Legislative History: Enacted September 18, 2018 (By-law No. CPOL.-378-473); Amended August 10, 2021 (By-law No. CPOL.-378(a)-260)
Last Review Date: July 25, 2023
Service Area Lead: Manager, Records and Information Services
1. Policy Statement
The Access and Privacy Policy is a general guide to the Municipal Freedom of Information and Protection of Privacy Act (“MFIPPA” or “Act”).
The policy combines current practice and procedures and offers operational guidance to help staff:
- Understand the general framework of the legislation;
- Meet administrative and operational requirements; and
- Be aware of best practices.
The policy is not meant to provide legal advice. This policy should be referenced in conjunction with an up-to-date version of the legislation and regulations.
2. Definitions
The terms that appear below are referenced from the Act and relevant IPC guidance documents and Orders.
“City Clerk” means the City Clerk or their written designate.
“Custodian” person or organization within the meaning of the Personal Health Information Protection Act, 2004 (“PHIPA”) that, as a result of their or its power or duties or work set out in PHIPA, has custody or control of personal health information.
“Experienced Employee” (IPC Order PO-3423), employees who were knowledgeable in the subject matter of the request and expend a reasonable effort to locate responsive records.
“Head” in respect of an institution, the individual or body determined to be head under section 3 of the Act.
“Information and Privacy Commissioner” and “IPC” mean the Commissioner appointed under subsection 4 (1) of the Freedom of Information and Protection of Privacy Act.
“Institution” (section 2 of the Act),
a) a municipality,
b) a school board, municipal service board, city board, transit commission, public library board, board of health, police services board, conservation authority, district social services administration board, local services board, planning board, local roads board, police village or joint committee of management or joint board of management established under the Municipal Act, 2001 or the City of Toronto Act, 2006 or a predecessor of those Acts,
c) any agency, board, commission, corporation or other body designated as an institution in the regulations; (“institution”).
“Personal Information” recorded information about an identifiable individual, including,
a) information relating to the race, national or ethnic origin, colour, religion, age, sex, sexual orientation or marital or family status of the individual;
b) information relating to the education or the medical, psychiatric, psychological, criminal or employment history of the individual or information relating to financial transactions in which the individual has been involved;
c) any identifying number, symbol or other particular assigned to the individual;
d) the address, telephone number, fingerprints or blood type of the individual;
e) the personal opinions or views of the individual except if they relate to another individual;
f) correspondence sent to an institution by the individual that is implicitly or explicitly of a private or confidential nature, and replies to that correspondence that would reveal the contents of the original correspondence;
g) the views or opinions of another individual about the individual; and
h) the individual’s name if it appears with other personal information relating to the individual or where the disclosure of the name would reveal other personal information about the individual.
“Personal Health Information” (section 4 of PHIPA), identifying information about an individual in oral or recorded form, if the information,
a) relates to the physical or mental health of the individual, including information that consists of the health history of the individual’s family;
b) relates to the providing of health care to the individual, including the identification of a person as a provider of health care to the individual;
c) is a plan of service within the meaning of the Home Care and Community Services Act, 1994 for the individual;
d) relates to payments or eligibility for health care, or eligibility for coverage for health care, in respect of the individual;
e) relates to the donation by the individual of any body part or bodily substance of the individual or is derived from the testing or examination of any such body part or bodily substance;
f) is the individual’s health number; or
g) identifies an individual’s substitute decision-maker.
“Privacy Breach”
A privacy breach occurs when personal information is collected, retained, used, accessed or disclosed in ways that are not in accordance with the provisions of the Act. Among the most common privacy breaches is the unauthorized disclosure of personal information, contrary to section 32 of the Act. For example, personal information may be lost (a file is misplaced within an institution), stolen or inadvertently disclosed through human error (a letter addressed to person A is actually mailed to person B).
“Record” (section 2 of the Act), any record of information however recorded, whether in printed form, on film, by electronic means or otherwise, and includes,
a) correspondence, a memorandum, a book, a plan, a map, a drawing, a diagram, a pictorial or graphic work, a photograph, a film, a microfilm, a sound recording, a videotape, an email, an instant/text message, a machine readable record, any other documentary material, regardless of physical form or characteristics, and any copy thereof, and
b) any record that is capable of being produced from a machine readable record under the control of an institution by means of computer hardware and software or any other information storage equipment and technical expertise normally used by the institution.
