An IPC paper prepared for the Symposium on E-Governance for the 21st Century, sponsored by the Saskatchewan Institute of Public Policy. It has been included as a chapter in E-Government Reconsidered: Transformation of Governance for the Knowledge Age, a book published in April, 2004.

Date: Apr 01 2004   Type: Resource   Access: Professional

Produced by the Ministry of Natural Resources and the Office of the Information and Privacy Commissioner of Ontario.

Date: Apr 01 2004   Type: Resource   Access: Professional

This joint paper produced by IPC Ontario and Deloitte & Touche provides hands-on advice for developing strategies for information security and privacy protection.

Date: Aug 01 2003   Type: Resource   Access: Professional

This paper examines the role that electronic records and document management systems (ERDMSs) can play in enhancing the public’s right to access information from government institutions in Ontario.

Date: Jul 01 2003   Type: Resource   Access: Professional

Examines the potential impact of PKI on the protection of personal privacy and makes recommendations for officials establishing such systems.

Date: Dec 01 2002   Type: Resource   Access: Professional

A Joint Project of the Office of the Information and Privacy Commissioner of Ontario and the Ministry of the Attorney General.

Date: Mar 01 2004   Type: Resource   Access: Both

This guide is a tool to help health information custodians understand their rights and obligations under the Personal Health Information Protection Act, (PHIPA).

Date: Dec 01 2004   Type: Resource   Access: Both

Each provincial and municipal government organization has a Co-ordinator. This Backgrounder looks at the critically important role that Co-ordinators play.

Date: Sep 01 1999   Type: Resource   Access: Both

This updated paper sets out guidelines for government institutions to consider when developing systems and procedures to maintain the confidentiality and integrity of information transmitted by fax.

Date: Jan 01 2003   Type: Resource   Access: Professional

Updated: December 2006.

Date: Jun 01 2005   Type: Resource   Access: Professional

This document assists organizations in making key decisions about notifying individuals after a privacy breach occurs by presenting checklists covering factors affecting whether to notify, when and how to notify, what to include in a notification and other organizations that should be contacted. ...

Date: Dec 11 2006   Type: Resource   Access: Both

RFID and Privacy: Guidance for Health-Care Providers. RFID technology can help save lives – and preserve privacy.

Date: Jan 23 2008   Type: Resource   Access: Both

In emergency situations, privacy laws in Ontario and British Columbia1 do not prohibit universities, colleges or other educational institutions from responsibly disclosing a student’s personal information, including information about their mental, emotional or other health conditions, to pare...

Date: Oct 30 2008   Type: Resource   Access: Professional

This paper is a chronicle describing the IPC’s work to enhance awareness about the privacy challenges youth face on the Internet.

Date: Mar 25 2009   Type: Resource   Access: Both

This discussion paper describes the IPC’s work in toward the implementation of an on/off device allowing holders of an Enhanced Drivers Licence (EDL) to prevent the Radio Frequency Identification (RFID) from being read by unauthorized third parties and disengage the RFID when not required for b...

Date: Mar 19 2009   Type: Resource   Access: Professional

This is joint publication between Commissioner, Dr. Ann Cavoukian and Robert Johnson, Executive Director of the National Association for Information Destruction (NAID). This publication was borne out of a particular Health Order (HO-006) which Commissioner Cavoukian issued this past summer regard...

Date: Oct 29 2009   Type: Resource   Access: Both

Prepared for The Eighth Workshop on the Economics of Information Security University College, London, England June 24, 2009

Date: Dec 22 2009   Type: Resource   Access: Professional

Health information custodians frequently rely on de-identification when using or disclosing health information – a measure that can protect individual privacy, but often at the expense of data quality (zero-sum paradigm). Dr. Khaled El Emam, a senior investigator at the Children’s Hospital of...

Date: Mar 30 2010   Type: Resource   Access: Both

This paper examines Near Field Communications (NFC) technologies and their growing deployment in mobile devices. Four consumer use cases illustrate NFC functionalities and benefits. Privacy and security risks are identified, and solutions are offered for NFC mobile device and application develope...

Date: Nov 28 2011   Type: Resource   Access: Professional

Unmanned Aerial Vehicles (UAV) present unique challenges due to their ability to use a variety of sensors to gather information from unique vantage points – often for long periods and on a continuous basis. The prospect of having our every move monitored, and possibly recorded, raises profound ...

Date: Aug 16 2012   Type: Resource   Access: Professional

Privacy policies and procedures alone, without a concrete strategy for implementation, will not protect an organization from privacy risks. The policies and procedures must be actively communicated, and staff must be educated about measures that need to be in place, so that policies will be refle...

