PRIVACY AND INFORMATION MANAGEMENT A Guideline For Alberta Veterinarians
|
|
- Harold Jacobs
- 5 years ago
- Views:
Transcription
1 OVERVIEW Canada is protected by two federal privacy laws. The Privacy Act covers the personal information handling practices of the federal government. The private sector has a new privacy law (The Personal Information Protection and Electronic Documents Act or PIPEDA). In Alberta, the private sector has a privacy law (The Personal Information Protection Act or PIPA). For more information check out the Information and Privacy Commissioner of Alberta website at You can go online to receive PIPA and A Guide For Businesses And Organizations at and PIPEDA and A Guide For Businesses And Organizations at TERMINOLOGY ORGANIZATIONS AND ACRONYMS The Personal Information Protection Act or PIPA, The Personal Information Protection and Electronic Documents Act or PIPEDA, The Information Access and Privacy or IAP, The Freedom of Information and Protection of Privacy Act or FOIPP, The Health Information Act or HIA, The Health Professions Act or HPA, and Professional Regulatory Organizations or PROs. WHEN DID PIPA TAKE EFFECT? The Personal Information Protection Act or PIPA came into effect on January 1 st, WHAT IS PIPA? The Personal Information Protection Act or PIPA provides guidelines that govern how private sector organizations can collect, use, or disclose personal information in the course of commercial activities. It balances an individual s right to privacy with the need of organizations to collect, use or disclose personal information for legitimate business purposes. The Act requires organizations to have safeguards in place to secure personal information from unauthorized access, disclosure, use, or tampering. The Act also provides information on acceptable uses for gathering an individual s personal information. It also provides rules regarding an individual s right to access their own personal information. WHO DOES PIPA APPLY TO? The Personal Information Protection Act or PIPA is intended to cover the entire private sector. There are a few exceptions, however, the Privacy Act applies to anyone who carries on commercial activities which will include most Veterinarians. PIPA applies to organizations which are described as corporations, unincorporated associations, trade unions, partnerships, and individuals acting in a commercial capacity or any person acting on behalf of an organization. Professional Regulatory Organizations (PROs) are defined as an organization incorporated under a Professional Act. PIPA applies to any collection, use or disclosure of personal information. Personal Information is described as including any factual or subjective information, recorded or not, about an identifiable individual. Personal Information can include information in any form, such as: name, gender, age, colour, ethnic origin, blood type, income, ID numbers, education, family status; health history, health conditions, or health services received by them; activities, views, evaluations, opinions, comments, social status, disciplinary actions, religion, political involvement; employee files, credit and/or loan records, medical records, existence of a dispute between a consumer and a merchant, intentions such as to acquire good or services or to change jobs. Page 1
2 Personal Information collected prior to January 1 st, 2004 is considered to have been collected with consent. Personal Information is protected by the Act, whereas Business Information is not covered. Business Information is described as information you may find on a business card. WHAT IS NOT COVERED BY PIPA? The collection, use, or disclosure of personal information to which FOIP or HIA applies. Provincial or territorial governments and agents of the crown in right of a province. Information in a court file. An employee s name, title, business address or phone number. An individual s collection, use, or disclosure of personal information strictly for personal purposes (i.e.: personal greeting card list). An organization s collection, use, or disclosure of personal information solely for journalistic, artistic or literary purposes. WHAT ARE YOUR RESPONSIBILITIES UNDER PIPA? The Personal Information Protection Act or PIPA reflects the realities of the business world and was a collaborative effort by government, consumers and business groups. Below is a list of ten principles of fair information practices, summarized as follows: 1. Accountability: Appoint an individual to be responsible for your organization s compliance. This individual will protect all personal information or transfer to a third party for processing and develop and implement personal information practices and policies. 2. Identifying Purposes: You need to identify the reasons for the collection, use, and disclosure of obtaining the individual s personal information. Identify any new purpose for the individual s personal information and obtain the individual s consent prior to using it. 3. Consent: Obtain the individual s consent for the collection, use, and disclosure of their personal information in a meaningful way as well as when a new use is identified. 4. Limiting Collection: Do not deceive, mislead or collect personal information indiscriminately. 5. Limiting Use, Disclosure, And Retention: Collect, use, and disclose personal information that is necessary for the purpose for which it is intended. Have guidelines and procedures in place for the retaining and destroying of personal information. 6. Accuracy: Minimize the possibility of using incorrect information. 7. Safeguards: Protect personal information against loss, theft, unauthorized access, disclosure, copying, use or modification regardless of the format in which it is in. 8. Openness: Have policies and procedures in place for the management of personal information and inform your customers, clients and employees of them and make them understandable and easily available. 9. Individual Access: When requested, inform individuals if you have any personal information about them, explaining how it has been used and provide a list of any organizations for which it has been disclosed. Give individuals access to their information and correct or amend any personal information if its accuracy and completeness is challenged and found to be deficient. 10. Provide Recourse: Develop simple and easily accessible complaint procedures. Investigate all complaints received, inform complainants of avenues or recourse including your organization s complaint procedures, industry associations, regulatory bodies and the Privacy Commissioner of Alberta. Take appropriate actions to correct information handling procedures. Page 2