“Privacy Impact Assessment” and “PIA” (IPC Guide), is a risk management tool used to identify the actual or potential effects that a proposed or existing information system, technology, program, process or other activity may have on an individual’s privacy.
“Project” (IPC Guide) in relation to a PIA, means any work involving the collection, use, retention, disclosure, security and disposal of personal information. This may include a new program, process, service delivery model or an information technology system or changes to an existing program, process or system.
“Responsive Record” (IPC Order PO-2554), any record that reasonably relates to, or is within the scope of a request under the Act.
“Reasonable Search” (IPC Order M-909 and IPC Fact Sheet), a search conducted by an experienced employee expending reasonable effort to identify any records that are reasonably related to the access request in locations where records in question might reasonably be located.
“Service Area Liaison” as designated by their Service Area Deputy City Manager or written designate, a City of London employee with sufficient experience and training in MFIPPA access processes and procedures who responds to the City Clerk with respect to routine access requests on behalf of their department.
3. Applicability
This policy applies to all City of London employees and governs the procedure by which City of London employees respond to access requests and protect personal information as required under MFIPPA.
4. The Policy
The Access and Privacy Policy is a policy governing the procedure by which City of London employees respond to access requests and protect personal information as required under the Municipal Freedom of Information and Protection of Privacy Act, R.S.O. 1990 (“MFIPPA” or “Act”).
4.1 Purpose and Policy Statement
The Access and Privacy Policy is a general guide to MFIPPA.
The policy combines current practice and procedures and offers operational guidance to help staff:
- Understand the general framework of the legislation;
- Meet administrative and operational requirements; and
- Be aware of best practices.
The policy is not meant to provide legal advice. This policy should be referenced in conjunction with an up-to-date version of the legislation and regulations.
Audience
The primary audience for this policy is City of London staff.
Policy Principles
The following principles will form the basis of this policy:
Transparency
- As identified in the City's Strategic Plan, the promotion of an open and transparent government is important to the City of London.
- The City of London is committed to both the routine disclosure and the active dissemination of records when consistent with the principles and rules of the Act.
- The City of London will provide access to records and information in accordance with the principles and rules of the Act.
Accountability
- The City of London will take reasonable steps to protect the collection, use, access and disclosure of personal information.
- The City of London will facilitate an individual’s right of access as well as the ability to correct their personal information in the custody or under the control of the institution, subject to any legislative exemptions.
4.2 Roles and Responsibilities
The Head
MFIPPA prescribes City Council as the Head of the Institution for the purposes of the Act. As Head, Council is accountable for decisions under the Act and for overseeing how the City administers the Act generally. This responsibility includes complying with access provisions of the Act, and ensuring that personal information that the institution collects, uses, and discloses is in compliance with the Act. Pursuant to section 49 of the Act, City Council has delegated to the City Clerk its powers and duties under the Act as per By-law No. A.-6067-31.
For the purposes of this policy, the City Clerk is responsible for:
- exercising the duties pursuant to Council’s delegation of all its powers and duties as Head and properly discharging its statutory obligations pursuant to section 49(1) of the Act;
- receiving and managing the overall process of responding to access requests under the Act;
- communicating and liaising with staff, requesters, and third parties regarding access requests under the Act;
- preparing records for disclosure and determining access to records subject to the provisions of the Act;
- managing all aspects of the appeal process relating to access requests under the Act;
- communicating with Deputy City Managers and/or City Manager to resolve any delays by division staff in searching, retrieving or providing copies of records responsive to access requests under the Act;
- preparing and submitting the annual report to the IPC;
- reporting and investigating privacy breaches;
- providing training to employees on the Act; and
- administering, monitoring, and promoting all aspects of this policy.
City Manager and Service Area Leads
The City Manager (generally) and each Service Area Lead (with regards to their direct reports) is responsible for ensuring that the employees they oversee adhere to the procedures in this policy and the provisions of the Act.
The City Manager and Service Area Leads are responsible for:
- allocating sufficient employees and other resources to ensure that Service Areas comply with the access and privacy requirements of the Act;
- ensuring that employees meet internal and statutory deadlines for responding to access requests;
- ensuring that employees maintain division records in compliance with management policies and procedures, and the City of London’s Records Retention By-law; and,
- appointing an employee to act as a Service Area Liaison between the respective Service Area and the City Clerk.
