Guidance for Organizations
The Office of the Information and Privacy Commissioner publishes guidance documents to promote compliance with Ontario’s access and privacy laws.
New materials are posted on an ongoing basis. If you are looking for a guidance on a topic that is not listed here, please contact us.
This post is also available in: French
Title / Description | Topic | Type | Date |
---|---|---|---|
|
|||
Protect Against Phishing
This post is also available in: French |
Privacy And Transparency In A Modern Government | Technology And Security | Fact Sheets | Jul 04 2019 |
|
|||
Lesson Plan: Privacy Rights of Children and Teens
This post is also available in: French |
Children And Youth In A Digital World | Personal Information | Privacy | Technology And Security | Youth | Educational Material | Jun 18 2018 |
|
|||
Lesson Plan: Know the Deal: The Value of Privacy
This post is also available in: French |
Children And Youth In A Digital World | Personal Information | Privacy | Technology And Security | Youth | Educational Material | Jun 18 2018 |
|
|||
Lesson Plan: Getting the Toothpaste Back into the Tube: A Lesson on Online Information
This post is also available in: French |
Children And Youth In A Digital World | Personal Information | Privacy | Technology And Security | Youth | Educational Material | Jun 18 2018 |
|
|||
Smart Cities and Your Privacy Rights
This post is also available in: French |
Privacy | Privacy And Transparency In A Modern Government | Technology And Security | Fact Sheets | Apr 27 2018 |
|
|||
Joint Federal Provincial Territorial Letter to Minister of Infrastructure and Communities on Smart Cities Challenge
This post is also available in: French |
Privacy | Privacy And Transparency In A Modern Government | Technology And Security | Letters | Apr 26 2018 |
|
|||
Disposing of Your Electronic Media
This fact sheet provides guidance on how Ontario public institutions and health information custodians can securely destroy personal information when disposing of electronic media. |
Information Management | Privacy And Transparency In A Modern Government | Technology And Security | Best Practices | Fact Sheets | Mar 06 2018 |
|
|||
Joint Federal Provincial Territorial Letter to Council of Ministers of Education on the Importance of Privacy Education
This post is also available in: French |
Children And Youth In A Digital World | Privacy | Technology And Security | Youth | Letters | Nov 08 2017 |
|
|||
Guidance on the Use of Automated Licence Plate Recognition Systems by Police Services
This guidance document outlines the key obligations of police under privacy legislation in their use of ALPR systems and provides guidance, including best practices, on using these systems in a privacy-protective manner. It addresses the use of ALPR systems for public safety purposes, in particular for the purpose of alerting an officer in an ALPR-equipped vehicle to the... |
Law Enforcement/policing | Privacy | Technology And Security | Best Practices | Papers | Professional Guidelines | Jul 04 2017 |
|
|||
Fact Sheet: Video Surveillance
This fact sheet highlights the important factors an institution must consider before implementing a video surveillance system. |
Privacy | Privacy And Transparency In A Modern Government | Surveillance | Technology And Security | Best Practices | Fact Sheets | Professional Guidelines | Nov 09 2016 |
|
|||
Fact Sheet: Communicating Personal Health Information by Email
This fact sheet describes the risks of using email and custodians’ obligations under the Personal Health Information Protection Act. It outlines some of the technical, physical and administrative safeguards needed to protect personal health information when communicating by email and the policies, procedures and training custodians should have in place. |
Health | Technology And Security | Trust In Digital Health | Best Practices | Fact Sheets | Professional Guidelines | Sep 15 2016 |
|
|||
Thinking About Clouds? Privacy, security and compliance considerations for Ontario public sector institutions
The IPC has prepared this new guidance document, Thinking About Clouds? Privacy, security and compliance considerations for Ontario public sector institutions, to help institutions evaluate whether cloud computing services are suitable for their information management needs. In particular, it seeks to raise awareness of the risks associated with using cloud computing... |
Privacy | Privacy And Transparency In A Modern Government | Technology And Security | Professional Guidelines | Feb 20 2016 |
|
|||
Transparency, Privacy and the Internet: Municipal Balancing Acts
Municipalities are turning to the Internet as a means of making information public in an effort to improve accessibility, transparency and accountability. This may include publishing records directly to their website or including records in searchable databases that can be accessed online. Publishing materials online is an effective means of ensuring that the public has... |
Legislation | Privacy | Privacy And Transparency In A Modern Government | Technology And Security | Papers | Professional Guidelines | Aug 04 2015 |
|
|||
Planning for Success: Privacy Impact Assessment Guide
Ontario public sector institutions must meet high standards of care and trust whenever collecting, using and disclosing personal and other sensitive information. Any public institution considering new information technologies, systems, and program services that may affect privacy are strongly encouraged to complete a privacy impact assessment... |
Access | Information Management | Privacy | Technology And Security | Professional Guidelines | May 19 2015 |
|
|||
De-identification Protocols: Essential for Protecting Privacy
Information is becoming far more valuable as businesses seek to learn more about their customers and those of their competitors, and as advertisers seek to gain a competitive advantage by finding new and innovative ways to use information to target advertisements that are most relevant to their consumers. |
Information Management | Privacy | Privacy And Transparency In A Modern Government | Technology And Security | Papers | Professional Guidelines | Jun 25 2014 |
|
|||
Freedom and Control: Engineering a New Paradigm for the Digital World
Privacy and cybersecurity professionals, creators of digital property, and countless policy-makers have spent decades fighting to civilize the digital world, but they have lacked the most fundamental tool they need to succeed, namely — information systems engineering that enables true control of digital data. |
Information Management | Privacy | Technology And Security | Papers | May 08 2014 |
|
|||
A Primer on Metadata: Separating Fact from Fiction
Since the recent revelations of the NSA’s sweeping surveillance of the public’s metadata, the term “metadata” has been regularly used in the media, frequently without any explanation of its meaning. Metadata’s reach can be extensive – including information that reveals the time and duration of a communication, the particular devices used, email addresses, or... |
Information Management | Technology And Security | Papers | Jul 17 2013 |
|
|||
Privacy and Drones: Unmanned Aerial Vehicles
Unmanned Aerial Vehicles (UAV) present unique challenges due to their ability to use a variety of sensors to gather information from unique vantage points – often for long periods and on a continuous basis. The prospect of having our every move monitored, and possibly recorded, raises profound civil liberty and privacy concerns. At the same time, there are many desirable... |
Privacy | Technology And Security | Papers | Aug 16 2012 |
|
|||
Fact Sheet #18 – Secure Transfer of Personal Health Information
In Order HO-011, the Information and Privacy Commissioner of Ontario (IPC) ordered Cancer Care Ontario to discontinue its practice of transferring records of personal health information relating to its colon cancer screening program in paper format, after several courier packages containing the personal health information of over 7,000 individuals were lost. Cancer Care... |
Health | Information Management | Privacy | Technology And Security | Aug 01 2012 | |
|
|||
Identity Theft: A Crime of Opportunity
Practical information about identity theft, how to avoid it, and what to do if you find you are a victim. |
Privacy | Technology And Security | Brochures | Jul 17 2012 |
|
|||
Mobile Near Field Communications (NFC) “Tap ‘n Go” – Keep it Secure and Private
This paper examines Near Field Communications (NFC) technologies and their growing deployment in mobile devices. Four consumer use cases illustrate NFC functionalities and benefits. Privacy and security risks are identified, and solutions are offered for NFC mobile device and application developers that are informed by the Privacy by Design Foundational Principles. ... |
Privacy | Technology And Security | Papers | Nov 28 2011 |
|
|||
Fact Sheet #16 – Health-Care Requirement for Strong Encryption
The Office of the Information and Privacy Commissioner, in Order HO-004 and Order HO-007, required that health information be safeguarded at all times, specifically by ensuring that any personal health information stored on any mobile devices (e.g., laptops, memory sticks, PDAs) be strongly encrypted.This Fact Sheet paper provides a working definition of strong encryption... |
Health | Privacy | Technology And Security | Educational Material | Fact Sheets | Jul 16 2010 |
|
|||
Adding an On/Off Device to Activate the RFID in Enhanced Driver’s Licences: Pioneering a Made-in-Ontario Transformative Technology that Delivers Both Privacy and Security
This discussion paper describes the IPC’s work in toward the implementation of an on/off device allowing holders of an Enhanced Drivers Licence (EDL) to prevent the Radio Frequency Identification (RFID) from being read by unauthorized third parties and disengage the RFID when not required for border-crossing purposes |
Privacy | Technology And Security | Papers | Mar 19 2009 |
|
|||
Reference Check: Is Your Boss Watching? The New World of Social Media: Privacy and Your Facebook Profile
Social networking websites such as Facebook are now so popular that they are being used by employers to screen prospects. Information you post on your profile for the amusement of you and your friends may, therefore, be viewed in a different light. This short paper cautions users of these sites about this growing trend in use of these sites and offers tips on how to reduce... |
Privacy | Technology And Security | Oct 24 2007 | |
|
|||
Safeguarding Privacy on Mobile Devices
A brochure outlining suggested best practices for securing mobile devices (PDAs, laptops, etc.) and protecting the information carried out of the workplace on them. Steps are organized into sections: Before you Walk out of the Workplace, While you are Out and When You have Completed Your Work. Includes a checklist and list of IPC resources. Revised: May 2014 ... |
Privacy | Technology And Security | Jun 14 2007 | |
|
|||
Fact Sheet #13 – Wireless Communications Technologies: Video Surveillance Systems
Fact Sheet about the use of wireless CCTV cameras. |
Privacy | Surveillance | Technology And Security | Fact Sheets | Jun 07 2007 |
|
|||
The Security-Privacy Paradox: Issues, Misconceptions and Strategies
This joint paper produced by IPC Ontario and Deloitte & Touche provides hands-on advice for developing strategies for information security and privacy protection. |
Privacy | Surveillance | Technology And Security | Papers | Aug 01 2003 |
|
|||
Guidelines on Facsimile Transmission Security
This updated paper sets out guidelines for government institutions to consider when developing systems and procedures to maintain the confidentiality and integrity of information transmitted by fax. |
Privacy | Technology And Security | Best Practices | Papers | Professional Guidelines | Jan 01 2003 |
|
|||
Best Practices for Online Privacy Protection
An educative tool designed to help companies identify and implement appropriate practices for protecting the privacy of their online customers. |
Privacy | Technology And Security | Best Practices | Professional Guidelines | Jun 01 2001 |