3 WHERE DO I START AND WHAT NEEDS TO BE DONE? Start by implementing a privacy policy and procedure system. This provides a process for Veterinarian s to review and revise their organization s practices. Documentation with safeguards is key and we should all be in a good position for that already with few adjustments. You must appoint an Information Officer, preferably a senior person within your organization who will be responsible for overseeing your organization s compliance with privacy obligations. The privacy policy would cover: Reviewing the organization s policies and practices for collecting, using, and disclosing personal information (including conducting an audit of the current personal information practices of the organization). Implementing procedures to safeguard personal information (i.e.: locked filing cabinets, restricted access, security clearances, need-to-know basis, passwords, encryption, virus protection and firewalls). Ensuring individuals (i.e.: clients) have the right to access and correct any personal information that is incorrect. Implement a retention and destruction of information policy. Train the organization staff in the personal information policies. Act as the contact person for inquiries from the public or clients. Ensure there is a process in place for handling complaints. The policies must be understandable and made available to the public. You can provide this several ways post the policy on your organization s website, post it in your reception area or provide a copy to new clients on their first visit and to those who request a copy. Organizations will need special consent to disclose personal information outside of the organization. There are several ways to define your privacy policies depending on your organization. Where a veterinary clinic has multiple people working together, you can have separate policies or a blanket policy that covers everyone. Implement a privacy policy that works for your particular situation. WHAT ARE THE RESTRICTIONS? Veterinarians will need to obtain consent for the collection, use, and disclosure of personal information. Please note that this is different from consent for treatment. Like any consent, it can be obtained in writing, verbally or implied consent. When it comes to solely providing services to the client, consent may be implied, however, the Veterinarian should explain the purpose for which information is being collected and obtain some form of consent. There are some exceptions with obtaining personal information that do not require consent (i.e.: to investigate a breach of law or contract where obtaining consent would compromise the investigation) or in certain emergency situations (i.e.: medical crisis). Areas in which change may be required are: Where the Veterinarian collects information about other individuals (i.e.: family history). Where the Veterinarian collects information about the client from other individuals (i.e.: client s previous Veterinarian, family members of the client). Where the Veterinarian collects information to be shared with others who are also providing services or advising the client (i.e.: team treatment). Page 3
4 Where there is a likelihood of an ongoing relationship and the information will be used for ongoing services, especially where this is not obvious to the client (i.e.: collecting a baseline assessment of client health should there be a need to provide broader treatment later on). Where third parties will have access to the information (i.e.: legal, billing or financial purposes). Where the Veterinarian will use the information for related purposes (i.e.: billing the client or a third party later). Where the Veterinarian will use or disclose the information for secondary purposes (i.e.: quality control, regulatory accountability, research). Where the Veterinarian may sell the practice later on and will need to provide prospective purchasers with access to client information enabling the purchaser to conduct a due diligence review. Veterinarians are required to collect the least amount of information required for the purposes for which it is intended. You should not collect financial information about clients who pay the full account at the time of service. WHAT SAFEGUARDS NEED TO BE IN PLACE? Veterinarians may need to review some of their policies regarding client confidentiality. Personal information should not be sent through over the internet and all personal information being disposed of should be shredded prior to recycling. Confidential client files should not be left on a computer screen for anyone to see just as not everyone should have access to client files. WHAT ARE ACCESS AND CORRECTION RIGHTS? The Privacy Act states that any individual has the right to see any personal information Veterinarians hold regarding them. You should help them to understand the information contained such as abbreviations and technical terms. You have an obligation to let the individual know whom you have forwarded their personal information to and why. If the individual believes any of their personal information is wrong, they can ask to have it corrected. You cannot correct opinions. Anything you mutually agree is wrong must be corrected and you must notify all third parties of the correction. If you and the individual disagree that there is an error, you must record the disagreement and notify all third parties who receive the contested information. Disagreements about corrections can be taken to the Information and Privacy Commissioner of Alberta for review. Exceptions to giving an individual access to their personal information would be: Legal privilege Proprietary information Investigation information Mediation/arbitration Safety issues WHAT ARE THE GUIDELINES REGARDING EMPLOYEE INFORMATION? Employee information is treated differently from customer information. Organizations will have to determine what is reasonably required for establishing, managing or terminating employment relationships. Don t assume anything, the burden of proof will likely be on the organization. Page 4
