Freedom of Information and Protection of Privacy
Seneca complies with the requirements of the Freedom of Information and Protection of Privacy Act (FIPPA), and affirms the importance of conducting its operations in a transparent manner and, as far as possible, in ways that are open to public scrutiny.
In summary, FIPPA has two purposes.
- Access: to provide the public with a right of access to information in the custody or under the control of institutions.
- Privacy: to protect the privacy of individuals' personal information held by institutions and to provide a right of access by individuals to their own personal information.
The "information" refers to records within Seneca's custody or control and can include records in all formats and media – records containing personal information relating to individual faculty, staff and students, as well as records relating to Seneca's business operations and administration of academic programs, services and areas. Seneca records may be the subject of an access to information request under FIPPA, and may be required to be disclosed to requesters pursuant to specific exemptions and exclusions in FIPPA.
"Record" means any record of information however recorded, whether in printed form, on film, by electronic means or otherwise, and includes:
- correspondence, a memorandum, a book, a plan, a map, a drawing, a diagram, a pictorial or graphic work, a photograph, a film, a microfilm, a sound recording, a videotape, a machine readable record, any other documentary material, regardless of physical form or characteristics, and any copy thereof
- any record that is capable of being produced from a machine readable record under the control of Seneca by means of computer hardware and software or any other information storage equipment and technical expertise normally used by the institution, or to which the institution can reasonably gain access
- e-mail records, including additional/forwarded copies.
"Personal information" is information about an identifiable individual. It includes but is not limited to the following:
- race, national or ethnic origin, colour, religion, age, sex, sexual orientation, or marital or family status of the individual
- information relating to employment or educational history
- information relating to the medical, psychiatric, psychological history, prognosis, condition, treatment or evaluation
- any identifying number (e.g. S.I.N., student number), symbol or other particular assigned to the individual
- home address and/or telephone number
- personal opinions of, or about, an individual
- the individual's name where it appears with or reveals other personal information
- correspondence sent to Seneca by the individual that is implicitly or explicitly of a private or confidential nature, and replies to that correspondence that would reveal the contents of the original correspondence
However, information about individuals acting in their business or professional capacity such as name and title, work address (including office location), work telephone number, Seneca e-mail address, etc. is NOT personal information.
Some records are exempted from disclosure and must not (mandatory) or may not (discretionary, as determined by the Freedom of Information & Privacy Protection Officer or as ordered by the Privacy Commission) be released under FIPPA. If a record contains information that is exempted from disclosure, but that can reasonably be severed, the right of access applies to the remainder of the record.
Seneca may refuse to grant access to a record in the following circumstances:
- if granting access could prejudice the conduct of relations between Seneca and federal or provincial governmental authorities or other agencies providing funding to Seneca. This includes records that would reveal information received in confidence from federal, provincial or foreign governmental authorities, or records that would reveal information received in confidence from other colleges, universities and similar institutions and from organizations formed for the purpose of representing the interests of such organizations or various constituencies within them.
- if granting access could prejudice Seneca's economic interests (financial, commercial, scientific, or technical information) if the records belong to Seneca and have monetary or potential monetary value, or where disclosure could prejudice Seneca's competitive position.
- if granting access could undermine the effectiveness or fairness of an auditing procedure or of an examination, testing procedure or other means of evaluation of student learning.
- if granting access could prejudice Seneca's legal position if the records are subject to solicitor-client privilege or records prepared by counsel for use in giving legal advice or in contemplation for use in litigation.
Collection, Use and Disclosure of Personal Information
No person shall collect personal information on behalf of an institution unless the collection is expressly authorized by statute, used for the purposes of law enforcement or necessary to the proper administration of a lawfully authorized activity. [FIPPA section 38(2)].
Seneca will only collect, use and disclose personal information with the informed consent of individuals, unless such information is required or authorized by law (e.g. specific sections of the Labour Relations Act, Occupational Health and Safety Act, Statistics Act, etc.). The reasonable expectations of the individual, as well as the sensitivity of the information, will be taken into account in determining whether Seneca will request express consent or rely on implied consent (e.g. a consistent purpose that may reasonably be expected by an individual).