City of London Employees
All City of London employees shall be aware of and comply with this policy as required and shall also be responsible for:
- maintaining records in compliance with management policies and procedures and the City of London’s Records Retention By-law;
- locating, retrieving and providing copies of records to the City Clerk in response to a request made under the Act by the deadlines provided;
- participating in MFIPPA and records management training;
- communicating and cooperating with the City Clerk with respect to requests made under the Act (for example, search time estimates, clarification requirements, concerns with records, etc.); and,
- providing the City Clerk with a completed Records Retrieval Form (Appendix B).
Service Area Liaisons
Each Service Area (SA) shall appoint an employee to act as the SA Liaison between the SA and the City Clerk in response to MFIPPA requests SA Liaisons will receive specialized training by the City Clerk and shall be responsible for fulfilling the access request procedures set out within this policy.
Legal Services – City Solicitor’s Office
Solicitors in the City Solicitor’s Office provide legal advice to the City Clerk on access requests, as required. Solicitors in the City Solicitor’s Office shall be responsible for:
- providing legal advice and opinions related to requests under the Act;
- representing (as required by the City Clerk) the City on appeals to the IPC of the City Clerk's decisions under the Act and in proceedings before the IPC; and,
- preparing representations or reconsideration requests, when requested by the City Clerk, regarding inquiries conducted by the IPC in accordance with the timelines set by the IPC.
4.3 Timely Response to Access Requests
The City Clerk is legislatively required to respond to MFIPPA requests within 30 calendar days. Accordingly, requests are processed within 20 - 21 business days.
If the City Clerk does not respond to a request within the 30 day time period, then the request is deemed to have been refused. The Act then entitles requesters to appeal immediately the “deemed refusal” to the IPC.
Because of the legislated time frames, employees should process MFIPPA requests on a priority basis. The City Clerk will a send a department letter requesting records directly to the SA Liaison with a specific deadline for the responsive records to be provided. Generally, 13-15 calendar days are allocated for staff to complete the search and provide copies of responsive records to the City Clerk.
Search time estimates which exceed one (1) hour are to be provided to the City Clerk within three (3) days of receipt of the department letter. If no search time estimate is received by the City Clerk, the expectation is that the SA Liaison will provide responsive records by the due date indicated in the department letter.
Follow-up Process
If the SA Liaison has not provided the City Clerk with a search time estimate and the City Clerk has not received responsive records by the due date, the City Clerk will follow-up as follows:
- Day Records are Due – Reminder to SA Liaison that records are due today;
- 2 Days After Due Date – If no response, a second reminder to the SA Liaison;
- 4 Days After Due Date– If no response, communication sent to the Deputy City Manager advising that the division response is overdue and that, if the responsive records are not received in the next few days, the request will become overdue;
- 6 Days After Due Date – If no response, communication sent to the City Manager advising that the division response is overdue and that, if the responsive records are not received, the request will become overdue.
4.4 Access Request Procedures
Receiving Requests
The City Clerk will seek to determine whether a requester may obtain access to all or some of the requested records directly from the relevant Service Area; for example, by providing information that is public. Service Areas should advise the City Clerk of any circumstances when they can routinely disclose certain records outside of the formal freedom of information access procedure.
The City Clerk processes all other formal requests for access to records under the Act.
Clarifying Requests
The City Clerk will seek to ensure that requests are as clear as possible and will contact the requester where appropriate to seek clarification.
Access Procedure
Refer to Process Map – Appendix A
1. Once the City Clerk has clarified a request, a department letter, a copy of the request, and Records Retrieval Form is prepared and sent to the SA Liaison with a copy to the Deputy City Manager.
2. Requests that require searches of the Microsoft Exchange system are forwarded directly to the Director of Information Technology Services, Enterprise Supports. Results are provided directly to the City Clerk. The City Clerk will provide copies of responsive e-mails to the staff member for their review.
3. The SA Liaison may identify other Service Areas that may have responsive records.
4. SA Liaisons are required to notify the City Clerk within three (3) days of receipt of the letter if they anticipate a search for responsive records will take more than one (1) hour. If the search is anticipated to take an hour or less, SA Liaisons are advised to provide copies of records (either electronically or photocopies) by the deadline provided in the letter.
5. SA Liaisons must search for all recorded information that responds to an access request and provide copies of the records to the City Clerk no later than the return date indicated in the letter. A search for responsive electronic records can be done through keyword search or reviewing responsive content folders. A search for paper records can be done by physically looking in cabinets or boxes.
