911±¬ÁÏÍø

Personal information includes details about an identifiable individual such as:

• Race, national or ethnic origin, religion, age, sex, sexual orientation and marital or family status
• Employment and educational history
• Medical, psychiatric and psychological history, prognosis, condition, treatment and evaluation
• Any identifying number (Social Insurance Number, student number), symbol or other assigned particular
• Home address and telephone number
• Personal opinions of or about the individual
• Name where it appears with or reveals one’s personal information
• Correspondence sent to 911±¬ÁÏÍø by an individual that is implicitly or explicitly of a private or confidential nature and any reply to that correspondence that would reveal its contents.

Note: Information about individuals acting in their business or professional capacity is not personal information. This includes their name, title, work address (including office location), work telephone number and 911±¬ÁÏÍø email address.

• Collect only the personal information you need to perform your duties
• Inform people about the collection and what you intend to do with their personal information
• Use personal information only for the purpose(s) for which it was collected, or for a consistent purpose
• Disclose personal information only to the individual to whom it relates (except in limited circumstances as specified in privacy laws and regulations).

Note: 911±¬ÁÏÍø must provide notice of collection to the individual and in some cases obtain consent. If you have any concerns regarding the collection, use and/or disclosure of personal information, please contact the 911±¬ÁÏÍø Privacy Office.

A record is considered any information in 911±¬ÁÏÍø’s custody or control relating to students and employees or to 911±¬ÁÏÍø’s business operations and the administration of academic programs and services. Records can be in printed form, on film, by electronic means or otherwise and include:

• Correspondence, memoranda, books, plans, maps, drawings, diagrams, pictorial or graphic works, photographs, film, microfilm, sound recordings, videotapes, machine-readable records and other documentary material regardless of physical form or characteristics and any copy thereof
• Any information that is capable of being produced from a machine-readable record under 911±¬ÁÏÍø’s control by means of computer hardware and software or any other information storage equipment and technical expertise normally used by 911±¬ÁÏÍø, or to which 911±¬ÁÏÍø can reasonably gain access
• Emails, including additional/forwarded copies.

A privacy breach involves the improper or unauthorized collection, use, disclosure, retention or disposal of personal information, in contravention of applicable privacy laws and regulations. The breach may affect an individual or a group.

A suspected or confirmed breach of personal information must be reported immediately to your supervisor, who should then contact the 911±¬ÁÏÍø Privacy Office. If you believe your 911±¬ÁÏÍø computer and/or email/My911±¬ÁÏÍø account have been compromised, immediately call the and change your password.

Preliminary questions to consider when addressing a privacy breach, include:

• What was the date of the incident?
• Where did the incident occur?
• What information/records need to be analyzed?
• When was the incident discovered?
• What was the sequence of events?
• Has the incident been contained (or is it continuing to occur)?

The (FIPPA) is provincial legislation that governs how 911±¬ÁÏÍø and other public institutions and agencies handle personal information.

FIPPA has two purposes:

1. Access: To provide the public with a right of access to information in the custody or under the control of institutions and agencies. FIPPA covers all ministries of the Ontario Government and any agency, board, commission, corporation or other body designated as an institution in the regulations.
2. Privacy: To protect the privacy of individuals’ personal information held by institutions and to provide a right of access for individuals to their own personal information.

FIPPA authorizes 911±¬ÁÏÍø to use personal information as required for the purpose of its core business activities and work placements. All employees are obligated to adhere to FIPPA and 911±¬ÁÏÍø’s Freedom of Information and Protection of Privacy Policy.

The (PHIPA) is provincial legislation that applies to personal health information held by 911±¬ÁÏÍø, which may include health history, Ontario health card number and records of care. All employees are obligated to adhere to PHIPA and 911±¬ÁÏÍø’s Personal Health Information Protection Act Statement.

911±¬ÁÏÍø collects personal health information when providing counselling, consultation and health services and in compliance with external regulators. Health Care professionals at 911±¬ÁÏÍø are regulated by the College of Physicians and Surgeons Ontario, College of Psychologists of Ontario, College of Social Workers and Social Service Workers, College of Occupational Therapists Association, College of Nurses of Ontario and other licensing bodies, which may inspect records and interview professional staff as part of their regulatory activities in the public interest.

911±¬ÁÏÍø is committed to protecting student and employee privacy and ensuring the confidentiality of personal health information. Individuals have the right to request access to their health records or to request a correction to the record.

On May 25, 2018, the (GDPR) came into effect. It is European Union (EU) regulation on data protection and privacy for all individuals within the EU. It affects all EU-based organizations and those that provide goods and services to, or monitor the behaviour of, individuals in the EU.

911±¬ÁÏÍø must comply with GDPR when it processes the personal data of individuals who reside in the EU, including 911±¬ÁÏÍø students and employees.