Privacy Law Template. Prepared for The Alberta First Nations Information Governance Centre. By Krista Yao

Similar documents
The Freedom of Information and Protection of Privacy Act

The Local Authority Freedom of Information and Protection of Privacy Act

MANITOBA FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY RESOURCE MANUAL

The Health Information Protection Act

The Youth Drug Detoxification and Stabilization Act

HEALTH INFORMATION ACT

THE PRIVACY ACT OF 1974 (As Amended) Public Law , as codified at 5 U.S.C. 552a

ACCESS TO MOTOR VEHICLE INFORMATION REGULATION

BILL NO. 42. Health Information Act

3RD SESSION, 41ST LEGISLATURE, ONTARIO 67 ELIZABETH II, Bill 14. An Act with respect to the custody, use and disclosure of personal information

Frequently Asked Questions for Municipalities LOCAL GOVERNMENT BODIES RECORDS

All Personal Information and data obtained through the use of the City s surveillance cameras will be property of the City of Camrose.

CITY OF VANCOUVER BRITISH COLUMBIA

ACCESSING GOVERNMENT INFORMATION IN. British Columbia

NEWFOUNDLAND AND LABRADOR OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER

FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT

WHEREAS, this Resolution also sets forth the process for the denial of a request for public records;

2017 REVIEW OF THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT (FIPPA) COMMENTS FROM MANITOBA OMBUDSMAN

FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY BYLAW

COLLEGE OF OPTOMETRISTS OF BRITISH COLUMBIA. Bylaws

A Guide to Ontario Legislation Covering the Release of Students

PERSONAL INFORMATION PROTECTION ACT

Condominium Management Regulatory Authority of Ontario Access and Privacy Policy

The Child and Family Services Act

ASSOCIATION OF PROFESSIONAL ENGINEERS AND GEOSCIENTISTS OF BRITISH COLUMBIA,

Singapore: Mutual Assistance In Criminal Matters Act

Definitions The following terms have these meanings in this Policy: a. Act Personal Information Protection and Electronic Documents Act;

ACCESS AND PRIVACY POLICY

BYLAWS OF THE COLLEGE OF DIETITIANS OF BRITISH COLUMBIA [includes amendments up to May 7, 2016] TABLE OF CONTENTS

2.16 Freedom of Information and Protection of Privacy Act

COLLEGE OF VETERINARIANS OF BRITISH COLUMBIA

c t MENTAL HEALTH ACT

The Local Authority Freedom of Information and Protection of Privacy Regulations

TERMS OF REFERENCE INSURANCE & FINANCIAL SERVICES OMBUDSMAN SCHEME INCORPORATED

Privacy Act of 1974: A Basic Overview. Purpose of the Act. Congress goals. ASAP Conference: Arlington, VA Monday, July 27, 2015, 9:30-10:45am

U.S. Victims of State Sponsored Terrorism Fund Application Form OMB No Expires 1/31/2017

Code of Procedure for Matters under the Personal Health

Privacy and Access in British Columbia

INDEX. A Access and correction requests, see also Access to and correction of personal information. .. Part 8 of the Act, 110

THE RETIREMENT BOARD OF THE FIREMEN S ANNUITY AND BENEFIT FUND OF CHICAGO

ALBERTA OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER ORDER F February 9, 2018 ALBERTA JUSTICE AND SOLICITOR GENERAL

Access to Personal Information Procedure

INDEX. A Access and correction requests, see also Access to and correction of personal information. .. Part 8 of the Act, 115

Subject Index SUBJECT INDEX. FOIP Guidelines and Practices (2009) Page 473

THE CRIMINAL INJURIES COMPENSATION BILL, Arrangement of Clauses PART I PRELIMINARY PART II

THE RIGHT OF ACCESS TO INFORMATION: SOME RAMIFICATIONS FOR THE HEALTH SECTOR

SAMOA INTERNATIONAL MUTUAL FUNDS ACT 2008

International Mutual Funds Act 2008

2014 Bill 12. Second Session, 28th Legislature, 63 Elizabeth II THE LEGISLATIVE ASSEMBLY OF ALBERTA BILL 12 STATUTES AMENDMENT ACT, 2014

