Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy and Confidentiality at Mohawk College FOI FIPPA MFIPPA PHIPA PIPEDA IPC PIA TRA.

Similar presentations


Presentation on theme: "Privacy and Confidentiality at Mohawk College FOI FIPPA MFIPPA PHIPA PIPEDA IPC PIA TRA."— Presentation transcript:

1

2

3 Privacy and Confidentiality at Mohawk College

4 FOI FIPPA MFIPPA PHIPA PIPEDA IPC PIA TRA

5 Definition of Privacy The right to be let alone Thomas Cooley Judge Thomas Cooley The right to exercise control over your personal information. Ann Cavoukian, IPC Comissioner

6 Definition of Confidentiality Ensuring that information is accessible only to those authorized to have access

7 How well do you know our rights to privacy? A quiz …

8 Question 1 My name, job title and work phone number is personal information. TRUE? FALSE?

9 Question 1 My name, job title and work phone number is personal information. TRUE FALSE

10 False Personal information (PI) is: Factual or subjective Recorded or not …about an identifiable individual

11 Personal information includes: Home address Home phone number Home Photo ID SIN Income Marital status Employment history Employee number Performance appraisals Financial information Educational credentials Medical records Fund raising records Opinions or views on the person

12 …and of course, the A word … they even know my age! Pat Macdonald Associate Dean, Continuing Education

13 Question 2 A man phones you asking if his wife is attending your class. You are allowed to tell him. TRUE? FALSE?

14 Question 2 A man phones you asking if his wife is attending your class. You are allowed to tell him. TRUE FALSE

15 Question 3 A police officer conducting an investigation phones you asking if a graduate was registered in a C.E. course. You are allowed to tell her. TRUE? FALSE?

16 Question 3 A police officer conducting an investigation phones you asking if a graduate was registered in a C.E. course. You are allowed to tell her. TRUE FALSE

17 Question 4 A student about to write an exam does not have an ID card, so the instructor asks for his SIN card as ID. This is illegal. TRUE? FALSE?

18 Question 4 A student about to write an exam does not have an ID card, so the instructor asks for his SIN card as ID. This is illegal. TRUE FALSE

19 Question 5 A new student does not yet have her student ID number, or a drivers licence, and so you note her health card number as proof of identity. You just broke the law. TRUE? FALSE?

20 Question 5 A new student does not yet have her student ID card, or a drivers licence, and so you note her health card number as proof of identity. You just broke the law. TRUE FALSE

21 Question 6 Someone hit your car in the parking lot and you ask Security if you can view the recording to see the incident. Security tells you that is illegal. TRUE? FALSE?

22 Question 6 Someone hit your car in the parking lot and you ask Security if you can view the recording to see the incident. Security tells you that is illegal. TRUE FALSE

23 Question 7 A family member arrives at the Front Desk saying that there has been a death in the family. They want to know what classroom their father is in so that they can inform him. The receptionist cannot give them that information. TRUE? FALSE?

24 Question 7 A family member arrives at the Front Desk saying that there has been a death in the family. They want to know what classroom their father is in so that they can inform him. The receptionist cannot give them that information. TRUE FALSE

25 Question 8 Sears Security department phones the Associate Dean of your department and says that they suspect that one of your students has been stalking an employee. They ask if the college can provide a photo to confirm this. The Associate Dean could an ID photo to help in the investigation. TRUE? FALSE?

26 Question 8 Sears Security department phones the Associate Dean of your department and says that they suspect that one of your students has been stalking an employee. They ask if the college can provide a photo to confirm this. The Associate Dean could an ID photo to help in the investigation. TRUE FALSE

27 Question 9 An employer sponsoring one of your students asks if the student passed the course, so that they can reimburse him. Its OK to confirm. TRUE? FALSE?

28 Question 9 An employer sponsoring one of your students asks if the student passed the course, so that they can reimburse him. Its OK to confirm. TRUE FALSE

29 How did you do?

30 Our privacy is protected by Federal and Provincial legislation

31 The Acts … LegislationSectorDateFed/Prov Fed Access to Privacy Gov. Institutions 1980Fed FIPPAProvincial1987Prov MFIPPAMunicipal1991Prov PIPEDACommerce1999Fed PHIPAHealth2004Prov

32 Freedom of Information and Protection of Privacy Act (FIPPA) Safety & Corrections WSIB Community & Social Services District Health Councils Consumer & Business Affairs Ontario Human Rights Colleges and universities

33 Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) Municipalities Boards of Education Boards of Health Police Services Public utilities (2,500 in total)

34 The College gathers personal information from… Students Staff Donors and clients and is committed to protecting that information

35 Information is collected by … Human Resources Payroll Financial Services OH&S Health Services Registrar Continuing Education

36 So, what is a record? Any record of information, however recorded, whether in printed form, on film, by electronic means or otherwise.

37 Records include … Application forms Registration forms OSAP forms Section lists Class lists Exams Address books Memos Draft memos Agendas

38 Plus … files on your hard drive files on your iPhone files on your Blackberry your your voice mail

39 and even …

40 Privacy Laws & College policies dictate how information is: Collected Used Disclosed Retained Destroyed

41 Collection: We must have legal authority to collect collect it directly from the person provide a notice of collection, stating the above and provide the title, business address and telephone number of a college official.

42 So what do we have to do? Safeguard our User Name and Passwords Access records only relevant to our duties Do not disclose personal information to any unauthorized person Protect personal information of staff and students

43 Specifically: Do Protect students (and employees) information Phone numbers Addresses SIN numbers Employee number Student number Grades and marks

44 Specifically: /voice mail Dont leave PI on voice mail - call back should be called epostcard! Assume additional copies exist Assume it will be forwarded

45 There was a privacy breach… What do I do?

46 What is a privacy breach? A privacy breach occurs when personal information (PI) is: Collected Retained Used Disclosed in ways that are not in accordance with FIPPA.

47 Most common breaches: Unauthorized disclosure of personal information, contrary to Sect. 42, for example: a file is misplaced a USB flash drive is lost a form is mailed to the wrong person a document is left in the photocopier a fax is sent to the wrong number an is sent to the wrong address a document is not disposed of correctly a laptop is stolen

48 Privacy breach protocol 1. Prevention 2. Scope 3. Containment 4. Notification 5. Investigation 6. Remediation

49 Prevention 1 Know your departments procedures on; Collection Retention Use Disclosure Security Disposal

50 Prevention 2 Know that you are accountable for the PI in your custody Do not discuss PI in public places Do not leave documents where they can be seen by the public Do not disclose PI to those who do not need to know it Turn your monitor away from the public

51 Prevention 3 Get written consents before disclosing PI Know the consequences of a privacy breach Ensure that documents are shredded when no longer in use Password protect and/or encrypt data on your laptop, PDA, Flash drive

52 Notification Immediately inform Your boss

53 Consequences … Compliance orders from IPC Penal offences Fines ($250K) Possible personal liability ($50K!) Civil liability Loss of Trust

54 In summary … As a new College employee, you are expected to protect the privacy of individuals and the confidentiality of Personal Information under your control!

55 Q & A Have you any questions, additional examples, comments?

56 John Guilfoyle Director, Corporate Services Ext. 2174


Download ppt "Privacy and Confidentiality at Mohawk College FOI FIPPA MFIPPA PHIPA PIPEDA IPC PIA TRA."

Similar presentations


Ads by Google