If SA Liaisons require a time extension to complete a search they should contact the City Clerk immediately to determine whether the Act permits a time extension. SA Liaisons are required to prepare documentation to justify search time estimates and requests for time extensions, if applicable. Please see the “Time Extensions” section below for detailed documentation requirements.
6. The City Clerk requires that SA Liaisons return a completed Records Retrieval Form along with responsive records indicating the actual time spent searching for records, the location and methods used to search for records, and/or whether there are any concerns with the records in question. The City Clerk also requires a completed Records Retrieval Form if no records are provided responsive to the request.
In the event of an appeal, the IPC may call on the staff that searched for the records to describe the steps they took to conduct the search. Referencing the Records Retrieval Form in such instances assists the City Clerk during the appeal process.
7. The City Clerk will, at the request of the SA Liaison or Deputy City Manager, advise when the records pertaining to their business unit will be released. Where legislative timelines permit, the City Clerk will, at the request of the SA Liaison or Deputy CIty Manager, provide copies of the records to be released prior to their release.
Time Extensions
The City Clerk determines extensions for a request based on input from the SA Liaison and/or the Service Area Deputy City Manager.
The Act allows the City Clerk to extend the processing time for a request when:
1. The request is for a large number of records or necessitates searching through a large number of records and meeting the time limit would unreasonably interfere with the operations of the City; or
2. Staff must consult with an external agent to comply with the request and they cannot reasonably complete the consultation within the time limit.
If either of the above factors apply, the SA Liaison should summarize in writing the reasons for an extension as follows:
a) For a request involving a large numbers of records by:
- explaining the steps that employees require to search for responsive records and estimating the total number of pages of records;
- identifying any exemptions that may be applicable to the records; and,
- providing a representative sample of records.
b) For a request that cannot be completed without consulting with an external agent person, by providing:
- the name of the person or organization that the City will consult;
- the reason why consultation is necessary; and,
- an estimate about when the consultation will be complete.
Providing Records to the City Clerk
The SA Liaison shall provide all of the responsive records to the City Clerk (by the deadline) using the following guidelines:
- Records (electronic or paper) must be provided unaltered. The City Clerk will not accept records that have been redacted or “blacked-out”.
- Original paper records are to be copied or scanned and emailed to the City Clerk. Copies must be legible.
- Electronic records should be provided via the City of London’s Internal File Transfer Service or provided on an ITS approved USB stick. Please do not print electronic records.
- The SA Liaison should identify any areas of concerns in any of the responsive records and may, solely for the purpose of assisting the City Clerk, identify any exemptions that the liaison believes may apply to the records noting that the final decision rests with the City Clerk.
- A completed Records Retrieval Form must be submitted with the records by the deadline.
Offence
No employee shall alter, conceal or destroy a record or cause another person to do so with the intention of denying a right under the Act to access the record or the information contained in the record.
It is an offence under section 48(1)(c.1) of the Act to alter, conceal or destroy a record, or cause any other person to do so, with the intention of denying a right under the Act to access the record or the information contained in the record. Every person who contravenes subsection (1) is guilty of an offence and on conviction is liable to a fine not exceeding $5,000.00.
Reviewing and Disclosing Records
The Act requires that the City Clerk must disclose as much of the requested record as can reasonably be severed, without disclosing the information that falls under one of the exemptions. Severing is the process of “blacking out” or “redacting” information that is considered confidential and exempt from disclosure.
Only the City Clerk will sever records responsive to a formal access request under the Act. Severances are decisions on disclosure, and the City Clerk is the only decision-maker at the City of London who has the authority to make decisions on disclosure under the Act.
To assist the City Clerk in determining whether a record is exempt from access or outside the scope of the Act the CIty Clerk will consider recommendations of the SA Liaison. Any such recommendations should be recorded on the Records Retrieval Form.
When the City Clerk refuses access to a record or severs part of a record, the Act requires the City Clerk to provide the requester with a decision letter that:
- explains the basis for the decision;
- describes clearly to the requester the records responding to the request specifically referring to the exemption(s) that the City has applied to justify a refusal to provide access;
- may include a detailed index of records that describes the contents and subject matter of the records;
- notifies the requester if the requested record does not exist; and,
- states that the requester may appeal the City Clerk's decision to the IPC.
