The challenges of foip
This presentation is the property of its rightful owner.
Sponsored Links
1 / 24

The Challenges of FOIP PowerPoint PPT Presentation


  • 116 Views
  • Uploaded on
  • Presentation posted in: General

The Challenges of FOIP. For Post-Secondary Institutions Veronica Chodak Portfolio Officer, FOIP Office of the Information and Privacy Commissioner (OIPC). Outline. The Office of the Information and Privacy Commissioner The FOIP Act Identifying challenges Facing challenges.

Download Presentation

The Challenges of FOIP

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


The challenges of foip

The Challenges of FOIP

For Post-Secondary Institutions

Veronica Chodak

Portfolio Officer, FOIP

Office of the Information and Privacy Commissioner (OIPC)

PACRAO Conference – Nov 8, 2010


Outline

Outline

  • The Office of the Information and Privacy Commissioner

  • The FOIP Act

  • Identifying challenges

  • Facing challenges


Office of the information and privacy commissioner oipc

Office of the Information and Privacy Commissioner (OIPC)

  • The Information and Privacy Commissioner is an officer of the Alberta Legislature.

  • Independent of government.

  • Has a broad range of regulatory responsibilities and powers under FOIP, HIA, and PIPA.


The challenges of foip

OIPC

  • Freedom of Information and Protection of Privacy Act (“FOIP” or the “FOIP Act”).

  • Health Information Act (“HIA”).

  • Personal Information Protection Act (“PIPA”).


Oipc independent reviews

OIPC – Independent Reviews

  • May review any decision, act or failure to act relating to an access request under FOIP, HIA, or PIPA.

  • May investigate a complaint that personal/health information has been collected, used or disclosed in contravention of FOIP, HIA, or PIPA.

  • For matters not settled during mediation - may conduct an inquiry and issue an order.


The foip act

The FOIP Act

  • The FOIP Act (FOIP) was passed by the Alberta Legislature in 1995.

  • FOIP applies to “public bodies” in Alberta.

  • “Public bodies” include Alberta’s public post-secondary institutions (PSIs).


The foip act1

The FOIP Act

  • Provides the right to access records in the custody or control of a public body subject to limited and specific exceptions.

  • Controls the manner in which a public body may collect, use or disclose personal information.

  • Provides for independent reviews by the Commissioner.


Identifying challenges

Identifying Challenges

  • The desire to collect more information from a variety of sources.

  • The desire to use information for secondary purposes.

  • Requests for information from inside and outside (parents, government, other institutions, employers...).

  • Cloud computing, social networking sites, employees working off-site, contractors…


Is this a foip challenge

Is this a FOIP challenge?

  • Is the PSI subject to the FOIP Act?

  • Is there a collection, use or disclosure of personal information by (or for) the PSI?

  • If so, there is a challenge to ensure compliance with Part 2 of the FOIP Act – Protection of Privacy.


Is there a collection use or disclosure of personal information

Is there a collection, use or disclosure of “personal information”…

  • For the purposes of the FOIP Act, “personal information” means recorded information about an identifiable individual.


By or for the psi

…by or for the PSI?

  • Public bodies are held accountable under the FOIP Act for the actions of their employees (Order 99-032 [51] and Investigation Report F2007-IR-005 [8-9]).


Who is the employee

Who is the employee?

  • For the purposes of FOIP, “Employee”, in relation to a public body includes a person who performs a service for the public body as an appointee, volunteer or student or under a contract or agency relationship with the public body.


Facing the challenges

Facing the Challenges

If there is a collection, use or disclosure of personal information by or for the public body (PSI), take steps to ensure compliance with Part 2 of FOIP - Protection of Privacy.


Is the collection authorized

Is the collection authorized?

No personal information may be collected by or for a public body unless:

  • The collection is expressly authorized by an enactment, or

  • It is for the purposes of law enforcement, or

  • It relates directly to and is necessary for an operating program or activity of the public body.


Is the manner of collection permitted

Is the manner of collection permitted?

  • FOIP requires a public body to collect personal information directly from the individual it is about except in certain limited circumstances.

  • So, if there is a desire to collect the information from a source other than the individual, is there authority in FOIP for the collection?


Is adequate notification provided

Is adequate notification provided?

When you collect personal information directly from the individual you must inform the individual of:

  • The purpose for which the information is collected,

  • The specific legal authority for the collection, and

  • Specific contact information.


Is the use permitted by foip

Is the use permitted by FOIP?

A public body may use personal information only:

  • For the intended purpose,

  • If the individual has identified the information and consented in the prescribed format,or

  • For a purpose for which that information may be disclosed to that public body under other sections of the FOIP Act.


Is the disclosure permitted by the foip

Is the disclosure permitted by the FOIP?

  • A public body may only disclose personal information for the specific purposes described in the FOIP Act.

  • The disclosure may only be to the extent necessary to fulfill the permitted purpose in a reasonable manner.


Some disclosure purposes

Some Disclosure Purposes

  • For the purpose for which it was collected, or for a use consistent with that purpose.

  • If the individual has identified the information and consented in the prescribed manner.

  • To an employee of a public body, if the information is necessary for the performance of their duties as an employee.


More disclosure purposes

More disclosure purposes

  • To comply with an enactment.

  • To determine or verify an individual’s suitability or eligibility for a program or benefit.

  • To collect a fine or debt owing by an individual.

  • If the head of the public body believes, on reasonable grounds, that the disclosure will avert or minimize an immediate danger to the health or safety of any person.


Protect personal information

Protect Personal Information

  • Has the public body made reasonable security arrangements to protect the personal information against such risks as unauthorized access, collection, use, disclosure or destruction?

  • Consider what risks exist, and make security arrangements that are reasonable to address those risks.


Resources

Resources

  • Your FOIP Coordinator, supervisors & management team

  • Alberta Government’s FOIP website

    • http://www.servicealberta.ca/foip

    • FAQ’s for Post-Secondary Institutions

  • Office of the Information and Privacy Commissioner’s website

    • http://www.oipc.ab.ca


Questions

Questions?


Office of the information and privacy commissioner

Office of the Information and Privacy Commissioner

410, 9925 – 109 Street

Edmonton, Alberta

T5K 2J8

(780) 422-6860

Promoting a society where personal information is respected & public bodies are open and accountable.


  • Login