5 Employee includes and individual who performs a service for the organization including: Under contract or agency relationship Student Participant Volunteer Apprentice WHAT SHOULD AN INTERNAL COMPLAINT SYSTEM LOOK LIKE? Organizations must have an internal complaints system in place to handle concerns about privacy practices. This system should have: A designated individual to receive, respond and ensure prompt investigation to all complaints. An easily accessible, simple to use complaints procedure which includes, o Acknowledgement of complaint received o Investigation of complaint, and o Providing a decision with reasons A process to respond to complaints that are justified including making changes to privacy policies. Notifying the public of external resources including the ABVMA and the Provincial Information and Privacy Commissioner. WHO ENSURES COMPLIANCE WITH THE PRIVACY LEGISLATION? Veterinarians will be held accountable with respect to compliance with the Privacy Act to the Provincial Information and Privacy Commissioner and to the ABVMA. The Information and Privacy Commissioner of Alberta functions as an ombudsman and has the following responsibilities: Investigating all complaints about an organization s personal information handling practices including entering their premises and summonsing documents and witnesses. Mediating and conciliating such complaints. Auditing the personal information handling practices of an organization. Making a public report of poor personal information practices by an organization. Seeking remedies for a breach of the Privacy Act in the courts. To contact the Information and Privacy Commissioner of Alberta, contact: Frank Work Information and Privacy Commissioner of Alberta 410, Street Edmonton, Alberta T5K 2J8 Phone: (780) Fax: (780) ipcab@planet.eon.net Website: Page 5
6 PENALTIES AND DAMAGES An individual can pursue damages for loss or injury suffered as a result of breach of privacy. If convicted of an offence, fines are: Up to $10,000 for individuals Up to $100,000 for businesses IN SUMMARY Review your practices. Be fair and reasonable. Due diligence is expected, not perfection. Use common sense. Designate an individual(s) responsible for compliance with the Act. Talk to your employees. Assist your employees. Deal with complaints and inquiries effectively. Keep in mind it is always better to avoid a complaint rather than having to deal with one! Where conduct involves a breach of core professional values, the ABVMA will have reason to take regulatory action. Every Veterinarian is obliged to comply with the law and many breaches of the Privacy Act by a Veterinarian may warrant some regulatory action. ACKNOWLEDGEMENTS Field Law Privacy and Information Management, October 2, 2003 Challenges and Guidance for Professional Regulators Field Law Perspectives For The Professionals, July 2004 By Field Law s Professional Regulatory Group Office of the Privacy Commissioner of Canada The College of Veterinarians of Ontario (CVO) Richard Steinecke What Every Veterinarian Needs To Know About Privacy Legislation Steinecke Maciura LeBlanc Grey Areas, August 2003, No. 66 A Commentary On Legal Issues Affecting Professional Regulation Page 6
METRO DIRECTION FINANCIAL INC PRIVACY POLICY
METRO DIRECTION FINANCIAL INC PRIVACY POLICY Introduction The Personal Information Protection and Electronic Documents Act ( PIPEDA ) applies to all organizations, including Insurance Producers, engaged
More informationPrairie Centre Credit Union
Code for the Protection of Personal Information Prairie Centre Credit Union Adopted by: Prairie Centre Credit Union Board of Directors July 15, 2003 Updated November 2014 Introduction P rairie Centre Credit
More informationAssociation of Service Providers for Employability and Career Training ( ASPECT ) PRIVACY CODE
Association of Service Providers for Employability and Career Training ( ASPECT ) PRIVACY CODE INTRODUCTION ASPECT is an association of community-based trainers that represents and promotes the interests
More informationModel Code for the Protection of Personal Information, CAN/CSA-Q830-96
Model Code for the Protection of Personal Information, CAN/CSA-Q830-96 4.1 Principle 1 Accountability An organization is responsible for personal information under its control and shall designate an individual
More informationPrivacy Guide for Alberta Physiotherapists
Privacy Guide for Alberta Physiotherapists September 2013 Understanding privacy legislation is complex and keeping current with legislative changes and provincial and federal rulings can be challenging.
More informationCBSA PRIVACY POLICY. Canadian Business Strategy Association Page 1
CBSA PRIVACY POLICY The CBSA Privacy Policy is a statement of principles and policies regarding the protection of personal information provided by the Canadian Business Strategy Association. The objective
More informationSYNCHRO SWIM MANITOBA PRIVACY POLICY
SYNCHRO SWIM MANITOBA PRIVACY POLICY Approved: Feb 15, 2006 By the Board of Directors Number of pages: 8 Purpose of this Policy 1. The purpose of this policy is to govern the collection, use and disclosure
More informationMAWA PRIVACY POLICY. Purpose of this Policy
MAWA PRIVACY POLICY Purpose of this Policy 1. Privacy of personal information is governed by the Personal Information Protection and Electronics Documents Act ( PIPEDA ). This policy describes the way
More informationA copy of Ontario Water Polo Association s Privacy Policy is provided to any member on request to Ontario Water Polo Association.
