Freedom of Information and Protection of Privacy

Category: Governance
Number: GOV-060-005
Audience: Board of Governors, all University employees, contractors, and third-party service providers
Revised: March 16, 2018
Owner(s): Executive Director (University Governance)
Approved by: Board of Governors
Contact: Executive Director (University Governance) - 306-585-5545

Introduction

This policy outlines the University’s position on access to information and protection of privacy under The Local Authority Freedom of Information and Protection of Privacy Act (248 KB) pdf (the “Act”) and The Local Authority Freedom of Information and Protection of Privacy Regulations (282 KB) pdf.

The University of Regina (the “University”) affirms the importance of access to information and the obligation to conduct its operation in ways that are open to public scrutiny.  The University is also committed to its obligation for the protection of privacy of those who work or study here. 

The Act provides every person a right to access records in possession or under the control of a local authority, subject to certain exemptions outlined in Part III of the Act.

Policy

Members of the University’s Board of Governors and all faculty and staff are responsible for the appropriate collection, access, use, disposal/archive and disclosure of information as defined in the Act (248 KB) pdfRegulations (282 KB) pdf, and this policy.

Contractors and third party service providers who receive confidential University records or personal information are also required to comply with the Act, Regulations, and this policy.

Access Guidelines

  • Information in University records should be available on request in accordance with the Act.  Access to Information may be limited by exceptions under the Act and Regulations, and certain other restrictions, including library circulation policies, copyright regulations, and licensing agreements.
  • The process for requesting information under the Act is shown in Appendix I (127 KB) pdf and follows the process outlined in the Act.  Applications for requests for information and the required nonrefundable fee specified in the Regulations should be sent to the Head.  An access request is deemed to be made when the application form and application fee are received by the Head.  Fees for searching for a record, preparing a record for disclosure and reproducing a record may be charged as provided for in the Regulations. 

Protection of Privacy

  • Personal information about an identifiable individual is protected under the Act and will not be used or disclosed except for the specific purpose for which it is collected or in accordance with one of the exceptions in the Act or the Regulations.
  • Subject to the Act and Regulations, individuals are entitled to access their own personal information and to request correction of the personal information where they believe there is an error or omission. 

Roles and Responsibilities

The Board of Governors has designated the Executive Director (University Governance) as Head on all matters related to freedom of information and protection of privacy.

The Head:

  • is responsible for implementation of this policy within the University,
  • receives requests for access to University records either directly or by referral from other members of the University community,
  • works with the appropriate department, faculty of operational unit to respond to a request,
  • makes the final decision concerning a request and communicates the University’s decision in writing to the person making the request as required by the Act, and
  • investigates any complaints about unauthorized disclosure (breach) of personal information on the University’s behalf.

Consequences for Noncompliance

A breach or unauthorized disclosure may have ramifications for the University, which could include: legal action; financial costs; imposition of fines; and, the loss of reputation.  Individuals who breach the Act or misuse personal information may also be subject to disciplinary actions. 

Processes

Process for a Request for Information

See Appendix 1 – Routing of Requests under the Freedom of Information and Protection of Privacy Act (127 KB) pdf.

Protocol for a Breach in Privacy

See Appendix II - Privacy Breach Protocol (323 KB) pdf.

Related Information