DRAFT. OCE Funding Agreement

THE CRIMINAL INJURIES COMPENSATION ACT, Arrangement of Sections PART I PRELIMINARY PART II

18 U.S.C discretionary restitution. (a) (1)

NOVA SCOTIA FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT

RESOLUTION OF THE NAVAJO NATION COUNCIL

FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY POLICY

Freedom of Information Act (FOIA) Procedures and Guidelines

FINANCIAL ASSISTANCE ACT 2001 BERMUDA 2001 : 24 FINANCIAL ASSISTANCE ACT 2001

EMERGENCY HEALTH SERVICES ACT

Guide for Municipalities

GeneralTerms. andconditions

Published in terms of Section 51of the Promotion of Access to Information Act, 2 of 2000

PRACTICE REVIEW OF TEACHERS REGULATION

Telekom Austria Group Standard Data Processing Agreement

TRUSTS (REGULATION OF TRUST BUSINESS) ACT 2001 BERMUDA 2001 : 22 TRUSTS (REGULATION OF TRUST BUSINESS) ACT 2001

NC General Statutes - Chapter 36F 1

The words used in this policy shall have their normal accepted meanings except as set forth below. The Board of Education of Carroll County s Ethics

Review of reporting on prospective financial information engagement questionnaire

- 79th Session (2017) Assembly Bill No. 474 Committee on Health and Human Services

THE NEVIS INTERNATIONAL MUTUAL FUNDS ORDINANCE, 2004 ARRANGEMENT OF SECTIONS. Preliminary. PART I Administration. PART II Public Funds

BERMUDA FINANCIAL ASSISTANCE ACT : 24

Chapter 36 Mediation and Arbitration 2013 EDITION Declaration of purpose of ORS to

THE FREEDOM OF INFORMATION ACT, Arrangement of Sections PART I PRELIMINARY

Attorney s BriefCase Beyond the Basics Depositions in Family Law Matters

SAMPLE FORMS - CONTRACTS DATA REQUEST AND RELEASE PROCESS NON-DISCLOSURE AGREEMENT, Form (See Attached Form)

PUBLIC INTEREST DISCLOSURE (WHISTLEBLOWER PROTECTION) ACT

B I L L. No. 30 An Act to amend The Freedom of Information and Protection of Privacy Act

CHAPTER 33 ADMINISTRATION OF TRUSTS ARTICLE 1 TESTAMENTARY TRUSTS

A Basic Overview of The Privacy Act of 1974

A BILL. i n t i t u l e d. An Act to amend the Labuan Offshore Trusts Act 1996.

FREEDOM OF INFORMATION ACT PROCEDURES AND GUIDELINES

Health Information Privacy Code 1994

Exercising Discretion under section 38(b) of the Municipal Freedom of Information and Protection of Privacy Act. A Best Practice for Police Services

PROTECTION FOR PERSONS IN CARE ACT

Legal Aid Ontario. Privacy policy

INTERSTATE COMPACT FOR THE SUPERVISION OF ADULT OFFENDERS PREAMBLE

The Health Information Protection Regulations

Patient Any person who consults or is seen by a physician to receive medical care

ACCESS TO INFORMATION MANUAL (PRIVATE BODY)

PERSONAL INFORMATION PROTECTION ACT REVIEW QUESTIONNAIRE

The Saskatchewan Gazette

City of Midland. Freedom of Information Act. (P.A. 442 of 1976, as amended) Administrative Policy

ADULT PROTECTION ACT

BYLAWS. [or AMENDED BYLAWS] ****EAA CHAPTER ABC****

JAMS International Arbitration Rules & Procedures

1 SB By Senators Orr and Holley. 4 RFD: Governmental Affairs. 5 First Read: 13-FEB-18. Page 0

FREEDOM OF INFORMATION ACT POLICIES AND PROCEDURES

1 HB By Representative Williams (P) 4 RFD: Technology and Research. 5 First Read: 13-FEB-18. Page 0

CHILD CARE CENTER Regulations GENERAL LICENSING REQUIREMENTS (Cont.) Article 4. ENFORCEMENT PROVISIONS

