CCS Help Desk Privacy Protection Guidelines
These Guidelines relate to personal information data held on the Computing and Communications Services (CCS) Help Desk incident management system. As part of Ryerson University, employees who use this system have legal obligations to protect this type of information from unauthorized use or disclosure. These Guidelines apply to all tickets within the CCS Help Desk incident management system.
The CCS Help Desk runs an Incident Management System that records details of each call made to the CCS Help Desk, email inquiries or forms submitted to firstname.lastname@example.org, and the progress made in dealing with them. This includes any email messages sent to or from email@example.com. It uses tickets to track an incident through the system.
The information in the system is used for the following purposes:
- to track the progress of each call and inquiry and to ensure that it is dealt with appropriately and in a timely manner;
- to keep records and for training and quality-assurance purposes;
- to produce statistical reports for management purposes; and,
- some information is useful for dealing with subsequent problems, especially where a member of the CCS Help Desk has sent a detailed solution by email, which can then be re-used for a different call or inquiry. In such cases, any personal data from the original call or inquiry is removed before the data is re-used.
The information tracked in the Ticketing System can include personal information, such as personal or home telephone numbers, student email addresses, unique identifying numbers (student or employee ID), etc. It should not contain passwords.
CCS employees are required to protect from unauthorized uses and disclosures all restricted information, including personal information, which they access, use, share, and retain, in the course of their employment with Ryerson University pursuant to the Freedom of Information and Protection of Privacy Act “FIPPA”) and Ryerson University’s Information Protection and Access Policy.
The information may be shared, as necessary, with CCS employees who are responsible for the incident resolution. The information should not be shared with others or used for another purpose unrelated to incident resolution.
If you have questions about whether personal information can be shared or how to share the information in a secure manner, contact the Information and Privacy Officer (firstname.lastname@example.org, ext. 4676) BEFORE you share or email personal information.
If you are aware that there has been an unauthorized use or disclosure of personal information you are required to report this to the Information and Privacy Officer immediately and to your manager.
CCS uses Call Recording Technology to record calls between clients and CCS Help Desk Agents. All phone calls to the Help Desk number (ext. 6806) will be recorded and stored on the call recording system for a minimum period of one year from the date they are recorded.
Clients will be informed when they call the Help Desk that their call may be recorded for training and quality-assurance purposes. If the client does not wish to have their call recorded, they will be able to submit their incident by email, or call the Help Desk Manager.
The following CCS staff will have access to the calls:
- The Manager of the Help Desk;
- The Manager of Telecommunications Services; and,
- CCS Staff providing server support.
The Manager of the Help Desk may listen to calls for the following reasons:
- When a client has made a comment about excellent service;
- When a client has complained about poor service;
- For checking quality of service by listening to randomly selected calls;
- To verify information in work order or ticket; and,
- To assist with the training of Help Desk Agents.
A Help Desk Agent may request to hear a recorded call that they participated in.