or stolen.
9
Seven Virtues of Privacy Protection 6.When in doubt, ask for advice from the school principal or the board staff member in charge of privacy. (Ontario law requires every board to have one such contact person.) 7.When you no longer need the personal information to do your job, destroy it by shredding paper documents or securely erasing electronic ones.
10
Sensitive information is at your fingertips throughout your work day In many formats – electronic, hard copy, verbal How Does it Affect Me??
11
Common Daily Practices Always lock your laptop or workstation when away from your desk ( Windows-L) Make sure your screen is not visible to others if displaying personal information (Windows-D will minimize all open windows) Put papers or files away securely when not working with them
12
Common Daily Practices - continued Double-check which printer you’re sending to before you hit “ok” and immediately collect sensitive documents Dispose of sensitive information in designated shredding bins
13
Laptops & Other Mobile Devices Always encrypt or password protect your USB keys, external drives, etc. Never keep your only copy on a USB or other device – make sure to have another copy on a board file share. Do not save board information on a personal device. Use a protected USB key and work from that. Never auto-forward your FirstClass email to a personal device or account.
14
Laptops & Other Mobile Devices – continued Never leave your laptop in a car. Lock it in the trunk before leaving for your destination, if you’re not going straight home or to work. Physically lock your laptop up when not in use (cable lock, locked cabinet, etc.) Never keep the only copy of a file on the laptop– make sure to have another copy on a board file share or home drive
15
Laptop and Other Mobile Devices - continued If your laptop is lost or stolen, you need to report it immediately to your Principal KNOW what is on it Don’t load unauthorized or unsupported applications. They can pose a huge risk to privacy of information. (i.e. - shareware such as LimeWire)
16
Good Password Management Passwords are now being synchronized to help you remember. Where you used to have a password for each system, you now have one password to MANY systems, including your HR system. While this is easier for you, it raises the risk of disclosure if you don’t follow the rules…
17
Good Password Management Never write your passwords down where they can be viewed by others (sticky notes, labels, etc.) Never share your password with anyone else Don’t log anyone else onto a computer with your password Follow the Administrative Regulations for password management
18
A Quick Re-cap The protection of an individual’s personal information is mandated by law Electronic access to significant quantities of personal information has never been so high Where we are the stewards, we are all accountable Common sense and good practice will go a long way to protect the information in our care
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.