Effective January 1, 2016

JOINT RULES of the Florida Legislature

Transcription:

Privacy Law Template Prepared for The Alberta First Nations Information Governance Centre By Krista Yao

Edited by: Amelia Crowshoe, BCC Design by: Michal Waissmann - mw creative

Purpose 1. The purpose of this Law is to establish a framework for the collection, use, disclosure, and retention of personal information within the control of the First Nation, in accordance with international standards of personal privacy protection. Application 2. This law applies to the First Nation, including all institutions and departments listed in Schedule A. Definitions 3. The following definitions shall apply for the purpose of this Law: Chief and Council means the duly selected leadership of the First Nation. Department applies to all departments of the First Nation, and all institutions, organizations, and bodies that are listed in Schedule A. First Nation means the <First Nation Name> First Nation First Nation law includes any code, law, by-law, or regulations enacted by the First Nation. Manager means the Manager or Director of a Department. AFNIGC Privacy Law Template 1

PART 1 Collection of Personal Information Purpose for collecting personal information 4. No personal information may be collected by or for a Department unless a. the collection of the information is authorized by an applicable law; b. the information is collected for the purposes of law enforcement; c. the information relates directly to and is necessary for i. an existing program or service of the First Nation, or ii. a proposed program or service of the First Nation, where collection of the information has been authorized by a Band Council Resolution (BCR). Direct collection of information from individual 5. (1) A Department must, where reasonably possible, collect personal information directly from the individual the information relates to unless a. another method of collection is authorized by that individual or by an applicable law; b. the information is collected for the purpose of law enforcement; c. the information is collected for the purpose of collecting a fine or a debt owed to the First Nation; d. the information is collected for the purpose of providing legal services to the First Nation; e. the information i. is necessary in order to determine or verify the eligibility of an individual to participate in a program, service or benefit delivered by the First Nation or its designate; AFNIGC Privacy Law Template 2

ii. the information is collected for the purpose of child protection; iii. the information is collected for the purpose of administering or managing Department personnel; f. The information is collected in a health or safety emergency where: i. the individual is not able to provide the information directly, or ii. direct collection could reasonably be expected to endanger the mental or physical health or safety of any person. Notice to individual (2) A public body that collects personal information directly from the individual shall inform the individual of Exception a. the purpose for which the information is collected, b. the specific legal authority for the collection, and c. the title, and contact information for an employee of the First Nation who can answer questions about the collection of personal information. (3) Subsections (1) and (2) do not apply if, in the opinion of the Manager, compliance with them might result in the collection of inaccurate information or defeat the purpose or prejudice the use for which the information is being collected. Protection of personal information 6. Departments shall protect personal information by making reasonable security policies, procedures, and arrangements against such risks as unauthorized access, collection, use, disclosure, or disposal. AFNIGC Privacy Law Template 3

PART 2 Right of Access to Personal Information 7. (1) Subject to this Law, every member of the First Nation may request and be given access to any personal information about the individual held by a Department. Right of correction (2) An individual who is given access under subsection (1) to personal information that has been used, is being used, or is available for use for an administrative purpose is entitled to a. request correction of the personal information where the individual believes there is an error or omission therein; b. require that a notation be attached to the information reflecting any correction requested but not made; and c. require that any person or body to whom that information has been disclosed for use for an administrative purpose, within one year preceding the request, be notified of the correction or notation. (3) Within 30 days after the request is received under subsection (2), the Manager of the Department that receives the request shall give written notice to the individual that a. the correction has been made; or b. a note of the requested correction has been made under subsection (2)(b). (4) Notwithstanding subsection (2), a Manager shall not correct an opinion, including a professional or expert opinion. AFNIGC Privacy Law Template 4

