The (Work) Life of an Intake Officer
When you contact the Saskatchewan Information and Privacy Commissioner’s office with a request for review, breach of privacy complaint, or a general inquiry, you will first be dealing with us, the Intake Officers.
Since the Intake Officer is generally your first point of contact with our office, I feel that it is important to spread the word on what we actually do. The three main areas that we deal with are;
- Request for Reviews
- Breach of Privacy Complaints
- Summary Advice
For a request for review, we want to try to solve the dispute to avoid going to the review stage, if possible, as that can take a lot of time, energy and resources. Our role is to analyze all incoming requests to clearly identify and sort out reviewable issues. We will look to confirm items such as when and where an access request was made, and what the Applicant’s main concerns or goals are, so we may need to contact you to discuss. If we see an opportunity for early resolution, we will contact the public body or trustee where you made the access request and will attempt—to the best of our ability—to come to an “early resolution”; whether that be seeing if more information may be released to the applicant than what was previously released or discovering the reasons why nothing was released at all and share that detail with the applicant to see if it makes a difference. If we are unable to find resolution at the intake stage, we will proceed with the formal review. Once the formal notice of review is issued, our role as Intake Officer is complete and the file is assigned to an Analyst.
When it comes to a breach of privacy complaint, our goal is to determine jurisdiction and grounds which will involve gathering as much necessary information as possible before proceeding to a formal investigation. We begin by asking a few questions:
- Has the complainant gone to the public body or trustee responsible for the breach to report it?
- Has the breach been contained?
- When did the breach occur? (We generally do not investigate a breach that is older than two years from the date of discovery)
- If it is a proactively reported breach, have the affected individuals been notified?
- Has an investigation and investigation report been completed by the public body or trustee?
It is important to note that we remain an unbiased neutral party in our reviews and privacy breach investigations—this doesn’t just go for Intake Officer’s, it goes for everyone in the office that you will deal with. We will, at no time, take sides. We go where the evidence takes us. The Intake Officer’s goal is to ensure we have the proper documentation and information required, and to streamline the process as much as we possibly can before having to get an Analyst, or possibly the Commissioner involved.
Have an access to information inquiry, privacy related question, or would like general information about our office? Don’t be shy! Give us a call. These questions fall under the “summary advice” category of our position—and believe me, there is no such thing as a “stupid question”. We have heard it all. We can give general, non-binding advice to those seeking information regarding access requests and privacy breach complaints. We can also provide information about the role of our office, when we can become involved with an access to information concern or a privacy complaint, and what sort of findings and recommendations you may expect from our office. If your question is out of our jurisdiction or expertise, we are happy to point you in the right direction.
We understand that being involved in a review or breach investigation with our office may be overwhelming or stressful; therefore, we try our best to make the process as smooth as possible.