BC OIPC provides instruction to delete a user account and DNA on 23andMe

Alberta, update to access and privacy legislation, passed in December and in force this spring

Federal Privacy Commissioner launches new online privacy breach risk self-assessment tool

Law Society – Bite Size video – cloud computing guide

Ontario IPC commissions report on workplace surveillance technologies

Australian IPC releases new Privacy Basics e-Learning module

Watch Law Society video-Cyber Breaches through Third Parties

Australia’s privacy commissioner publishes its Digital ID regulatory strategy

5 takeaways from the Lifelabs case

Put Privacy First – Privacy Commissioner of Canada speaks about privacy risk mitigation.

Blog

Sample access request policy and checklist

April 20, 2020 - Ron Kruzeniski, Information and Privacy Commissioner

In a number of reports issued by my office, we have recommended that the towns/villages/municipalities develop an operational policy regarding processing access to information requests. After a number of questions, it became clear that there didn’t seem to be a sample policy developed for small towns/villages/municipalities. Larger organizations have developed policies that are applicable to an organization that has many employees and probably legal staff. In fact, the policy that has been developed here was tailored from the City of Regina’s operational policy but for a smaller organization.

Anything that is labeled a “sample policy” should be treated as a starting point for drafting. In using this sample, one should feel free to delete language that isn’t applicable to their organization and add language that speaks specifically to them.

In The Local Authority Freedom of Information and Protection of Privacy Act, the “head” is the Mayor or Reeve in a town or village. It is a recommended practice to delegate the “head’s” responsibility to the administrator or city clerk.

Following the posting of the sample operational policy, we have had discussions with people about the need for an access request checklist. Something simple that the head, Reeve or administrators could follow when they receive an access request. So, we developed a sample checklist. Again, the checklist is a “sample” or “guide”. Public bodies should adapt it to their needs: add things and delete things. We have also updated the sample policy to refer to the checklist.

You can find the sample policy link here. The Sample Access Request and Checklist can be found attached at the end of the Sample Operational Policy, Access to Information.

 

Download PDF

Categories: BlogTags:

Back to Blog

Was this page helpful?

Google Translate Disclaimer

Translations on the IPC Website are performed by Google Translate. Please note that not all text may be translated accurately or be translated at all. The IPC is not responsible for incorrect or inaccurate translations. The IPC will not be held responsible for any damage or issues that may result from using Google Translate.

For more information, read our full disclaimer.