Request for Access 8. A request for access under subsection 7(1) must be made, in writing, to the Department that has control of the individual s information, and must contain sufficient specific information on the type of information requested so that it is reasonably possible to identify and retrieve the information within the Department. 9. (1) Where an individual is given access in accordance with this Part, the Department shall Fee a. permit the individual to examine the information, in accordance with procedures for that Department; or b. provide the individual with a copy thereof. (2) The individual may be required to pay reasonable costs of photocopying in the event of access under subsection 9(1)(b). 10. A Department may set a fee, not to exceed twenty-five dollars, for each individual request for access under this Law. Mandatory Denial of Access 11. The Manager of a Department must refuse to disclose any personal information Council deliberations a. that would reveal the substance of in camera (non-public) deliberations of Chief and Council, or any of its committees, including any advice, recommendations, analyses, or draft laws, resolutions, or policies submitted to or prepared for Chief and Council or any of its committees. Third party rights b. where the disclosure would be an unreasonable invasion of a third party s personal privacy. Privileged information c. that is subject to any type of privilege available at law, including solicitor-client privilege prohibited by other Act Other Acts d. where the disclosure is prohibited by any other applicable Law of Canada or Alberta, or by court order. AFNIGC Privacy Law Template 5

Discretionary Denial of Access 12. The Manager of a Department may refuse to disclose any personal information a. where the disclosure could reasonably be expected to be injurious to the investigation or enforcement under any applicable law of the First Nation, Canada, or Alberta; b. where the disclosure could reasonably be expected to endanger the mental or physical health or safety of another person; c. where the disclosure could reasonably be expected to result in a risk of serious harm to the treatment or recovery of the individual, or a risk of serious harm to the individual s physical or mental health or safety; d. where the disclosure could reasonably be expected to lead to the identification of a person who provided information in the record to the custodian explicitly or implicitly in confidence; e. where the information is evaluative or opinion material compiled solely for the purpose of determining the individual s suitability, eligibility or qualifications for employment or for the awarding of contracts by the First Nation or other benefits, when the information has been provided to the Department, explicitly or implicitly, in confidence. AFNIGC Privacy Law Template 6

PART 3 Use of Personal Information Use of personal information 13. A Department may use personal information only a. for the purpose for which the information was collected or compiled, or for a use consistent with that purpose; b. if the individual the information is about has identified the information and consented to the use; or c. for a purpose for which that information may be disclosed to the Department under sections 16 or 17. 14. Where a Department uses an individual s personal information to make a decision that directly affects the individual, the public body must a. make every reasonable effort to ensure that the information is accurate and complete; and b. retain the information for at least one year after using it so that the individual has a reasonable opportunity of obtaining access to it. AFNIGC Privacy Law Template 7

PART 4 Disclosure of Personal Information 15. The First Nation may disclose personal information only in accordance with this Part. When personal information may be disclosed 16. (1) A Department may disclose personal information a. for the purpose for which the information was collected or compiled or for a use consistent with that purpose; b. where the individual the information relates to has identified the information and consented to its disclosure; c. for the purpose of enforcing a legal right that the First Nation has against any person; d. for the purpose of i. collecting a fine or debt owed by an individual to the First Nation, or ii. making a payment owed to an individual by the First Nation; e. to a public body or a law enforcement agency for law enforcement purposes; f. for the purpose of managing or administering personnel of the First Nation; g. to an officer or employee of the Department or to a member of Chief and Council, if the information is necessary for the performance of the duties of the officer or employee or member; h. for use in the provision of legal services to the First Nation; i. for the purpose of determining or verifying an individual s suitability or eligibility for a program or benefit; AFNIGC Privacy Law Template 8

j. for the purpose of complying with a subpoena or warrant issued or an order made by a court, person or body, that has the authority to compel the production of information or with a rule of court that relates to the production of information; k. for the purpose of complying with a law of the First Nation, or any other applicable jurisdiction; l. when it is considered reasonably necessary to protect the mental or physical health or safety of any individual; m. deceased individual may be contacted; n. for any purpose when, in the opinion of the Manager of the Department, i. the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or ii. disclosure would clearly benefit the individual to whom the information relates; o. where the information is otherwise available to the public; p. to a department or law enforcement agency of Canada, in accordance with any applicable law or agreement between Canada and the First Nation; or [Comment: This permits the FN to provide individuallevel reporting to FNIHB/INAC, as they require under the contribution agreements for things such as medical transport and special education.] q. for any purpose in accordance with any law that authorizes or requires the disclosure. (2) A Department may disclose personal information under subsection (1) only to the extent necessary to enable it to carry out its purpose in a reasonable manner. AFNIGC Privacy Law Template 9