Purpose of Policy Privacy of personal information is governed by the Personal Information Protection and Electronics Documents Act ( PIPEDA ). This policy describes the ways in which Ontario Water Polo
More informationNorth Simcoe Community Futures Development Corporation (NSCFDC) PRIVACY POLICY 1.0 PURPOSE OF PRIVACY POLICY 3
PRIVACY POLICY North Simcoe Community Futures Development Corporation (NSCFDC) TABLE OF CONTENTS PRIVACY POLICY 1.0 PURPOSE OF PRIVACY POLICY 3 1.1 The Ten Principles of PIPEDA Summarized 3 1.2 Personal
More informationONTARIO LACROSSE ASSOCIATION INFORMATION PRIVACY POLICY
ONTARIO LACROSSE ASSOCIATION INFORMATION PRIVACY POLICY Purpose of this Policy Last Updated: January 29, 2017 1. Privacy of personal information is governed in Ontario by the Personal Information Privacy
More informationPRIVACY CODE FOR OUR DENTAL OFFICE
PRIVACY CODE FOR OUR DENTAL OFFICE INTRODUCTION Privacy of personal information is an important principle in the provision of quality dental care to our patients. We understand the importance of protecting
More informationHSBC Privacy code. Everything you need to know about the security and privacy of your personal information at HSBC
HSBC Privacy code Everything you need to know about the security and privacy of your personal information at HSBC HSBC Privacy Code Table of Contents Protecting Personal Information 1 Scope 1 Ten Privacy
More informationCANADIAN AMATEUR SYNCHRONIZED SWIMMING ASSOCIATION, INC. SASKATCHEWAN SECTION PRIVACY POLICY
CANADIAN AMATEUR SYNCHRONIZED SWIMMING ASSOCIATION, INC. SASKATCHEWAN SECTION PRIVACY POLICY PURPOSE OF THIS POLICY 1. To set rules for the collection and disclosure of personal information in a manner
More informationProtecting Your Privacy
A Guide for Individuals Protecting Your Privacy An Overview of the Office of the Privacy Commissioner of Canada and Federal Privacy Legislation Introduction With technology now affecting every aspect
More informationPrivacy in Canada Federal Legislation: Personal Information Protection and Electronic Documents Act
Table of Contents Introduction Privacy in Canada Definition of Personal Information : the ten principles Accountability Identifying Purposes Consent Limiting Collection Limiting Use, Disclosure, and Retention
More information1A-1084 Kenaston Street tel: (613) Ottawa, ON K1B 3P5 fax: (613)
Water Polo Canada www.waterpolo.ca 1A-1084 Kenaston Street tel: (613) 748-5682 Ottawa, ON K1B 3P5 fax: (613) 748-5777 Water Polo Canada Privacy Policy Policy Section: Board of Directors Policy Subsection:
More informationTaking care of what s important to you
A v i v a C a n a d a I n c. P r i v a c y P o l i c y Taking care of what s important to you Table of Contents Introduction Privacy in Canada Definition of Personal Information Privacy Policy: the ten
More informationSBI Canada Bank Privacy Policy
Owner: Privacy Officer Version: 2.2 Approving Body: Board Date Approved: August 30, 2016 List of Recipients: All Staff Introduction 1. All banks in Canada are subject to Personal Information Protection
More informationJericho Tennis Club's Privacy Policy
Jericho Tennis Club's Privacy Policy 1. Introduction At Jericho Tennis Club (the "Club"), respecting privacy is an important part of our commitment to our Members, Prospective Members, and Employees. That
More informationPRIVACY CODE FOR THE PROTECTION OF PERSONAL INFORMATION
PRIVACY CODE FOR THE PROTECTION OF PERSONAL INFORMATION 2015 PRIVACY CODE FOR THE PROTECTION OF PERSONAL INFORMATION PREAMBLE The Bank and companies part of its group, including B2B Bank, have always thrived
More informationTHE CITY OF EDMONTON PROJECT AGREEMENT VALLEY LINE LRT STAGE 1. Schedule 18. Freedom of Information and Protection of Privacy
THE CITY OF EDMONTON PROJECT AGREEMENT VALLEY LINE LRT STAGE 1 Schedule 18 Freedom of Information and Protection of Privacy VAN01: 3666223: v8 SCHEDULE 18 FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY
More informationTaking care of what s important to you
A v i v a C a n a d a I n c. P r i v a c y P o l i c y Taking care of what s important to you Table of Contents Introduction Privacy in Canada Definition of Personal Information Privacy Policy: the ten
More informationROYAL ALEXANDRA HOSPITAL FOUNDATION PRIVACY POLICY
ROYAL ALEXANDRA HOSPITAL FOUNDATION PRIVACY POLICY 1. INTRODUCTION 1.1 The Royal Alexandra Hospital Foundation (the Foundation ) is committed to safeguarding the personal information provided to us by
More informationPROTECTION OF PERSONAL INFORMATION POLICY (PoPI)
PROTECTION OF PERSONAL INFORMATION POLICY (PoPI) 1. Purpose The purpose of the PoPI Act (Protection of Personal Information Act) is to ensure that all South African institutions conduct themselves in a
More informationALBERTA OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER P2011-ND-042 PERSONALITY PROFILE SOLUTIONS INC. November 1, (Case File #P2003)
ALBERTA OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER P2011-ND-042 PERSONALITY PROFILE SOLUTIONS INC. November 1, 2011 (Case File #P2003) I. Introduction [1] On October 14, 2011, I received a report
More informationALBERTA OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER P2012-ND-29 BP CANADA ENERGY GROUP ULC. November 8, (Case File #P2157)
ALBERTA OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER P2012-ND-29 BP CANADA ENERGY GROUP ULC November 8, 2012 (Case File #P2157) I. Introduction [1] Under s. 34.1 of the Personal Information Protection
More informationInfonex 2005: Privacy and Investigations. David T.S. Fraser McInnes Cooper (902)
Infonex 2005: Privacy and Investigations David T.S. Fraser McInnes Cooper (902) 424-1347 Has been characterised as the right to be left alone, to be secure in one s home and free from unwanted interference
More informationPRIVACY AND ANTI-SPAM CODE FOR OUR DENTAL OFFICE Please refer to Appendix A for a glossary of defined terms.
PRIVACY AND ANTI-SPAM CODE FOR OUR DENTAL OFFICE Please refer to Appendix A for a glossary of defined terms. INTRODUCTION The Personal Health Information Act (PHIA) came into effect on December 11, 1997,
More informationPRIVACY POLICY OVERVIEW
PRIVACY POLICY OVERVIEW This Privacy Policy establishes rules to govern the collection, use and disclosure of personal information collected by Sylogist Ltd. and its affiliates (collectively the Company
More informationCOPOLOFF ADVISOR COMPLIANCE GUIDANCE MANUAL
COPOLOFF ADVISOR COMPLIANCE GUIDANCE MANUAL Introduction... 2 The MGA s Role... 3 Copoloff Advisor Code of Conduct... 5 Anti-Money Laundering and Anti-Terrorist Financing Guidance... 5 Privacy Program
More informationCiti Canada. Privacy of Personal Information Statement
Privacy of Personal Information Statement TABLE OF CONTENTS Page INTRODUCTION... 3 OUR PRIVACY NOTICE... 3 GENERAL... 3 CHANGES TO THIS PRIVACY STATEMENT... 3 CATEGORIES OF PERSONAL INFORMATION WE COLLECT
More informationEffective Date: 4/3/17
HIPAA AND HITECH ADM 067.4 Attachment D Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and Security Rule Health Information Technology for Economic and Clinical Health (HITECH)
More informationPrinciples. Bison Transport will implement policies and procedures to give effect to this policy, including:
Principles The ten principles that form this policy are interrelated, and Bison Transport will adhere to the ten principles as a whole. This policy, then, applies to personal information about Bison Transport
More informationTitle CIHI Submission: 2014 Prescribed Entity Review
Title CIHI Submission: 2014 Prescribed Entity Review Our Vision Better data. Better decisions. Healthier Canadians. Our Mandate To lead the development and maintenance of comprehensive and integrated health
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Author: Mrs A Taylor Approval needed Board of Directors by: Adopted (date): 6 December 2016 Date of next review: December 2017 Data Protection Policy Introduction The de Ferrers
More informationPRIVACY ISSUES IN M&A TRANSACTIONS
PRIVACY ISSUES IN M&A TRANSACTIONS Adam D. Vereshack McCarthy Tétrault LP Barristers & Solicitors Patent & Trade-mark Agents www.mccarthy.ca PART I PRIVACY LEGISLATION www.mccarthy.ca Overview Business
More informationDATA SERVICES CONTRACTS
GUIDANCE DOCUMENT DATA SERVICES CONTRACTS MAY 2003 Guidance Document: Data Services Contracts 1 CONTENTS 1.0 Purpose of this Guidance Document... 1 2.0 General... 2 2.1 Definitions... 2 2.2 Privacy Impact
More informationSubmitted to. Diane Kinderwater, Instructor Department of Office Administration Grande Prairie Regional College
Freedom of Information and Protection of Privacy (FOIP) Submitted to Diane Kinderwater, Instructor Department of Office Administration Grande Prairie Regional College Prepared by Alexandra Grosset OA2081
More informationA BETTER DEAL FOR CONSUMERS AND BUSINESSES ACT
Province of Alberta A BETTER DEAL FOR CONSUMERS AND BUSINESSES ACT Statutes of Alberta, (not in force provisions only current as of October 31, 2018) Office Consolidation Published by Alberta Queen s Printer
More informationFOIP and the Trustee. Presentation by Angela Town ASBA Legal Services January 21, 2014
FOIP and the Trustee Presentation by Angela Town ASBA Legal Services January 21, 2014 FOIP Freedom of Information and Protection of Privacy Act 2 About the FOIP Act public bodies framework within which
More informationASTRAZENECA GLOBAL POLICY DATA PRIVACY
ASTRAZENECA GLOBAL POLICY DATA PRIVACY This Global Policy sets out the requirements for ensuring that we collect, use, retain and disclose personal data in a fair, transparent and secure way. Personal
More informationALBERTA OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER P2011-ND-039 ZELLERS DRUG STORES (ALTA) LIMITED. November 30, (Case File #P2031)
ALBERTA OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER P2011-ND-039 ZELLERS DRUG STORES (ALTA) LIMITED November 30, 2011 (Case File #P2031) I. Introduction [1] On November 22, 2011, I received a report
More informationData Protection Policy. Newbury Academy Trust
Newbury Academy Trust 1. Introduction 1.1. Academy, Academy Trust all refer to Newbury Academy Trust, Love Lane, Newbury, Berkshire, RG14 2DU. School refers to one of the three schools within the Newbury
More informationPolicies, Procedures and Guidelines
Policies, Procedures and Guidelines Complete Policy Title: Privacy Governance and Accountability Framework Approved by: President Date of Original Approval(s): The purpose of this Responsible Executive:
More informationWhy do I need to read this?
Why do I need to read this? The Data Protection Act 1998 has substantial implications for the Church of England which affect every parish. The Act is designed to protect the Rights of identifiable living
More informationOur Privacy Policy SUPPLEMENTAL INSURANCE. Health Accident Disability Life. combined.ca
Our Privacy Policy SUPPLEMENTAL INSURANCE Health Accident Disability Life combined.ca Your Privacy is Important to Us Canada s national privacy legislation, the Personal Information Protection and Electronic
More informationPersonal Information Protection Act Breach Reporting Guide
Personal Information Protection Act Breach Reporting Guide If an organization determines that a real risk of significant harm exists to an individual as a result of a breach of personal information, section
More informationVOLLEYBALL BC Privacy Policy
VOLLEYBALL BC Privacy Policy Article 1 General 1.1 Background - Privacy of personal information is governed by the Personal Information Protection Act ("PIPA"). This policy describes the way that Volleyball
More informationDATA PROTECTION POLICY. Little Baddow Parochial Church Council
DATA PROTECTION POLICY Little Baddow Parochial Church Council INTRODUCTION: The Data Protection Act 1998 ( the Act ) seeks to protect individuals against the unfair use of personal information. There are
More informationINTERNATIONAL SOS. Data Protection Policy. Version 1.8
INTERNATIONAL SOS Data Protection Policy Document Owner: LCIS Division Document Manager: Group General Counsel Effective: December 2008 2017 All copyright in these materials are reserved to AEA International
More informationUniversity of Wollongong
University of Wollongong Privacy Policy September 2004 Table of Contents 1. Detailed Privacy Policy...1 1.1 Definitions...1 1.2 Legislation...1 1.3 Our Commitment to Privacy...1 2.1 Collection of Personal
More informationING Privacy Policy. Issued June 2017
ING Privacy Policy Issued June 2017 1. Privacy Policy This Privacy Policy applies to ING Bank (Australia) Limited (ABN 24 000 893 292) and ING Bank N.V. Sydney Branch. The terms "we", "us" or "our" used
More informationResponding to Privacy Breaches
Key Steps in Responding to Privacy Breaches The purpose of this document is to provide guidance to private sector organizations, health custodians and public sector bodies on how to manage a privacy breach.
More informationALBERTA INFORMATION AND PRIVACY COMMISSIONER. Report of an Investigation into Disclosure of Customer Information without Consent.
ALBERTA INFORMATION AND PRIVACY COMMISSIONER Report of an Investigation into Disclosure of Customer Information without Consent October 15, 2004 Melrose Rural Electrification Association, ATCO Electric
More informationMay 2, 2018 Page 1 of 8
ALBERTA BLUE CROSS ONLINE SERVICES BILLING AGREEMENT Terms of Use ABC Benefits Corporation ( Alberta Blue Cross ) makes the Alberta Blue Cross Provider Online Services Web Site available solely for the
More informationNATIONAL RECOVERY AGENCY COMPLIANCE INFORMATION GRAMM-LEACH-BLILEY SAFEGUARD RULE
NATIONAL RECOVERY AGENCY COMPLIANCE INFORMATION GRAMM-LEACH-BLILEY SAFEGUARD RULE As many of you know, Gramm-Leach-Bliley requires "financial institutions" to establish and implement a Safeguard Rule Compliance
More informationCODE OF ETHICS AND BUSINESS CONDUCT
CODE OF ETHICS AND BUSINESS CONDUCT BW OFFSHORE PURPOSE The purpose of this code is to express BW Offshore s statement of its commitment and principles in connection with issues of ethical nature that
More informationOur Commitment to You Privacy Statement
Our Commitment to You Privacy Statement Table of contents Introduction... 1 We Respect Your Privacy... 1 How We Share Information with Companies Affiliated With Us... 1 Sharing Information With Other Third
More informationMANITOBA OMBUDSMAN PRACTICE NOTE
MANITOBA OMBUDSMAN PRACTICE NOTE Practice notes are prepared by Manitoba Ombudsman to assist persons using the legislation. They are intended as advice only and are not a substitute for the legislation.
More informationAAD Policy Manual An overview of the Policies, Strategies and Core Operational Guidelines that AAD uses in its Day-to-Day operations.
