The challenges of foip
Download
1 / 24

The Challenges of FOIP - PowerPoint PPT Presentation


  • 159 Views
  • Uploaded on

The Challenges of FOIP. For Post-Secondary Institutions Veronica Chodak Portfolio Officer, FOIP Office of the Information and Privacy Commissioner (OIPC). Outline. The Office of the Information and Privacy Commissioner The FOIP Act Identifying challenges Facing challenges.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' The Challenges of FOIP' - fathia


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
The challenges of foip

The Challenges of FOIP

For Post-Secondary Institutions

Veronica Chodak

Portfolio Officer, FOIP

Office of the Information and Privacy Commissioner (OIPC)

PACRAO Conference – Nov 8, 2010


Outline
Outline

  • The Office of the Information and Privacy Commissioner

  • The FOIP Act

  • Identifying challenges

  • Facing challenges


Office of the information and privacy commissioner oipc
Office of the Information and Privacy Commissioner (OIPC)

  • The Information and Privacy Commissioner is an officer of the Alberta Legislature.

  • Independent of government.

  • Has a broad range of regulatory responsibilities and powers under FOIP, HIA, and PIPA.


OIPC

  • Freedom of Information and Protection of Privacy Act (“FOIP” or the “FOIP Act”).

  • Health Information Act (“HIA”).

  • Personal Information Protection Act (“PIPA”).


Oipc independent reviews
OIPC – Independent Reviews

  • May review any decision, act or failure to act relating to an access request under FOIP, HIA, or PIPA.

  • May investigate a complaint that personal/health information has been collected, used or disclosed in contravention of FOIP, HIA, or PIPA.

  • For matters not settled during mediation - may conduct an inquiry and issue an order.


The foip act
The FOIP Act

  • The FOIP Act (FOIP) was passed by the Alberta Legislature in 1995.

  • FOIP applies to “public bodies” in Alberta.

  • “Public bodies” include Alberta’s public post-secondary institutions (PSIs).


The foip act1
The FOIP Act

  • Provides the right to access records in the custody or control of a public body subject to limited and specific exceptions.

  • Controls the manner in which a public body may collect, use or disclose personal information.

  • Provides for independent reviews by the Commissioner.


Identifying challenges
Identifying Challenges

  • The desire to collect more information from a variety of sources.

  • The desire to use information for secondary purposes.

  • Requests for information from inside and outside (parents, government, other institutions, employers...).

  • Cloud computing, social networking sites, employees working off-site, contractors…


Is this a foip challenge
Is this a FOIP challenge?

  • Is the PSI subject to the FOIP Act?

  • Is there a collection, use or disclosure of personal information by (or for) the PSI?

  • If so, there is a challenge to ensure compliance with Part 2 of the FOIP Act – Protection of Privacy.


Is there a collection use or disclosure of personal information
Is there a collection, use or disclosure of “personal information”…

  • For the purposes of the FOIP Act, “personal information” means recorded information about an identifiable individual.


By or for the psi
…by or for the PSI? information”…

  • Public bodies are held accountable under the FOIP Act for the actions of their employees (Order 99-032 [51] and Investigation Report F2007-IR-005 [8-9]).


Who is the employee
Who is the employee? information”…

  • For the purposes of FOIP, “Employee”, in relation to a public body includes a person who performs a service for the public body as an appointee, volunteer or student or under a contract or agency relationship with the public body.


Facing the challenges
Facing the Challenges information”…

If there is a collection, use or disclosure of personal information by or for the public body (PSI), take steps to ensure compliance with Part 2 of FOIP - Protection of Privacy.


Is the collection authorized
Is the collection authorized? information”…

No personal information may be collected by or for a public body unless:

  • The collection is expressly authorized by an enactment, or

  • It is for the purposes of law enforcement, or

  • It relates directly to and is necessary for an operating program or activity of the public body.


Is the manner of collection permitted
Is the manner of collection permitted? information”…

  • FOIP requires a public body to collect personal information directly from the individual it is about except in certain limited circumstances.

  • So, if there is a desire to collect the information from a source other than the individual, is there authority in FOIP for the collection?


Is adequate notification provided
Is adequate notification provided? information”…

When you collect personal information directly from the individual you must inform the individual of:

  • The purpose for which the information is collected,

  • The specific legal authority for the collection, and

  • Specific contact information.


Is the use permitted by foip
Is the use permitted by FOIP? information”…

A public body may use personal information only:

  • For the intended purpose,

  • If the individual has identified the information and consented in the prescribed format,or

  • For a purpose for which that information may be disclosed to that public body under other sections of the FOIP Act.


Is the disclosure permitted by the foip
Is the disclosure permitted by the FOIP? information”…

  • A public body may only disclose personal information for the specific purposes described in the FOIP Act.

  • The disclosure may only be to the extent necessary to fulfill the permitted purpose in a reasonable manner.


Some disclosure purposes
Some Disclosure Purposes information”…

  • For the purpose for which it was collected, or for a use consistent with that purpose.

  • If the individual has identified the information and consented in the prescribed manner.

  • To an employee of a public body, if the information is necessary for the performance of their duties as an employee.


More disclosure purposes
More disclosure purposes information”…

  • To comply with an enactment.

  • To determine or verify an individual’s suitability or eligibility for a program or benefit.

  • To collect a fine or debt owing by an individual.

  • If the head of the public body believes, on reasonable grounds, that the disclosure will avert or minimize an immediate danger to the health or safety of any person.


Protect personal information
Protect Personal Information information”…

  • Has the public body made reasonable security arrangements to protect the personal information against such risks as unauthorized access, collection, use, disclosure or destruction?

  • Consider what risks exist, and make security arrangements that are reasonable to address those risks.


Resources
Resources information”…

  • Your FOIP Coordinator, supervisors & management team

  • Alberta Government’s FOIP website

    • http://www.servicealberta.ca/foip

    • FAQ’s for Post-Secondary Institutions

  • Office of the Information and Privacy Commissioner’s website

    • http://www.oipc.ab.ca


Questions
Questions? information”…


Office of the information and privacy commissioner
Office of the Information and Privacy Commissioner information”…

410, 9925 – 109 Street

Edmonton, Alberta

T5K 2J8

(780) 422-6860

Promoting a society where personal information is respected & public bodies are open and accountable.


ad