Seneca has legal obligations of due diligence to ensure all employees and students have the right to work and study in a safe environment, including cooperating with requests from the police when they suspect that a person of interest may be associated with Seneca. FIPPA permits the disclosure of personal information to an institution or a law enforcement agency in Canada to aid an investigation undertaken with a view to a law enforcement proceeding or from which a law enforcement proceeding is likely to result (section 42 (g) of the Act). Any requests by police for information regarding students, faculty or staff are to be directed to the Freedom of Information & Privacy Protection Officer to determine what personal information can be released and maintain a record of the request.
FIPPA prescribes the use of students' personal information as necessary to accomplish Seneca's academic, pedagogical and operational activities. Personal information includes, but is not limited to, student numbers, education or health history, a students' own grades and professors' evaluative comments on a student's learning.
Normally, in determining whether an activity is "lawfully authorized", consideration should be given to Seneca's empowering statute. Currently, this is the Ontario Colleges of Applied Arts and Technology Act, 2002, which states in part: "The object of the colleges is to offer a comprehensive program of career-oriented, post-secondary education and training to assist individuals in finding and keeping employment to meet the needs of employers and the changing work environment and to support the economic and social development of their local and diverse communities."
This Policy is designed to provide for the efficient and effective management of Seneca's records. Staff are responsible for the orderly and efficient creation, use, maintenance, retention and disposal of records according to legal, fiscal and statutory requirements, and administrative or operational needs. While each department/School creates, receives, uses and maintains records that relate to the administration or operation of Seneca, these records are and remain the property of Seneca.
In some departments/Schools, staff with access to personal and/or business information in the custody or control of Seneca may be required to agree in writing to respect the confidentiality of the personal and/or business information to which they have access.
Staff of each department/School are required to prevent unauthorized access to records and to document and put in place specific security measures. Security measures to be considered include the following: computer use policies (e.g. password restrictions, shutting off computers while not in use, etc.); firewalls; physical security (e.g. locking cabinets and offices); and, administrative protocols (e.g. limiting staff access to certain files).
All staff are required to review and comply with this Policy. Failure to do so may be considered a serious employment matter and may give rise to legal liability for Seneca.
Freedom of Information and Protection of Privacy
The Privacy Office in Strategic Planning and Public Affairs is responsible for Seneca's compliance under FIPPA, exercising discretion in interpreting what is and is not to be released based on knowledge and understanding of FIPPA and reviewing of jurisprudence from decisions of the Privacy Commission.
Regulation of Personal Information – Overview
FIPPA regulates personal information in the custody or control of Seneca; specifically, it places restrictions on how Seneca collects, uses, and discloses personal information. Seneca collects and records personal information as is necessary for the proper administration of the institution and its academic and other programs, or as required by virtue of data collection or government reporting requirements. Seneca uses personal information for the purpose for which it was obtained or compiled, or for a consistent purpose, where the individual has identified that information and consented to its use. FIPPA also imposes rules on how long Seneca must keep personal information, how it is to be kept secure and the means of its disposal.
Circumstances that Warrant the Collection of Personal Information
FIPPA's requirements for the collection of personal information are as follows:
- Collect only the personal information that you need to perform your duties.
- Inform people about the collection and about what you intend to do with their personal information.
- Use personal information only for the purpose(s) for which it was collected, or for a consistent purpose.
- Disclose personal information only to the individual to whom it relates (except in limited circumstances as specified in FIPPA).
Seneca must provide notice of collection to the individual, and in some cases obtain consent.
Seneca can collect personal information (whether directly or indirectly) ONLY in one of the following three circumstances:
- where collection is expressly authorized by statute
- where the information is used for the purposes of law enforcement
- where the information is necessary for the proper administration of a lawfully authorized activity.
FIPPA deals with two types of collection:
- direct collection - from the affected person
- indirect collection – from a source other than the affected person
FIPPA imposes different rules depending on whether the information is collected directly from the individual or indirectly from another source. For direct collections, Seneca is required to notify affected individuals of the following:
- the legal authority for the collection
- the principal purpose(s) for which the information is intended to be used
- the title, business address and telephone number of the Seneca official who can answer questions about the collection.