Disclosure for research 17. (1) A Department may only disclose personal information for a research purpose, including statistical research, where a. the research purpose cannot reasonably be accomplished unless that information is provided in individually identifiable form; b. any record linkage resulting from the disclosure is not harmful to the individuals the information is about and the benefits to be derived from the record linkage are clearly in the public interest; c. the Manager of the Department has approved conditions relating to the following: i. security and confidentiality, ii. the removal or destruction of individual identifiers at the earliest reasonable time, iii. the prohibition of any subsequent use or disclosure of that information in individually identifiable form without the express authorization of that that Department; d. the person to whom the information is disclosed has signed an agreement to comply with the approved conditions, this Act and any regulations, policies, and procedures relating to the confidentiality of personal information. Community Information (2) Notwithstanding subsection (1), where a research project involves research which identifies or may identify the First Nation, then the research project must be in compliance with any law(s) regarding access to First Nation information, or receive prior written approval from Chief and Council. AFNIGC Privacy Law Template 10

PART 5 General Manner of giving notice 18. (1) Where this Act requires notice to be given to a person, it is to be given a. by sending it to that person by prepaid mail to the last known address of that person; b. by personal service; or c. by other service, including email or other electronic means, if authorized by the person. Where notice given by mail (2) Where notice is given by prepaid mail under paragraph (1) (a), the notice is deemed to have been given on the fifth business day after the day on which it is mailed. Exercise of rights by other persons 19. Any right or power conferred on an individual by this Act may be exercised a. where the individual is deceased, by the individual s personal representative if the exercise of the right or power relates to the administration of the individual s estate; b. where a guardian or trustee has been appointed for the individual, by the guardian or trustee if the exercise of the right or power relates to the powers and duties of the guardian or trustee; c. where a power of attorney has been granted by the individual, by the attorney if the exercise of the right or power relates to the powers and duties of the attorney conferred by the power of attorney; AFNIGC Privacy Law Template 11

d. where the individual is a minor, by a person who has lawful custody of the minor in circumstances where, in the opinion of the Manager of the Department concerned, the exercise of the right or power by that person would not constitute an unreasonable invasion of the privacy of the minor; or e. by any person with written authorization from the individual to act on the individual s behalf. No action when acting in good faith 20. No employee of a Department will be disciplined or sanctioned for Enforcement a. the giving or withholding, in good faith, of any information under this Law or any consequences that flow from the giving or withholding of that information; or b. the failure to give any notice required under this Act where reasonable care is taken to give the required notice. 21. (1) The Manager of each Department is responsible for implementing this Law. (2) Non-compliance with the requirements of this Law may result in discipline, according to the First Nation Personnel Policy. (3) Any member of the First Nation may register a complaint, in writing, with Chief and Council, regarding their rights under this Law, including: a. where an individual has been denied access to their personal information, in accordance with this Law, b. where an individual has been informed by a Manager that requested corrections have not been made to his or her personal information, c. where a Manager has not responded to a request within the specified time, d. where an individual believes his or her personal information is not being maintained in accordance with this Law. [There is no punitive enforcement mechanism in this law, except for employee discipline. There is also no administrative structure for a lead privacy officer with supervisory authority, etc. These are all possibilities, and can be considered.] AFNIGC Privacy Law Template 12

Schedule A Include all departments and fully owned corporations. For example: Department of Community and Social Services Department of Human Resources Department of Health Department of Housing Fire Services Board of Education First Nation administration Chief and Council First Nation Economic Development Corporation AFNIGC Privacy Law Template 13

afnigc.ca AFNIGC Privacy Law Template

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback