An IPC paper prepared for the Symposium on E-Governance for the 21st Century, sponsored by the Saskatchewan Institute of Public Policy. It has been included as a chapter in E-Government Reconsidered: Transformation of Governance for the Knowledge Age, a book published in April, 2004.

Date: Apr 01 2004   Type: Resource   Access: Professional

Produced by the Ministry of Natural Resources and the Office of the Information and Privacy Commissioner of Ontario.

Date: Apr 01 2004   Type: Resource   Access: Professional

This joint paper produced by IPC Ontario and Deloitte & Touche provides hands-on advice for developing strategies for information security and privacy protection.

Date: Aug 01 2003   Type: Resource   Access: Professional

This revised FAQ has a new look and feel and has been rewritten with cleaner, easy to understand, gender-neutral language. Also included are a few additions to the original publication: Questions on assumed implied consent and consent from children under 16. Questions regarding the relationship ...

Date: Nov 02 2015   Type: Resource   Access: Both

Examines privacy issues surrounding the use of voice mail in the workplace and outlines a number of general principles for organizations to consider in their development of corporate privacy protection policies regarding the use of voice mail. The related Highlight is Privacy Protection Principle...

Date: Oct 01 1995   Type: Resource   Access: Professional

Provides a template designed for insertion into contracts drawn up when a government function is transferred over to the private sector. The model contract will provide assurances to the public that their personal information will be kept secure and their right to privacy preserved when governmen...

Date: Aug 01 1997   Type: Resource   Access: Both

This paper examines the role that electronic records and document management systems (ERDMSs) can play in enhancing the public’s right to access information from government institutions in Ontario.

Date: Jul 01 2003   Type: Resource   Access: Professional

Examines the potential impact of PKI on the protection of personal privacy and makes recommendations for officials establishing such systems.

Date: Dec 01 2002   Type: Resource   Access: Professional

A Joint Project of the Office of the Information and Privacy Commissioner of Ontario and the Ministry of the Attorney General.

Date: Mar 01 2004   Type: Resource   Access: Both

This guide is a tool to help health information custodians understand their rights and obligations under the Personal Health Information Protection Act, (PHIPA).

Date: Dec 01 2004   Type: Resource   Access: Both

Each provincial and municipal government organization has a Co-ordinator. This Backgrounder looks at the critically important role that Co-ordinators play.

Date: Sep 01 1999   Type: Resource   Access: Both

This updated paper sets out guidelines for government institutions to consider when developing systems and procedures to maintain the confidentiality and integrity of information transmitted by fax.

Date: Jan 01 2003   Type: Resource   Access: Professional

Updated: December 2006.

Date: Jun 01 2005   Type: Resource   Access: Professional

This document assists organizations in making key decisions about notifying individuals after a privacy breach occurs by presenting checklists covering factors affecting whether to notify, when and how to notify, what to include in a notification and other organizations that should be contacted. ...

Date: Dec 11 2006   Type: Resource   Access: Both

RFID and Privacy: Guidance for Health-Care Providers. RFID technology can help save lives – and preserve privacy.

Date: Jan 23 2008   Type: Resource   Access: Both

In emergency situations, privacy laws in Ontario and British Columbia1 do not prohibit universities, colleges or other educational institutions from responsibly disclosing a student’s personal information, including information about their mental, emotional or other health conditions, to pare...

Date: Oct 30 2008   Type: Resource   Access: Professional

This paper is a chronicle describing the IPC’s work to enhance awareness about the privacy challenges youth face on the Internet.

Date: Mar 25 2009   Type: Resource   Access: Both

This discussion paper describes the IPC’s work in toward the implementation of an on/off device allowing holders of an Enhanced Drivers Licence (EDL) to prevent the Radio Frequency Identification (RFID) from being read by unauthorized third parties and disengage the RFID when not required for b...

Date: Mar 19 2009   Type: Resource   Access: Professional

This is joint publication between Commissioner, Dr. Ann Cavoukian and Robert Johnson, Executive Director of the National Association for Information Destruction (NAID). This publication was borne out of a particular Health Order (HO-006) which Commissioner Cavoukian issued this past summer re...

Date: Oct 29 2009   Type: Resource   Access: Both

Prepared for The Eighth Workshop on the Economics of Information Security University College, London, England June 24, 2009

Date: Dec 22 2009   Type: Resource   Access: Professional

Health information custodians frequently rely on de-identification when using or disclosing health information – a measure that can protect individual privacy, but often at the expense of data quality (zero-sum paradigm). Dr. Khaled El Emam, a senior investigator at the Children’s Hospital of...

