About Ryerson

  Printable Version     
  E-mail This Page     
Increase Text Size
Decrease Text Size
 Change Text Size 

GENERAL INFORMATION FOR STAFF AND FACULTY

In the Event of a Privacy Incident

If you become aware of an internal privacy incident involving the possible unauthourized access or sharing of personal information, please follow the procedure set out in Ryerson's Privacy Incident Notification Process.

Privacy Incident Notification Process  

The IPC has provided guidelines for handling privacy breaches (link below).  It is advisable to develop your action plan in consulation with Ryerson's Information & Privacy Officer (416-979-5000 ext 4676) or email fippa@ryerson.ca.  

IPC Guidelines: What to do if a privacy breach occurs (2003)  

 

Relevant University Policies

The three policies and one procedures document referenced below explain your responsibilities in using and disposing of information

All employees of the university, whether they are faculty, instructors, or administrative staff, have an obligation under university policy to protect specific kinds of information from unauthorized uses.  This information shares a risk of harm to the university, an individual, or a third party, in the event of an unauthorized use. Ryerson's Information Protection and Access Policy - Restricted Information describes these obligations.  The "attached" Procedures for Protecting Restricted Information and Providing Access to Information contains a definition of restricted kinds of information, including personal information, as well as information about privacy breaches, notices of collection, provisions for areas that regularly handle restricted information, and a confidentiality agreement. 

Ryerson's Information Protection Policy - General covers employee responsibilities to the university's information assets.  When information falls into the category of restricted information, then the Information Protection and Access Policy - Restricted Informaiton applies. For more information or to enroll in Ryerson's Information Systems Security program, contact the Information Systems Security Officer at 416-979-5000 ext. 7632.

 

Preparing a Notice of Collection

A Notice of Collection is a legal means to obtain individuals' consent for the University to collect, use and disclose personal information. The notice sets out the legal authority by which you can collect information, the purposes for which you've collected it, and provides contact information, for the area using the information, in the event of questions or concerns.

Please contact fippa@ryerson.ca in the event you require a notice for a form, course outline, website, networking site or other examples where you plan to collect, use or share personal information.

 

Records Management Best Practices

Ryerson has an official shredding procedure.  Contact Campus Facilities to make a request for pickup of materials to be shredded. To request a lock and key for a shredding bin or to request additional bins, complete a Service Request Form, email doit@ryerson.ca or call 416-979-5000 ext 5091.  Paper and CDs/DVDs can be placed in these bins.  For other types of media such as Audio or Video Tapes, place them in a box marked "Media Destruction" and contact Campus Facilities for pickup.

Campus Planning Shredding Procedure 

Ryerson's Archive and Records Management Policy - 1993 is under review.  For advice on records management best practices contact Leanne Sachs, Records Management Coordinator at leanne.sachs@ryerson.ca.

Ryerson University Archives and Records Management Policy - 1993

 

INFORMATION & PRIVACY TRAINING MATERIAL AND PRESENTATIONS

Information & Privacy Contacts Training Manual

FIPPA Contacts Training - February 2009

Ryerson Departmental FIPPA Contacts - Roles

FIPPA Primer for Staff 

 

Presentations

5 Steps to Protecting Personal Information

FIPPA Overview

 

LINKS

For your reference, below are links to a number of Ontario Information and Privacy Commissioner policy papers.  Additional papers and guidelines are available on the IPC's website located at: www.ipc.on.ca

IPC Policy Paper: Electronic Records Maximizing Best Practices

IPC Policy Paper:  Best Practices for Online Security Protection

IPC Policy Paper: Privacy Protection Principles for Electronic Mail Systems

IPC Guidelines: Facsimile Transmision Security

IPC and Microsoft:  An Internet Privacy Primer - Assume Nothing

Bookmark with: Digg Facebook Twitter del.icio.us Newsvine
News from the General Counsel's Office
 
Julia Shin Doi appointed General Counsel and Secretary of the Board of Governors...

Legal Leaders for Diversity: A statement of support for diversity and inclusion....

Related Information
More FIPPA Information
Information about processing FIPPA requests, records management best practices, and potential privacy breaches. Read more