Discussion #3: Protecting your privacy



FOIPPA’s two main purposes are to provide access to information and to protect the personal information that government holds.

We talked about how FOI requests work in the last post. In future posts, we’ll talk about how we make information available outside of the FOI process, and we’ll also talk about some other topics related to privacy and personal information.

Your personal information is any information about you. It does not include business information you may have provided to government like your contact information on a contract or invoice. Government holds a great deal of personal information in order to provide you with important public services. This includes education records, health information, and many other types of information.

By law, all public bodies have to take steps to protect the personal information they create and receive. The Freedom of Information and Protection of Privacy Act sets out the rules about when a public body can collect, use or share your personal information.

There are also rules about what kinds of personal information government requires to support the services we provide to you, and how long we should keep that information.

If you’re concerned that your records may contain information that’s not accurate, you can ask a public body to change the record to fix the error.

Public bodies work diligently to ensure that your information is properly protected and your privacy is maintained. Ministries have privacy management programs and there is central oversight through government’s corporate privacy office. Each ministry has a Privacy Officer and an Information Security Officer. All employees take training to help them identify personal information and keep it safe. Whenever a new government initiative is being planned, the law requires public bodies to identify the privacy impacts of that initiative and make sure that appropriate protections are built in.

The law also establishes the Information and Privacy Commissioner as the independent oversight authority for privacy and access to information. The Commissioner can investigate complaints if you have concerns about your privacy or about how a public body responded to your FOI request.

Have you ever had to correct personal information or contacted the privacy commissioner? What was your impression of the process? Would you contact the privacy commissioner now that you know more?

Sort

3 responses to “Discussion #3: Protecting your privacy

    User avatar
    [-] L

    Need comprehensive processes for individuals to bot consent to disclosure of personal information and refuse disclosure of their information, including when deidentified, and for purposes involving any disclosure to a third party.

    0
    1
    permalink
    User avatar
    [-] Ourj

    This is less concerning to me than my earlier comment but once again I would say that the information commissioner’s office should be held to a standard that forces them to settle privacy complaints within 30 days. Why do we expect the ministrys to resolve everything right away but when it comes to the commissioner they just keep taking extensions on when they need to make a decision by. Right now the way the system works you’re actually better served by making multiple requests about your original request than you are sending a complaint to the commissioner.

    Thanking you again for the opportunity to be heard,
    Ourj

    4
    0
    permalink
    User avatar
    [-] Richard

    Yes, I contacted the OIPC a few times to report privacy infractions, after having reported same to the school district responsible and having received unacceptable responses.
    My impression of the process was that the OIPC is there to educate, not enforce, re privacy. I was very disappointed that gross privacy violations and lack of appropriate response by the school district were not corrected by OIPC nor were there any punitive actions taken.
    OIPC has no teeth, or refuses to use them. Privacy laws are mocked and disrespected when they are not enforced. Privacy should be protected and violations should be deterred.

    2
    0
    permalink
Comments are closed.