1. U of R Home
  2. Policy
  3. Browse
  4. GOV-060-005 Freedom of Information and Protection of Privacy
University of Regina Policy

Freedom of Information and Protection of Privacy

Audience:Board of Governors, all University employees, contractors, and third-party service providers
Issued:October 01, 2006
Revised:April 28, 2023
Owner(s):Chief Governance Officer
Approved by:Board of Governors
Contact:Chief Governance Officer 306-585-5545


This policy outlines the University’s position on access to information and protection of privacy under The Local Authority Freedom of Information and Protection of Privacy Act pdf (the “Act”) and The Local Authority Freedom of Information and Protection of Privacy Regulations pdf.

The University of Regina (the “University”) affirms the importance of access to records that are in the possession, or under the control, of the University (in accordance with the Act).

The University also recognizes its obligation to establish policies and procedures to maintain administrative, technical and physical safeguards that:

  • protect the integrity, accuracy and confidentiality of personal information in its possession or control;
  • protect against a reasonably anticipated threat, hazard, loss or unauthorized access to, use , disclosure or modification of, such personal information; and
  • otherwise ensure compliance with the Act.

The Act provides every person a right to access records in possession or under the control of a local authority, subject to certain exemptions outlined in Part III of the Act.


Members of the University’s Board of Governors and all faculty and staff are responsible for the appropriate collection, access, use, disposal/archive and disclosure of information as defined in the Act pdfRegulations pdf, and this policy.

Contractors and third party service providers who receive confidential University records or personal information are also required to comply with the Act, Regulations, and this policy.

Access Guidelines

  • Information in University records should be available on request in accordance with the Act.  Access to Information may be limited by exceptions under the Act and Regulations, and certain other restrictions, including library circulation policies, copyright regulations, and licensing agreements.
  • The process for requesting information under the Act is shown in Appendix I pdf and follows the process outlined in the Act.  Applications for requests for information and the required nonrefundable fee specified in the Regulations should be sent to the Head.  An access request is deemed to be made when the application form and application fee are received by the Head.  Fees for searching for a record, preparing a record for disclosure and reproducing a record may be charged as provided for in the Regulations. 

Protection of Privacy

  • Personal information about an identifiable individual is protected under the Act and will not be used or disclosed except for the specific purpose for which it is collected or in accordance with one of the exceptions in the Act or the Regulations.
  • Subject to the Act and Regulations, individuals are entitled to access their own personal information and to request correction of the personal information where they believe there is an error or omission. 
  • In the event of a breach or a suspected breach of privacy, the University has established a protocol to guide response, as provided in Appendix II pdf.

Roles and Responsibilities

The Board of Governors has designated a Head on all matters related to freedom of information and protection of privacy, in accordance with the Act.

The Head:

  • is responsible for implementation of this policy within the University,
  • receives requests for access to University records either directly or by referral from other members of the University community,
  • works with the appropriate department, faculty of operational unit to respond to a request,
  • makes the final decision concerning a request and communicates the University’s decision in writing to the person making the request as required by the Act, and
  • investigates any complaints about unauthorized disclosure (breach) of personal information on the University’s behalf.

Consequences for Noncompliance

A breach or unauthorized disclosure may have ramifications for the University, which could include: legal action; financial costs; imposition of fines; and, the loss of reputation.  Individuals who breach the Act or misuse personal information may also be subject to disciplinary actions. 


Process for a Request for Information

See Appendix 1 – Routing of Requests under the Freedom of Information and Protection of Privacy Act pdf.

Protocol for a Breach in Privacy

See Appendix II - Privacy Breach Protocol pdf.

Related Information


Acts and Regulations