If a request is received for records that appear to be excluded from the Act, the City Clerk will process the request in accordance with the procedure set out in this policy.
Fees
For all requests under MFIPPA, the requester must pay a $5.00 application fee. The application fee is mandatory and the City Clerk cannot waive it.
The City Clerk applies different fees as prescribed by regulation, depending on whether the request is for general records or for the requester’s own personal information.
The City Clerk must charge fees unless the City Clerk decides to waive the fees under the fee-waiver provisions of the Act.
The regulations under the Act contain a fee schedule that sets out the amount that the City Clerk may charge for various costs that the City may incur when processing a request:
Type of Fee | Amount |
---|---|
Application Fee | $5.00 |
Photocopies and computer printouts | $0.20 cents per page |
Disks | $10.00 per disk |
Manual search for records * | $7.50 for each 15 minutes spent |
Preparing a record for disclosure, including severing records * | $7.50 for each 15 minutes spent |
Computer programming | $15.00 for each 15 minutes spent |
Costs incurred in locating, retrieving, processing and copying the record | As specified in an invoice received by the City |
* does not apply to a request from an individual for their own personal information.
4.5 Councillors’ Records
The City Clerk will determine whether the Act applies to a councillor’s records. In making this decision, the City Clerk examines the specifics of each request in light of a number of principles established by the IPC.
Councillors’ records are subject to the Act where:
(a) a councillor is acting as an officer or employee of the municipality, or performs a duty assigned by council, such that they might be considered part of the institution, or,
(b) the records are in the custody or control of the municipality on the basis of established principles.
The access procedure for requests related to Councillors’ records shall follow the standard procedure described within this policy.
1. Once the City Clerk has clarified a request, a department letter, a copy of the request, and Records Retrieval Form is prepared and sent to the Executive Assistant (EA) to the Councillors’ Office, or designate.
2. If the search requires electronic communications, the Councillor may request a search of their Microsoft Exchange account to be completed by the Information and Technology Services Department. Results will be provided directly to the City Clerk. The City Clerk will provide copies of responsive e-mails to the Councillor for their review.
3. Councillors (or the EA) are required to notify the City Clerk within three (3) days of receipt of the department letter if they anticipate their search for responsive records will take more than one (1) hour. If the search is anticipated to take an hour or less, Councillors (or the EA) are advised to provide copies of records (either electronically or photocopies) by the deadline provided in the letter.
4. Councillors (or the EA) must retrieve and provide copies of the records to the City Clerk no later than the due date indicated in the letter. If Councillors require a time extension to complete a search they should contact the City Clerk immediately to determine whether the Act permits a time extension.
5. The City Clerk requires that Councillors (or the EA) return a completed Records Retrieval Form along with responsive records which indicates the actual time spent searching for records, the location and methods used to search for records, whether there are any concerns with the records in questions, etc. The City Clerk also requires a completed Records Retrieval Form if no records are provided responsive to the request.
6. The City Clerk will, at the request of the Councillor, advise when the records pertaining to them will be released and/or provide copies of the records to be released prior to their release.
4.6 Access to Records of Personal Health Information
An individual may exercise a right of access to a record of personal health information by making a written request for access to the custodian that has custody or control of the information.
Organizations that are both custodians under PHIPA and institutions under the Act include municipally operated long-term care homes, for example, Dearness Home.
The City Clerk will determine whether PHIPA or MFIPPA applies to a request it receives having regard to the legislation.
If the City Clerk receives a request for personal health information in the custody or under the control of Dearness Home, the City Clerk will immediately transfer that request to the Administrator of Dearness and advise the requester of the same.
If the Administrator of Dearness receives a request under the Act for information in the custody or under the control of the City of London, the Administrator will immediately transfer that request to the City Clerk and advise the requester of the same.
4.7 Appeals to the Information and Privacy Commissioner (IPC)
The Act establishes the right of a requester to appeal decisions that the City Clerk makes about access to records. After a requester receives a notice of decision, the requester has 30 calendar days to appeal the decision to the IPC.
The City Clerk, in consultation with the City Solicitor’s Office, will respond to appeals as per the procedures and practice directions set out in the IPC’s Code of Procedure for appeals under the Freedom of Information Act and the Municipal Freedom of Information and Protection of Privacy Act, (hereafter “Code of Procedure”).