Date: Sep 05 2012   Type: Resource   Access: Professional

There are many myths surrounding how information may be collected, used and disclosed under the Personal Health Information Protection Act. Working with our partners in the health care community, we have created this one-page document to dispel some of the more common myths.

Date: Sep 28 2012   Type: Resource   Access: Both

Since the recent revelations of the NSA’s sweeping surveillance of the public’s metadata, the term “metadata” has been regularly used in the media, frequently without any explanation of its meaning. Metadata’s reach can be extensive – including information that reveals the time and du...

Date: Jul 17 2013   Type: Resource   Access: Professional

As a small business becomes more networked and data-intensive, personal information and customer trust are critical assets that must be protected. This paper was written to help small business avoid data breaches that are harmful to both brand reputation and costly. Privacy policies and procedure...

Date: Oct 22 2013   Type: Resource   Access: Professional

Privacy and cybersecurity professionals, creators of digital property, and countless policy-makers have spent decades fighting to civilize the digital world, but they have lacked the most fundamental tool they need to succeed, namely — information systems engineering that enables true control o...

Date: May 08 2014   Type: Resource   Access: Professional

Information is becoming far more valuable as businesses seek to learn more about their customers and those of their competitors, and as advertisers seek to gain a competitive advantage by finding new and innovative ways to use information to target advertisements that are most relevant to their c...

Date: Jun 25 2014   Type: Resource   Access: Professional

Unauthorized access continues to be a growing problem in the health sector in Ontario. The province’s Personal Health Information Protection Act, (PHIPA), permits health information custodians (HIC) to collect, use and disclose personal health information for the purposes of providing or assist...

Date: Jan 28 2015   Type: Resource   Access: Both

This guidance document aims to identify some of the privacy considerations law enforcement authorities should take into account when deciding whether to outfit law enforcement officers with body-worn cameras. Published by the federal Privacy Commissioner and privacy and personal information prote...

Date: Feb 18 2015   Type: Resource   Access: Both

Municipalities are turning to the Internet as a means of making information public in an effort to improve accessibility, transparency and accountability. This may include publishing records directly to their website or including records in searchable databases that can be accessed online. Publis...

Date: Aug 04 2015   Type: Resource   Access: Both

  Proactive disclosure of procurement records strengthens clarity and accountability around government spending. It can also provide tangible benefits to institutions by reducing the number of procurement-related freedom of information requests, appeals and associated costs. This resource de...

Date: Sep 21 2015   Type: Resource   Access: Both

  As governments and public sector organizations strive to become more efficient, accountable and customer focused, they frequently seek input from the public about their programs and services. One of the most cost-effective ways to accomplish this is through surveys. While surveys can be an...

Date: Apr 07 2015   Type: Resource   Access: Both

Bill 8, the Public Sector and MPP Accountability and Transparency Act, 2014, will come into effect on January 1, 2016. This Bill amends the Freedom of Information and Protection of Privacy Act (FIPPA) and the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) to include requi...

Date: Dec 22 2015   Type: Resource   Access: Both

This document was developed to help Ontario’s public institutions manage the use of instant messaging and personal email accounts when doing business. All public servants should be aware records relating to an institution’s business that are created, sent or received through instant messaging...

Date: Jun 07 2016   Type: Resource   Access: Both

This guidance document provides institutions with an overview of important factors to consider when implementing Open Government including the need for institutional leadership, commitment, governance and resources to support culture change and sustain the program over time, learning from others...

Date: Sep 06 2016   Type: Resource   Access: Both

This guidance paper is intended as a starting point for institutions considering Open Government and highlights two critical goals: enhancing access to government-held information and public participation.  It includes a discussion about making government-held information open by default and at...

Date: Sep 05 2016   Type: Resource   Access: Both

This guidance document outlines the key obligations of police under privacy legislation in their use of ALPR systems and provides guidance, including best practices, on using these systems in a privacy-protective manner.  It addresses the use of ALPR systems for public safety purposes, in parti...

Date: Jul 04 2017   Type: Resource   Access: Both

This guidance is designed to help institutions implement better record and information management practices and enhance the public’s ability to access information.

Date: Nov 03 2016   Type: Resource   Access: Both

Date: Jan 30 2018   Type: Resource   Access: Both

This publication replaces the guidance document, What to do When Faced With a Privacy Breach: Guidelines for the Health Sector. This new, updated guide highlights the importance of having a detailed privacy breach protocol and explains the steps to take in responding to a breach under Ontario’s...

Date: Oct 04 2018   Type: Resource   Access: Both

Date: May 12 2021   Type: Resource   Access: Both