Date: Mar 30 2010   Type: Resource   Access: Both

This paper examines Near Field Communications (NFC) technologies and their growing deployment in mobile devices. Four consumer use cases illustrate NFC functionalities and benefits. Privacy and security risks are identified, and solutions are offered for NFC mobile device and application develope...

Date: Nov 28 2011   Type: Resource   Access: Professional

Unmanned Aerial Vehicles (UAV) present unique challenges due to their ability to use a variety of sensors to gather information from unique vantage points – often for long periods and on a continuous basis. The prospect of having our every move monitored, and possibly recorded, raises profound ...

Date: Aug 16 2012   Type: Resource   Access: Professional

Privacy policies and procedures alone, without a concrete strategy for implementation, will not protect an organization from privacy risks. The policies and procedures must be actively communicated, and staff must be educated about measures that need to be in place, so that policies will be refle...

Date: Sep 05 2012   Type: Resource   Access: Professional

Since the recent revelations of the NSA’s sweeping surveillance of the public’s metadata, the term “metadata” has been regularly used in the media, frequently without any explanation of its meaning. Metadata’s reach can be extensive – including information that reveals the time and du...

Date: Jul 17 2013   Type: Resource   Access: Professional

As a small business becomes more networked and data-intensive, personal information and customer trust are critical assets that must be protected. This paper was written to help small business avoid data breaches that are harmful to both brand reputation and costly. Privacy policies and procedure...

Date: Oct 22 2013   Type: Resource   Access: Professional

Privacy and cybersecurity professionals, creators of digital property, and countless policy-makers have spent decades fighting to civilize the digital world, but they have lacked the most fundamental tool they need to succeed, namely — information systems engineering that enables true control o...

Date: May 08 2014   Type: Resource   Access: Professional

Information is becoming far more valuable as businesses seek to learn more about their customers and those of their competitors, and as advertisers seek to gain a competitive advantage by finding new and innovative ways to use information to target advertisements that are most relevant to their c...

Date: Jun 25 2014   Type: Resource   Access: Professional

Unauthorized access continues to be a growing problem in the health sector in Ontario. The province’s Personal Health Information Protection Act, (PHIPA), permits health information custodians (HIC) to collect, use and disclose personal health information for the purposes of providing or assist...

Date: Jan 28 2015   Type: Resource   Access: Both

This guidance document aims to identify some of the privacy considerations law enforcement authorities should take into account when deciding whether to outfit law enforcement officers with body-worn cameras. Published by the federal Privacy Commissioner and privacy and personal information prote...

Date: Feb 18 2015   Type: Resource   Access: Both

Ontario public sector institutions must meet high standards of care and trust whenever collecting, using and disclosing personal and other sensitive information. Any public institution considering new information technologies, systems, and program services that may affect privacy are strongly en...

Date: May 19 2015   Type: Resource   Access: Both

Municipalities are turning to the Internet as a means of making information public in an effort to improve accessibility, transparency and accountability. This may include publishing records directly to their website or including records in searchable databases that can be accessed online. Publis...

Date: Aug 04 2015   Type: Resource   Access: Both

This guidance document provides institutions with an overview of important factors to consider when implementing Open Government including the need for institutional leadership, commitment, governance and resources to support culture change and sustain the program over time, learning from others...

Date: Sep 06 2016   Type: Resource   Access: Both

This guidance paper is intended as a starting point for institutions considering Open Government and highlights two critical goals: enhancing access to government-held information and public participation.  It includes a discussion about making government-held information open by default and at...

Date: Sep 05 2016   Type: Resource   Access: Both

This guidance document outlines the key obligations of police under privacy legislation in their use of ALPR systems and provides guidance, including best practices, on using these systems in a privacy-protective manner.  It addresses the use of ALPR systems for public safety purposes, in parti...

Date: Jul 04 2017   Type: Resource   Access: Both

This guidance is designed to help institutions implement better record and information management practices and enhance the public’s ability to access information.

Date: Nov 03 2016   Type: Resource   Access: Both

The IPC strongly supports Open Government initiatives and encourages Ontario institutions to be more open and transparent, and to enhance their engagement with the public. This document offers guidance for institutions on how to move towards increased government transparency without negatively af...

Date: Mar 15 2017   Type: Resource   Access: Both

Date: Jan 30 2018   Type: Resource   Access: Both

This publication replaces the guidance document, What to do When Faced With a Privacy Breach: Guidelines for the Health Sector. This new, updated guide highlights the importance of having a detailed privacy breach protocol and explains the steps to take in responding to a breach under Ontario’s...

Date: Oct 04 2018   Type: Resource   Access: Both

Date: Mar 29 2019   Type: Resource   Access: Both