AAD Policy Manual 2015-16 2018-19 An overview of the Policies, Strategies and Core Operational Guidelines that AAD uses in its Day-to-Day operations. -Table of Contents- AAD General Policy Pages 3-8 AAD
More informationHIPAA PRIVACY AND SECURITY AWARENESS
HIPAA PRIVACY AND SECURITY AWARENESS Introduction The Health Insurance Portability and Accountability Act (known as HIPAA) was enacted by Congress in 1996. HIPAA serves three main purposes: To protect
More informationItem 5 - Policy Approval: Privacy Policy - Board of Directors GCHRCC Public Meeting - December 7, 2017 Report:GCHRCC: Attachment 1
Privacy Policy Policy Statement Toronto Community Housing Corporation ( TCHC ) is committed to protecting Personal Information consistent with the principles outlined in the Municipal Freedom of Information
More informationThe Controller and Processor Data Protection Binding Corporate Rules of BMC Software
The Controller and Processor Data Protection Binding Corporate Rules of BMC Software 4 August 2015 Table of Contents Introduction 2 PART I: BACKGROUND AND ACTIONS 3 PART II: BMC AS A CONTROLLER 5 PART
More informationPAI Secure Program Guide
PAI Secure Program Guide A complete guide to understanding the Payment Card Industry Data Security Requirements (PCI DSS) and utilizing the PAI Secure Program Welcome to PAI Secure, a unique 4-step PCI-DSS
More informationCLIMATE CHANGE AND EMISSIONS MANAGEMENT FUND ADMINISTRATION REGULATION
Province of Alberta CLIMATE CHANGE AND EMISSIONS MANAGEMENT ACT CLIMATE CHANGE AND EMISSIONS MANAGEMENT FUND ADMINISTRATION REGULATION Alberta Regulation 120/2009 With amendments up to and including Alberta
More informationPRIVACY POLICY OF BPO INSOLVENCY LIMITED (COMPANY REGISTRATION NO ) REGISTERED OFFICE 37 WALTER ROAD SWANSEA SA1 5NW
PRIVACY POLICY OF BPO INSOLVENCY LIMITED (COMPANY REGISTRATION NO. 09830297) REGISTERED OFFICE 37 WALTER ROAD SWANSEA SA1 5NW 1. This Policy We take privacy seriously and we are committed to protecting
More informationProvince of Alberta ALBERTA HOUSING ACT. Revised Statutes of Alberta 2000 Chapter A-25. Current as of July 1, Office Consolidation
Province of Alberta ALBERTA HOUSING ACT Revised Statutes of Alberta 2000 Current as of July 1, 2015 Office Consolidation Published by Alberta Queen s Printer Alberta Queen s Printer Suite 700, Park Plaza
More informationIV:07:11 IDENTITY THEFT PREVENTION POLICY SECTION 1: BACKGROUND
IV:07:11 IDENTITY THEFT PREVENTION POLICY SECTION 1: BACKGROUND The risk to Volunteer State Community College ( College ) its faculty, staff, students and other applicable constituents from data loss and
More informationNicholas Kakalis of Finance Unlimited is licensed under the National Consumer Credit Protection Act The details of our licence are as follows:
CREDIT GUIDE ABOUT US Nicholas Kakalis of Finance Unlimited is licensed under the National Consumer Credit Protection Act 2009. The details of our licence are as follows: Business Name Finance Unlimited
More informationBanks Sheridan Limited Data Protection Privacy Policy 19 May 2018
Banks Sheridan Limited Data Protection Privacy Policy 19 May 2018 1. Introduction This Policy sets out the obligations of Banks Sheridan Limited ( the Company ) regarding data protection and the rights
More informationPrivacy Policy. Amendment History. Trustee Name
Trustee Name Policy Name Number of Pages (ABN: 74 065 680 195, RSE: L0003155), trustee of the Manildra Flour Mills Retirement Fund (ABN: 32 448 411 930, RSE R1067415) 6 (plus this covering page and a contents
More information1. This is the Canada Country Addendum to the UOB Business Internet Banking Service Agreement.
UOB BUSINESS INTERNET BANKING SERVICE AGREEMENT COUNTRY ADDENDUM (CANADA) 1. This is the Canada Country Addendum to the UOB Business Internet Banking Service Agreement. 2. Where any Services are provided
More informationAMIST Super. Privacy Policy
AMIST Super Privacy Policy Our privacy commitment to you AMIST Super is committed to respecting your right to privacy and protecting your personal information. We are bound by the provisions of the Privacy
More informationRICHMOND MINOR HOCKEY ASSOCIATION
RICHMOND MINOR HOCKEY ASSOCIATION OPERATING POLICIES The following is an extract from the RMHA Operating Policies, pertaining to privacy. PURPOSE OF THIS POLICY RMHA PRIVACY POLICY This Policy describes
More informationBINDING CORPORATE RULES
BINDING CORPORATE RULES CONTROLLER PRINCIPLES INTRODUCTION At Marsh & McLennan Companies (MMC), we respect and are committed to protecting the privacy, security and integrity of Personal Information 1
More informationAGREEMENT GOVERNING THE USE OF THE MASTERCARD CREDIT CARD ISSUED BY NATIONAL BANK OF CANADA
AGREEMENT GOVERNING THE USE OF THE MASTERCARD CREDIT CARD ISSUED BY NATIONAL BANK OF CANADA The Account and MasterCard Credit Card which we agree to make available to you are governed by the terms and
More informationData Processing Addendum
Data Processing Addendum This Data Processing Addendum ( DPA ) forms part of the Agreement(s) and is entered by and between the Customer and the Service Provider on the Effective Date. For the avoidance
More informationData Processing Addendum (Revision May 2018)
Data Processing Addendum (Revision May 2018) Agreement entered into by and between Customer, as identified in Tucows Master Services Agreement Controller or Joint Controller or Customer and Tucows.com
More informationPayment Card Industry (PCI) Data Security Standard Validation Requirements
Payment Card Industry (PCI) Data Security Standard Validation Requirements For Qualified Security Assessors (QSA) Version 1.2 October 2008 Document Changes Date Version Description October 2008 1.2 To
More informationOur Client Agreement and Statement of Services and Remuneration for Trustees
The Independent Life & Pensions Group Ltd 3 Adelaide House, Corbygate Business Park, Priors Haw Road, Corby, Northants, NN17 5JG Tel: 01536 443200 Email: hello@ilpg.co.uk Web: www.ilpg.co.uk Our Client
More informationEQUAL ACCESS FUNDING PTY LTD PRIVACY POLICY
1. INTRODUCTION EQUAL ACCESS FUNDING PTY LTD PRIVACY POLICY This Policy applies to Equal Access Funding Pty Ltd ABN 23 156 554 255 (referred to as EAF, we, our, us ) and covers all of its operations and
More informationAll Sorts UK Limited Data Protection Policy 17 th May 2018
All Sorts UK Limited Data Protection Policy 17 th May 2018 1. Introduction This Policy sets out the obligations of All Sorts UK Limited, a company registered in England under number 03534972, whose registered
More informationIF YOU DO NOT AGREE TO ALL OF THESE TERMS, YOU SHOULD NOT USE BACKGROUND RESEARCH SOLUTIONS, LLC.