The CIty Clerk will notify the appropriate staff member (or Councillor) and the appropriate Deputy City Manager, in the event that the Commissioner issues an order with respect to access to records. The City Clerk will ensure compliance of the order.
The City Clerk will notify the City Manager and the appropriate Deputy City Manager should the IPC notify the City Clerk that the Commissioner will be entering and inspecting any premise occupied by The City of London for the purposes of an investigation. The City Clerk will be in attendance during the IPC’s inspection.
Offence
No employee shall wilfully obstruct the IPC in the performance of its functions, make a false statement to mislead the IPC or fail to comply with an order of the IPC.
Any person who wilfully obstructs the IPC in the performance of its functions, makes a false statement to mislead the IPC, or fails to comply with an order of the IPC, is guilty of an offence, and on conviction, is liable to a fine of up to $5,000.00.
4.8 Personal Information
Protection of Personal Privacy
The Act requires that the City Clerk implement basic standards for protecting personal information in its possession. Refer to the IPC’S Fact Sheet to learn more about how Personal Information is defined in the Act.
Collection of Personal Information
The City, employees or consultants acting on the City’s behalf, shall only collect personal information that they are authorized to collect. This authority can be one of the following:
- collection of the information is expressly authorized by provincial or federal legislation;
- the information is used for the purposes of law enforcement; or,
- the information is necessary to the proper administration of a lawfully authorized activity.
The City shall only collect personal information directly from the individual to whom it relates, except in circumstances set out in MFIPPA. Examples of these include:
- where the individual authorizes another method of collection;
- the personal information may be disclosed to the City under the authority of the Freedom of Information and Protection of Privacy Act (“FIPPA”);
- where the IPC has authorized the City to collect the information indirectly from another person;
- the information is collected for the purpose of law enforcement; and,
- where other legislation provides for a different method of collection.
When collecting personal information, the City must provide the individual with a notice of collection statement that contains:
- the City’s legal authority to collect the information;
- the principal purposes for which the information is intended to be used; and,
- the title, business address and telephone number of an officer or employee who can answer questions about the collection (why it is being collected, how it will be used).
Notice of collection statements are prepared by staff in consultation with the City Clerk. Exceptions to this notice requirement are set out in O. Reg. 823.
Retention of Personal Information
Personal information that has been collected by the City must be retained for at least one year after it is used, unless another retention period has been provided in the City’s Records Retention by-law, or the individual has consented to its earlier disposal. The purpose of this retention period is to ensure that individuals have a reasonable opportunity to obtain access to their personal information.
Use of Personal Information
The City is required to take reasonable steps to ensure that personal information is not used unless it is accurate and up to date. The City must create a record of any use of personal information that is different from how the information is used on a regular basis.
The City is only permitted to use personal information:
if the individual has consented to the particular information being used;
- for the purpose for which it was obtained or compiled;
- for a consistent purpose, (i.e. the individual might reasonably expect the use); or
- for the purpose for which the information was disclosed to the City under FIPPA.
Disclosure of Personal Information
The City is only permitted to disclose personal information in the following circumstances:
in compliance with Part I of the Act;
- if the individual has consented to its disclosure;
- for the purpose for which it was obtained;
- for a consistent purpose, (i.e. the individual might reasonably expect the disclosure);
- disclosure is made to an employee who needs the record in the performance of duties;
- to comply with federal or provincial legislation;
- to a law enforcement agency in Canada to aid an investigation;
- in compelling circumstances affecting personal health or safety;
- in compassionate circumstances, (to contact next of kin or friend of an injured, ill or deceased person); and,
- to a provincial or federal government department for auditing of cost-shared programs.
Transmitting Personal Information
When employees are required to transmit personal information to parties external to the organization, the following guidelines should be considered to help ensure that personal information is protected from unauthorized access or disclosure:
- Where possible, avoid sending personal information via facsimile (fax). Sometimes, faxes do not reach their intended destination, whether it is as a result of human error in the dialling of the number, or because of a technical glitch. Faxing personal information can result in personal information being accidentally disclosed or deliberately intercepted by other people.
- Where possible, utilize the File Transfer Service to email personal information. Consider password protecting the communication and limiting the number of downloads.
- Where the use of the File Transfer Service is not suitable, consider utilizing a Courier Service to deliver hard copies of the personal information and request a signature upon receipt.
Offence
Any person who wilfully discloses personal information, or maintains a personal information bank, in contravention of the Act, is guilty of an offence, and on conviction, is liable to a fine of up to $5,000.00.