FIPPA permits indirect collection of personal information only in limited circumstances, including the following:
- The individual or the Information and Privacy Commissioner authorizes another manner of collection
- The institution is entitled to receive it from another FIPPA institution (e.g. OCAS)
- The information is collected for the purpose of determining suitability for an honour or award to recognize outstanding achievement or distinguished service
- The information is collected for the purpose of law enforcement
- The information is collected for the purpose of the conduct of a proceeding or a possible proceeding before a court or tribunal
- Another manner of collection is authorized by or under a statute
- The information is in a report from a report agency in accordance with the Consumer Reporting Act
FIPPA allows individuals access to recorded information in the custody or control of Seneca. You should be aware of the following:
- The access right applies only to recorded information
- A person can request access to any Seneca record or to a Seneca record containing personal information about that person
- The information must be in the custody of or under the control of Seneca
- Not all information is subject to access requests – FIPPA contains a number of exemptions which will authorize (and in some cases require) Seneca to deny access to information
- Access requests must be in writing and must be accompanied by an application fee of $5.00 (per FIPPA) – access may also be subject to fee payment for specific services (e.g. searches, photocopying, etc.)
- Access requests must normally receive a response within thirty (30) days
Seneca is under strict time limits in relation to compliance with FIPPA: therefore staff, who receive access requests, must immediately forward the request(s) to the Privacy Office in Strategic Planning and Public Affairs. Failure to do so may have serious consequences for Seneca with respect to its compliance obligations under FIPPA. As well, Seneca must report statistics on requests annually to the Ontario Privacy Commissioner.
When can Seneca use Personal Information?
Seneca may only use personal information in its custody or control in limited circumstances. Normally the uses must be restricted to those for which the affected party has previously been given notice at the time of collection or for a "consistent purpose". FIPPA defines a "consistent purpose" as one the requestor might have reasonably expected. Personal information may only be used for other purposes if one of the following exceptions applies:
- the individual identifies the particular information and consents to its use
- for a purpose for which it may be disclosed under the disclosure provisions of the Act
When can Seneca disclose Personal Information?
Seneca can only disclose personal information in its custody or control under certain circumstances, including the following:
- where an access request is made and the Act permits granting of access
- where an individual has consented in writing to disclosure
- for the purpose for which it was collected or for a consistent purpose (i.e. one which the individual might have reasonably expected)
- where disclosure is necessary to aid in the investigation of allegations that individuals have made false statements or engaged in other misleading conduct (1) concerning attendance or performance or status within or completion of an academic program of Seneca or (2) with respect to an employment relationship
- where disclosure is made to a physician or other health professional, to provide information for the assessment of disability, medical leave or similar claims
- personal information collected and maintained specifically for the purpose of creating a record available to the general public
- under legislation expressly authorizing disclosure
- where disclosure is to an institution or law enforcement agency in Canada to aid in an investigation to the extent that disclosure is necessary to prosecute the violation or to continue the investigation
- in compelling circumstances affecting health or safety of an individual
- in compassionate circumstances to facilitate contact with the spouse, a close relative or friend of an employee or student who is injured, ill or deceased
- to the Union or to the Council as required for the purpose of administering the collective agreement
- to an MPP or to a bargaining agent who has been authorized by the individual to make inquiries on the individual's behalf
- to the federal government to facilitate the auditing of a shared cost program
- for a research purpose with a research agreement
Disclosure can be made to an employee of Seneca who needs the record in the performance of their duties and where disclosure is necessary and proper in the discharge of Seneca's functions. If an employee is asked for an individual's personal information, they are responsible for assuring that it is being requested for "necessary and proper" purposes by someone fulfilling his/her work-related duties.
Collecting, using and disclosing Students' Personal Information
Professors may ask for personal information from students, but only as necessary for course or program delivery. The information collected must be used for the purpose for which it was obtained: for example, students may be asked to provide their name and e-mail addresses for a class discussion or distribution list. Professors are required to inform students of the purpose for which the information is being requested.
In general, access to information in student academic records is given on a need to know basis and as required by Seneca faculty and staff, but the level and nature of access must be related to their particular duties. For example, faculty and staff who are charged with academic advising functions or those who serve on appeal committees are entitled to confidential access to student records for those specific purposes.
Faculty can only share students' personal information with other Seneca staff whose duties and responsibilities authorize them to have access to that information and who need the information in order to carry out their duties. If faculty or staff wish to share a student's information beyond those with authorized access, they must obtain the student's consent for so doing. This restriction on access to student's personal information applies to parents/guardians/spouse who phone to request such information.
Seneca makes reasonable arrangements to ensure that explanations for evaluation of student learning are made available to the affected students, together with copies of such materials as are relevant to such explanations and which can be disclosed without undermining the integrity of the evaluation system or method in question.
Records not covered by the Act
This Policy applies to recorded information covered by FIPPA. A limited number of documents are not subject to the Act.
Specifically FIPPA does not apply to records "collected, prepared, maintained or used by or on behalf of an institution" in relation to the following:
- proceedings or anticipated proceedings before a court, tribunal or other entity relating to labour relations or to the employment or a person by the institution
- negotiations or anticipated negotiations relating to labour relations or to the employment of a person by the institution between the institution and a person, bargaining agent or party to a proceeding or an anticipated proceeding
- meetings, consultations, discussions or communications about labour relations or employment related matters in which the institution has an interest
However, four subcategories of labour relations-related and employment-related documents are not included in this exemption, and are therefore subject to FIPPA:
- agreements between an institution and a trade union
- agreements between an institution and one or more employees which ends a proceeding before a court, tribunal or other entity relating to labour relations or employment-related matters
- agreements between an institution and one or more employees resulting from negotiations about employment-related matters between the institution and the employee(s)
- employee business expense accounts submitted for reimbursement for expenses incurred related to employment
Use of Personal Information of Alumni
Under the June 2006 amendments to the Act, Seneca may use alumni records for the purposes of its own fundraising activities if the personal information is reasonably necessary for the fundraising activities and provided that certain steps are followed. These steps include the following: (a) giving notice to the contacted person, upon first contact, of his or her right to request that solicitation cease; (b) providing similar notices periodically thereafter when making additional solicitation approaches to the individual; and (c) periodically publishing a general notice of an individual's right to request that fundraising solicitation cease (e.g. through Seneca's web page or other printed publications). If asked to cease soliciting for fundraising, Seneca must stop approaching the individual.
Seneca may also disclose personal information for the purposes of fundraising activities (e.g. to our printing contractor or to a fundraising foundation) if the information is necessary for fundraising and Seneca enters a written agreement with the receiving party which meets certain requirements.
Since the June 2006 amendments to FIPPA came into effect, the Act does not apply to records "of teaching materials collected, prepared or maintained by an employee of an educational institution or by a person associated with an educational institution for use at the educational institution".
There is an exemption in section 49 (c) of FIPPA which provides for an exemption when an individual requests his or her own personal information "if the information is supplied explicitly or implicitly in confidence and is evaluative or opinion material compiled solely for the purpose of assessing the teaching materials of an employee of an educational institution or of a person associated with an educational institution".
Since the June 2006 amendments to the Act, FIPPA does not apply to records "respecting or associated with research conducted or proposed by an employee of an educational institution or by a person associated with an educational institution".
Seneca may refuse to disclose information containing the past, present or proposed research activities of the Seneca community where disclosure would be contrary to the public interest, would interfere with the project, or would jeopardize the legitimate interests of the researchers, staff, students, or research sponsors involved in the project.
There is an exemption in section 49 (c) of FIPPA which allows Seneca to refuse to disclose to the individual to whom the information relates personal information where "the information is supplied explicitly or implicitly in confidence and is evaluative or opinion material complied solely for the purpose of assessing the research of an employee of an educational institution or of a person associated with an educational institution".
However, information regarding the subject matter of research and the amount of funding being received with respect to research is subject to disclosure.
Seneca is required to comply with section 21(1)(e) of FIPPA, which authorizes the disclosure of personal information for a research purpose if the following circumstances prevail:
- The disclosure is consistent with the conditions or reasonable expectations of disclosure under which the personal information was provided, collected or obtained
- The research purpose for which the disclosure is to be made cannot be reasonably accomplished unless the information is provided in individually identifiable form
- The researcher who is to receive the record has agreed in writing to comply with the conditions relating to security and confidentiality prescribed by the regulations. A research agreement must be completed: it will include a description of the research project, a rationale for using records in personally identifiable form, a detailed list of records to be consulted, assurances that the records will be treated securely and confidentially, and how the records will be destroyed at the end of the research project. (See FIPPA, Regulation 460 – Form 1.)
Members of the Seneca community rely heavily on e-mail as a means of communication. E-mail messages are also considered Seneca records if they contain information that relates to the operation or administration of Seneca.
E-mail as a Seneca record:
- Seneca records are those records within Seneca's custody or control. They include records relating to Seneca's operation and administration and records containing information relating to individual faculty, staff and students.
- An e-mail sent to oneself as a "memo to file" is considered a Seneca record if it documents Seneca business.
- Seneca records, including e-mail, may be the subject of an access request under FIPPA
- Don't use a private e-mail account for Seneca business.
- Delete or forward personal e-mail to a private account, or maintain in a separate folder.
- Keep e-mail communications factual and objective.
- Don't use an individual's name (or other personal identifier) as the header for e-mail messages.
The following notice is recommended for inclusion in all Seneca e-mail communications:
This electronic mail (e-mail), including any attachments, is intended only for the recipient(s) to whom it is addressed and may contain information that is privileged, confidential and/or exempt from disclosure. No waiver of privilege, confidentiality or any other protection is intended by virtue of its communication by the internet. Any unauthorized use, dissemination or copying is strictly prohibited. If you have received the e-mail in error, or are not named as a recipient, please immediately notify the sender and destroy all copies of it.
The use of office and personal computers, as well as various handheld data generating and data gathering devices has resulted in a growing awareness of the impact of these technological changes when an institution receives a request under FIPPA. Electronic Discovery, or e-discovery, is different in a variety of ways: the sheer volume of electronic information (e-mails, documents, databases, etc.); collections of electronic data will often contain a mixture of business and personal information; protection of privacy and privileged information is much more difficult in the electronic realm; and, as soon as a request is received Seneca is required by the Privacy Commission to immediately take reasonable and good faith steps to preserve relevant and responsive electronic documents.
Create records with the expectation that they may be disclosed. Omit unnecessary information; collect and record only the information needed to accomplish a task or meet a requirement.
Records should be factual, objective and include only what is relevant.
- Keep minutes and other formal records of proceedings factual. Avoid unnecessary detail.
- State views, comments and opinions as objectively as possible. Remember that individuals can request access to their personal information, which can include the views or opinions of another person about the individual.
- Avoid recording gratuitous or unsubstantiated comments and opinions as part of Seneca records:
- If you make notes to document a conversation or discussion, avoid including unnecessary subjective comments or unneeded questions
- Use humour with caution in written communication – it may not be understood out of context or at a later date
- Ensure that records for which circulation should be limited are clearly marked CONFIDENTIAL. While a "confidential" marking does not mean that a record will not be disclosed as the result of an access request, it may help to explain if Seneca makes a decision not to release a record in response to a request for access to it.
- Ensure that confidential information is not inadvertently disclosed:
- Position your computer screen so that no unauthorized persons can read it
- Close down the program or use password protection on your computer when you leave your desk
- Don't work with confidential records where others can see them
- When faxing confidential records, include a fax transmittal page with a confidentiality statement
- Ensure that confidential information is protected against unauthorized access. Store confidential records in a secure location such as a locked file cabinet or on a secure server.
Guidelines for taking and use of Photographs, Video and Audio Recordings
Photographs, video and audio recordings are "records" as defined in FIPPA. The information contained in them is considered "personal information" when they contain recorded information about an identifiable individual. Note that information recorded about people in their business, professional or official capacity is not considered personal information.
If photographs or audio or video recordings are going to be stored in an image bank and/or used for another purpose in the future, it is important to obtain written consent. It is essential that the consent form contain a waiver of indemnity and release (i.e. that Seneca is not responsible for the misuse or alteration of any such photographs/recordings by third parties; that Seneca and any of its officers, directors, agents, employees or servants are released from any and all actions, claims, loss or causes of action arising from the use or misuse of such images; etc.). Depending on the uses (e.g. where there may be financial gain for Seneca) contemplated for the photographs/recordings there is additional language concerning indemnity and release that would need to be included – please contact the Freedom of Information & Privacy Protection Officer for assistance in preparing the waiver.
Photographs or video or audio recordings must not be used or disclosed for purposes that were not identified in the original collection notice unless the individuals in the photographs or video or audio recordings have consented to the new use or disclosure.
In this electronic age, it may be more accurate to refer to images, to include both the traditional film photos and electronic or digital "photographs".
Caution must be exercised when posting information on websites. Information that may be relatively innocuous when hanging on the wall in a school corridor – such as a student's or staff name or photograph – may have serious privacy issues when posted on a website. This information, which can be downloaded and combined with other information, may result in a potentially significant invasion of privacy – and potentially lead to significant concerns about personal safety and security.
Reporting privacy breaches
A privacy breach:
- is unauthorized collection, use or disclosure of someone's personal information, in contravention of the Freedom of Information and Protection of Privacy Act or the Personal Health Information Protection Act
- may affect an individual or a group
- may be reported by someone in the Seneca community, or by someone external to Seneca, including Ontario's Information and Privacy Commissioner who may have received a complaint
If a privacy breach is suspected or confirmed, immediately report it to your supervisor and the Freedom of Information and Privacy Protection Officer.
- Determine what caused the breach and assess the extent of the unauthorized access to, or collection, use or disclosure of, the personal information, including number and types of possible recipients
- Ongoing or further exposure of the information may include exposure via mass media (online or other)
- Assess what harm could result to individuals from the breach, such as risk to physical security, identity theft, financial loss, damage to reputation/relationships
- Evaluate the harm that could result to Seneca from the breach, for example loss of trust in the institution or damage to its reputation, financial losses or exposure, legal proceedings
- Consider what public harm could result from the breach, such as a risk to public health or safety
- Notification to affected individuals could include the following: a description of the breach; specifics of the information inappropriately accessed, collected, used or disclosed; steps taken so far to address the breach and any future steps planned to prevent further privacy breaches; additional information, if required, about how individuals can protect themselves (e.g. changing ID numbers); and, contact information for an individual (include position title) within Seneca who can answer questions.
How long must Seneca retain Personal Information?
Personal information must be retained for a period of at least one year from its last use unless the affected individual consents to a shorter period. Personal information cannot be destroyed prior to this time and may be subject to longer retention periods under Seneca's retention schedules or legal statutes.
Security – Disposal of Sensitive Information
Records in all formats and media containing sensitive information such as, but not limited to, records containing personal information of individual staff and students, as well as records relating to Seneca's business operations and administration of academic programs, services and areas must be securely collected and shredded for disposal.
When disposing of personal information (personal information related to staff or students, including students' tests/exams, etc.), Seneca is required to use "reasonable steps" to ensure information cannot be reconstructed or retrieved. A disposal record/form must be submitted to the Freedom of Information & Privacy Protection Officer for approval, identifying which information is to be destroyed. In addition, FIPPA requires that measures be taken to ensure security and confidentially during storage, transportation, handling and destruction.
All sensitive information must be separated and placed in designated secure collection containers specifically provided by the approved secure shredding vendor. Secure collection containers are strategically placed throughout Seneca and are serviced on a regularly scheduled basis. Departments/Schools requiring special secure collection and shredding services for large volumes of sensitive information should contact the approved secure shredding vendor to arrange for a special collection.
Shred documents in an office paper shredder (cross-cut shredders are preferred over strip shredders) or in a locked confidential disposal bin provided by an external shredding service vendor.
For electronic media such as floppy disks, CDs, USB keys, personal digital assistants (PDAs) and hard drives, destroy electronic records by overwrite software or physical destruction of the disk, drive or other digital storage media. Note that overwriting may not irreversibly erase every bit of data on a drive.
Questions with respect to this Policy or Procedure should be directed to Seneca's Freedom of Information and Privacy Protection Office at extension 77846.