What is a Privacy Officer?



Similar documents
What to do When Faced With a Privacy Breach: Guidelines for the Health Sector ANN CAVOUKIAN, PH.D. COMMISSIONER

For Climate Study Committees - Questions to ask as you prepare to discuss climate study results

THE PLAIN LANGUAGE VERSION OF THE PROMOTION OF ACCESS TO INFORMATION

Ten steps to develop a multilayered privacy notice

ELEMENT FINANCIAL CORPORATION CODE OF BUSINESS CONDUCT AND ETHICS

Subject access code of practice

SCDHSC0233 Develop effective relationships with individuals

Service Delivery Guideline for Service Providers: Creating Effective Welcoming Spaces

IT asset disposal for organisations

Your Family s Special Education Rights

Disclosing Information - The Data Protection Act, 2002

Determining what information is data for the purposes of the DPA

Your guide to. Dispute Resolution

Discipline and grievances at work. The Acas guide

WHAT HAPPENS IF MY CHILD IS HAVING TROUBLE LEARNING IN SCHOOL?

(Effective as of December 15, 2009) CONTENTS

Standards for the Dental Team Standards

Reporting on Controls at a Service Organization

A Guide. Personal Health Information Protection Act. to the. December Ann Cavoukian, Ph.D Commissioner

Discipline and grievances at work. The Acas guide

How To Deal With A Complaint From An Employee

Listen, Inform, Respond: A guide to good complaints handling.

Do-it-Yourself Recovery of Unpaid Wages

How to Start an NGO. By Joanna Moshman

A guide to receiving direct payments from your local council

Transcription:

P I P A P oo i nn t ee rr What is a Privacy Officer? 1. What is a Privacy Officer? A Privacy Officer is a person within an organization whose job it is to encourage compliance with the Personal Information Protection Act (PIPA); respond to requests for access to and correction of personal information and issues concerning personal information; and, work with the Office of the Information and Privacy Commissioner during an investigation of a privacy complaint against the organization. A Privacy Officer may also be responsible for managing the necessary changes to an organization s information management practices, policies and procedures; staff training; customer relations; policies and procedures; and inquiry and complaint processes 2. Why have a Privacy Officer? The Personal Information Protection Act (PIPA) says that an organization must designate one or more individuals to be responsible for ensuring the organization complies with the Act. The name of the Privacy Officer should be publicized within the organization and staff should be encouraged to discuss privacy issues with that person. Contact information of each individual designated to be responsible be should be available to the public. 3. Will one Privacy Officer be enough? This depends on a number of factors such as: the size of the organization; the structure of the organization (is it in one place only, or does it have a number of offices or branches?); and the amount of personal information the organization holds, and the type of activity it is engaged in. A large organization with a number of branch offices might find it desirable to designate a Privacy Officer in each location. However, a company (either big or small) that holds very little personal information might find that one Privacy Officer in the head office (or the only office) is enough. A designated Privacy Officer may delegate his or her duties to another individual. Any delegation should be made in writing. When is it disposed of? How is it disposed of? What is a Privacy Officer? 1 December 2004, Revised May 2010 Service Alberta

4. Does this mean that organizations need to hire extra staff? In most cases, extra staff should not be necessary. It should be possible for an existing staff member to take on the duties of a Privacy Officer. However, where the main business or activity of the organization is connected with the collection and use of personal information, these duties may warrant a full-time position. 5. Who else should know about the Personal Information Protection Act? Everyone in the organization who handles personal information should have an understanding of the protection of privacy principles and the objectives of the Personal Information Protection Act. The Privacy Officer should be able to provide assistance when a more detailed knowledge of the organization's responsibilities is required. 6. What is the Privacy Officer's role if a complaint is made to the Information and Privacy Commissioner? If an individual complains to the Information and Privacy Commissioner that an organization has violated his or her privacy, the Information and Privacy Commissioner or one of his staff may contact the Privacy Officer to discuss the complaint, and to see whether there is any means of settling the matter. The Privacy Officer should provide whatever assistance is necessary. The Privacy Officer may be asked to provide background information or identify the people in the organization who can do so. 7. Do Privacy Officers need any special training? Privacy Officers need to be familiar with the legislation and should be knowledgeable of their organization personal information management practices. However, no special training is required. It is important, however, to give your designated privacy official senior management support and authority to intervene on privacy issues relating to any of your organization s operations. What is a Privacy Officer? 2 December 2004, Revised May 2010 Service Alberta

For more information Additional information and resources about PIPA are available on the websites of Access and Privacy, Service Alberta, and the Office of the Information and Privacy Commissioner. Access and Privacy Service Alberta Phone: 780-644-PIPA (7472) Toll free dial 310-0000 E-mail: pspinfo@gov.ab.ca Website: pipa.alberta.ca Office of the Information and Privacy Commissioner Phone: 403-297-2728 Toll free dial 1-888-878-4044 E-mail: generalinfo@oipc.ab.ca Website: www.oipc.ab.ca Acknowledgements: This document was developed by Corporate Privacy and Information Access, Ministry of Management Services, Government of British Columbia. It has been adapted and reproduced by Access and Privacy, Service Alberta. We would like to thank our colleagues in British Columbia for allowing us to adapt this information for use in Alberta. What is a Privacy Officer? 3 December 2004, Revised May 2010 Service Alberta

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information