Privacy Investigations
Individuals may submit a complaint to the IPC if they believe that the City of London has improperly collected, used, disclosed, retained or disposed of their personal information.
The City Clerk shall receive notice from the IPC in the event that an individual has lodged a complaint and an investigation is being undertaken.
The City Clerk shall, in consultation with appropriate staff, represent the institution during a privacy complaint investigation.
The responsible employee will cooperate and assist the City Clerk during the course of the investigation.
4.9 Protocol for Responding to a Privacy Breach Under the Act
Upon learning of a privacy breach or a potential privacy breach under MFIPPA, staff shall immediately notify their Manager and the City Clerk.
The City Clerk will assist the responsible employee in responding to the breach of personal privacy.
The following protocol shall be adopted during a breach or a potential breach of personal privacy, as per IPC guidelines.
Containment: Identify the scope of the breach or potential breach and take steps to contain it:
- retrieve hard copies of any personal information that has been disclosed;
- attempt to Re-call emails sent in error containing personal information;
- ensure that no copies of the personal information have been made or retained by the individual who was not authorized to receive the information and obtain the individual’s contact information in the event that follow-up is required; and,
- determine whether the privacy breach would allow unauthorized access to any other personal information (i.e. financial institutions).
Notification: If the City Clerk is of the opinion that the privacy breach poses a real risk of significant harm, staff will identify those individuals whose privacy was breached and, barring exceptional circumstances, in consultation with the City Clerk, notify those individuals accordingly:
- notify the individuals whose privacy was breached, notification shall be conducted by telephone or in writing as soon as reasonably possible;
- details of the extent of the breach and the specifics of the personal information at issue shall be provided;
- if financial information or information from government-issued documents are involved, precautionary measures shall be included in the notice, (i.e. change passwords, contact Equifax or banking institution, etc.);
- information related to the steps that have been taken to address the breach, both immediate and long term, shall be provided;
- contact information for someone who can provide additional information, assistance and answer questions shall be provided; and,
- a statement advising whether or not the IPC privacy breach has been contactedreported to ensure that all obligations under the Act are fulfilled and, providethe IPC shall be provided along with information about how toan individual may submit a complaint to the IPC.
The employee involved in the breach shall document the incident in detail in writing, including how each step in the above process was executed.
If the City Clerk is of the opinion that the privacy breach poses a real risk of significant harm, the City Clerk may report the breach to the IPC.
4.10 Privacy Impact Assessment
A PIA is used to assess compliance with MFIPPA; it aims to identify and address the privacy impacts of proposed projects or activities.
Before staff implement a project or activity that involves the collection of personal information, they shall consult with the City Clerk, who will determine whether a PIA is required. Staff may be required to conduct a preliminary assessment to assist the City Clerk in making such determination. A PIA may be required where the City Clerk determines the collection is at a large scale; where the personal information is deemed sensitive; or where the collection, use, or disclosure of the personal information impacts decision making.
Where the City Clerk determines a PIA is required, staff shall conduct a PIA, in consultation with the City Clerk, prior to the implementation of the project or activity. Staff will be supplied a PIA template to conduct the assessment.
Once the PIA is completed by staff, it shall be reviewed and/or approved by the City Clerk. If recommendations are made by the City Clerk to implement controls related to the protection of personal information or compliance with legislation, those recommendations shall be adopted by staff prior to embarking with the activity or program.
4.11 Appendices
Appendix A – MFIPPA PROCESS MAP
Appendix B – RECORDS RETRIEVAL FORM
MFIPPA RECORDS RETRIEVAL FORM
To be completed and returned to the Manager of Records and Information Services
1. Indicate the places that were searched (e.g., what files in which offices or file rooms, which shared drives or software applications):
2. Indicate methods/processes used to conduct the search and types of files searched (e.g., searching electronic files, paper files, file lists, off-site file lists, microfiche etc.):
3. Length of time required to do the search:
4. Responsive records located? (Indicate if responsive records no longer exist but did exist at one time (i.e., provide the number of the Records Retention Schedule which authorized the destruction of those records):
Yes No
5. Are there any concerns with these records or this request? (If yes, please explain):
Yes No
6. Would you like to be provided with a copy of the responsive records?
Yes No
7. Would you like to be advised when responsive records are released?
Yes No
Name:
Date: