Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy and Information Management ICT Guidelines.

Published byCody Clark Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy and Information Management ICT Guidelines."— Presentation transcript:

1

2 Privacy and Information Management ICT Guidelines

3 Every one of us has a responsibility to safeguard the personal information we deal with on a daily basis.

4 Access to Personal Information Under the Education Act, Board employees are granted the right to access an individual’s personal information, when that access is directly tied to the needs of the role.

5 What is Personal Information? Under the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), “personal information” is any recorded information that can identify an individual, such as: demographic information such as name, address, phone ethnic background medical and/or health records student achievement employment history criminal history

6 What is Consent? Under the Education Act, school boards have the authority to collect personal information about students when they register. Consent is explicit as parents fill in the information and provide it to the school personally at the time of registration Informed consent is when it is defined for parents why you’re collecting, what you’re collecting, what you will do with it and who you will share it with It’s when the information has to be shared with others that problems can arise. There are some good basic rules to follow, however.

7 Seven Virtues of Privacy Protection The Information and Privacy Commissioner of Ontario and the Access and Privacy Office of the Ontario government offer advice for safeguarding personal information: 1.Collect only as much personal information as you need to do your job. 2.Collect information directly from individuals, or for students under 18, directly from their parents or guardians – not from third parties. 3.Explain why you need to collect the information and exactly how it will be used.

8 Seven Virtues of Privacy Protection 4.Get consent from students, or for students under 18, from parents, for the collection, storage and use of personal information. 5.Store personal information securely. Keep hard copies under lock and key, such as in a locked filing cabinet; keep electronic documents on a password-protected computer. A clean desk will help prevent sensitive information being misplaced or stolen.

9 Seven Virtues of Privacy Protection 6.When in doubt, ask for advice from the school principal or the board staff member in charge of privacy. (Ontario law requires every board to have one such contact person.) 7.When you no longer need the personal information to do your job, destroy it by shredding paper documents or securely erasing electronic ones.

10 Sensitive information is at your fingertips throughout your work day In many formats – electronic, hard copy, verbal How Does it Affect Me??

11 Common Daily Practices Always lock your laptop or workstation when away from your desk ( Windows-L) Make sure your screen is not visible to others if displaying personal information (Windows-D will minimize all open windows) Put papers or files away securely when not working with them

12 Common Daily Practices - continued Double-check which printer you’re sending to before you hit “ok” and immediately collect sensitive documents Dispose of sensitive information in designated shredding bins

13 Laptops & Other Mobile Devices Always encrypt or password protect your USB keys, external drives, etc. Never keep your only copy on a USB or other device – make sure to have another copy on a board file share. Do not save board information on a personal device. Use a protected USB key and work from that. Never auto-forward your FirstClass email to a personal device or account.

14 Laptops & Other Mobile Devices – continued Never leave your laptop in a car. Lock it in the trunk before leaving for your destination, if you’re not going straight home or to work. Physically lock your laptop up when not in use (cable lock, locked cabinet, etc.) Never keep the only copy of a file on the laptop– make sure to have another copy on a board file share or home drive

15 Laptop and Other Mobile Devices - continued If your laptop is lost or stolen, you need to report it immediately to your Principal KNOW what is on it Don’t load unauthorized or unsupported applications. They can pose a huge risk to privacy of information. (i.e. - shareware such as LimeWire)

16 Good Password Management Passwords are now being synchronized to help you remember. Where you used to have a password for each system, you now have one password to MANY systems, including your HR system. While this is easier for you, it raises the risk of disclosure if you don’t follow the rules…

17 Good Password Management Never write your passwords down where they can be viewed by others (sticky notes, labels, etc.) Never share your password with anyone else Don’t log anyone else onto a computer with your password Follow the Administrative Regulations for password management

18 A Quick Re-cap The protection of an individual’s personal information is mandated by law Electronic access to significant quantities of personal information has never been so high Where we are the stewards, we are all accountable Common sense and good practice will go a long way to protect the information in our care

Download ppt "Privacy and Information Management ICT Guidelines."

Similar presentations

Protect Our Students Protect Ourselves

Protect Our Students Protect Ourselves
CONFIDENTIALITY / PRIVACY. Federal Laws Privacy Act of 1974 PII (Personally Identifiable Information)….Protection of social security numbers……….

CONFIDENTIALITY / PRIVACY. Federal Laws Privacy Act of 1974 PII (Personally Identifiable Information)….Protection of social security numbers……….
Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.

Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.
Welcome to the SPH Information Security Learning Module.

Welcome to the SPH Information Security Learning Module.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
 Privacy Act of 1974 PII (Personally Identifiable Information)….Protection of social security numbers……….

 Privacy Act of 1974 PII (Personally Identifiable Information)….Protection of social security numbers……….
WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.

WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
HIPAA Training. What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996. It provides the ability to transfer.

HIPAA Training. What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was enacted in It provides the ability to transfer.
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.

1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
Critical Data Management Indiana University HR Summit April 24, 2014.

Critical Data Management Indiana University HR Summit April 24, 2014.
SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.

SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.
Complying with Privacy to Enable Innovation & Research

Complying with Privacy to Enable Innovation & Research
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
MINNESOTA GOVERNMENT DATA PRACTICES ACT How the law affects University employees and recordkeeping Susan McKinney Records & Information Management.

MINNESOTA GOVERNMENT DATA PRACTICES ACT How the law affects University employees and recordkeeping Susan McKinney Records & Information Management.

Similar presentations

Ads by Google