This Screening Policy ("Policy") governs all background screening services ("Screening Services") provided by Background Research Solutions, LLC ("we", "us", "our", BRS ). You ("you", your") must agree
More informationClient Statement of Disclosure
Client Statement of Disclosure Updated as March 28, 2018 Sinclair-Cockburn Financial Services Inc. and our Relationship with You Sinclair-Cockburn Financial Services Inc. (hereinafter called SCFS) is both
More informationIdentity Fraud Endorsement
220 Commercial Street P.O. Box 10 Berwick, NS B0P 1E0 www.kingsmutual.ns.ca TF: 1.800.565.7220 EO-0870-0612 Identity Fraud Endorsement Insuring Agreement If the Declaration Page shows that the Identity
More informationRecognition Criteria for other ancillary health care providers
Recognition Criteria for other ancillary health care providers Introduction Medibank Private Limited offers private health insurance products under two brands, Medibank and ahm health insurance. The Fund
More informationConnective Credit Services Pty Ltd ABN Address. Level 20, 567 Collins Street, Melbourne VIC 3000 Telephone
CREDIT GUIDE About Us Connective Credit Services Pty Ltd is licensed under the National Consumer Credit Protection Act 2009. The details of our licence are as follows: Business Name Connective Credit Services
More informationReport P September 27, Town of La Scie
eport P-2012-001 September 27, 2012 Town of La Scie Summary: On January 19, 2012 the Office of the Information and Privacy Commissioner received a Privacy Complaint under the Access to Information and
More informationSTEADFAST UNDERWRITING AGENCIES PRIVACY POLICY
STEADFAST UNDERWRITING AGENCIES PRIVACY POLICY In this privacy policy, 'we', 'us' and 'our' means a company within the Steadfast Underwriting Agency division of Steadfast Group Limited, including the following:
More informationOMNIBUS COMPLIANT BUSINESS ASSOCIATE AGREEMENT RECITALS
OMNIBUS COMPLIANT BUSINESS ASSOCIATE AGREEMENT Effective Date: September 23, 2013 RECITALS WHEREAS a relationship exists between the Covered Entity and the Business Associate that performs certain functions
More informationCUSTOMER DISCLOSURE AND AGREEMENT TO RECEIVE ELECTRONIC COMMUNICATIONS
On-line Banking Agreement This Agreement describes your rights and obligations as a user of the On-line Banking Service ("Service"). It also describes the rights and obligations of PennCrest BANK. Please
More informationBest Practice: Responding to a Privacy Breach
Best Practice: Responding to a Privacy Breach Introduction The Access to Information and Protection of Privacy Act (ATIPP Act or Act) has a dual purpose: to make public bodies more accountable to the public
More informationPrivacy & Data Protection Procedure-Box Hill Institute Group
Privacy & Data Protection Procedure-Box Hill Institute Group Related Policy Procedure: Privacy & Data Protection Policy BHI Group Responsibility 1. In all Box Hill Institute Group (BHI Group) practices
More informationPrivacy Policy. NESS Super is committed to respecting your right to privacy and protecting your personal information.
February 2018 Privacy Policy Our privacy commitment to you NESS Super is committed to respecting your right to privacy and protecting your personal information. We are bound by the provisions of the Privacy
More information* Unless otherwise indicated, this policy will still apply beyond the review date.
Name of Policy Description of Policy Privacy Policy This policy sets out how ACU manages privacy obligations and reflects the 13 Australian Privacy Principles (APPs) from Schedule 1 of the Privacy Amendment
More informationFINANCIAL ADMINISTRATION ACT
Province of Alberta FINANCIAL ADMINISTRATION ACT Revised Statutes of Alberta 2000 Current as of June 30, 2016 Office Consolidation Published by Alberta Queen s Printer Alberta Queen s Printer Suite 700,
More informationEnergyAustralia Market Retail Contract. Terms and Conditions
EnergyAustralia Market Retail Contract Terms and Conditions Published February 2016 2 CONTENTS PART 1: Market Retail Contract Terms and Conditions 4 Preamble 4 1. The parties 4 2. Definitions and interpretation
More informationBill Pay User Terms and Agreements
Bill Pay User Terms and Agreements First Community Bank hereby publishes the following terms and conditions for User's use of bill payment services via telephone, personal computer or any other device
More informationPNB Remittance Company (Canada)
PNB Remittance Company (Canada) Terms of Service 1. ACCEPTANCE OF TERMS OF SERVICE - PNB RCC WEB REMIT (WRS) These PNB Remittance Company (Canada) (PNBRCC) Web Remit Terms of Service (this "Agreement")
More information