Annual Report on the Administration of the Privacy Act 2016-2017
Table of Contents
- Introduction
- Organizational Structure
- Delegation Order
- Highlights of the Statistical Report, 2016-2017
- Training
- Policies, Guidelines, Procedures and Initiatives
- Summary of Key Issues and Actions Taken on Complaints or Audits
- Monitoring Compliance
- Material Privacy Breaches
- Privacy Impact Assessments
- Public Interest Disclosures
1. Introduction
The Privacy Act (Act), proclaimed in 1983, protects the privacy of individuals who are Canadian citizens or permanent residents with respect to personal information about themselves held by the Canadian government. The Act provides individuals with the right to access their personal information and protects the privacy of individuals by prescribing the manner in which the government may collect, use, disclose, retain and dispose of personal information. Individuals may also request correction of personal information where they perceive inaccuracies or omissions and may have notations attached to the information where corrections are refused.
Section 72 of the Act requires that the head of every government institution prepare for submission to Parliament an annual report on the administration of the Act within the institution during the financial year. This report covers the period from April 1, 2016 to March 31, 2017.
The Canadian Transportation Agency (Agency) is an independent, quasi-judicial tribunal and regulator with the powers of a superior court.
The Agency has three core mandates:
- to help ensure that the national transportation system runs efficiently and smoothly in the interests of all Canadians: those who work and invest in it; the producers, shippers, travellers and businesses who rely on it; and the communities where it operates.
- to protect the human right of persons with disabilities to an accessible transportation network.
- to provide consumer protection for air passengers.
To help advance these mandates, we have three tools at our disposal:
- Rule-making: The Agency develops and applies ground rules that establish the rights and responsibilities of transportation service providers and users and that level the playing field among competitors. These rules can take the form of binding regulations or less formal guidelines, codes of practice or interpretation notes.
- Dispute resolution: The Agency resolves disputes that arise between transportation service providers on the one hand, and their clients and neighbours on the other, using a range of tools from facilitation and mediation to arbitration and adjudication.
- Information provision: The Agency provides information on the transportation system, the rights and responsibilities of transportation service providers and users, and the Agency's legislation and services.
2. Organizational Structure
The Chair and Chief Executive Officer of the Agency is responsible for the administration of and compliance with the Act, its Regulation and Policy.
During this reporting period, the Access to Information and Privacy (ATIP) Unit was positioned in the Information Management and Technology Services Directorate (IMTSD) and included the Director of IMTSD and a Coordinator.
All files were processed by the Coordinator. Agency staff actively participated in the retrieval and review of records. All final releases were reviewed by Legal Services prior to their approval by the Coordinator or Director of IMTSD.
Each application had an individual case file, and all actions were recorded in the ATIP case management system, PrivaSoft AccessPro.
Implementation of the privacy program
The focus for the ATIP Coordinator was to continue to foster awareness about the Act and policy requirements for the collection, use, disclosure, retention, and disposal of personal information.
The ATIP Coordinator implemented and monitored the results of action plans stemming from the two privacy impact assessments (PIA) that were completed in 2015-2016: a PIA on our case management system and a PIA on the forms that we use to collect personal information. Actions included: updating personal information collection statements; training and awareness; and preparing an information sharing agreement between the Agency and Statistics Canada.
3. Delegation Order
In May 2016, the Chair and CEO delegated partial authority to the ATIP Coordinator and full authority to the Director of IMTSD and the Chief Corporate Officer. A copy of the May 2016 delegation order is attached as Appendix B. Prior to May 2016, the ATIP Coordinator and General Counsel held full authority. The previous delegation order is attached as Appendix C.
All delegation orders were signed in the city of Gatineau.
4. Highlights of the Statistical Report, 2016-2017
Attached as Appendix A is the form entitled “Statistical Report on the Privacy Act”, which provides statistical data on formal requests under the Actreceived by the Agency.
During this reporting period, April 1, 2016 to March 31, 2017, the Agency received six formal requests for personal information. This represents an increase of five requests over the previous year. No requests were outstanding from 2015-2016. One request was carried over to 2017-2018.
Formal requests received and completed over the last five years

-
Détails
2016-2017 2015-2015 2014-2015 2013-2014 2012-2013 Requests Received 6 1 1 0 1 Requests Completed 5 1 1 0 1 Informal Request 1 0 0 0 0
Completion of Requests

-
Détails
Response Time 0-15 Days 1 16-30 Days 3 31-60 Days 1 Carried Over 1
Four requests were completed within 30 days. One request was completed within 60 days and one was carried over to the following reporting year.
Disposition of Requests

-
Détails
All Disclosed Disclosed in part Carried Over Percentage 16.6% 66.6% 16.6%
A total of 4,413 pages were reviewed and 1,445 pages released in part or completely. Exemptions under sections 26 and 27 were applied, which is consistent with previous years. Section 12 was applied to any information contained in the record to which the applicant does not have the right of access.
5. Training
A formal presentation was made to the Members of the Agency on the application of the Privacy Act.
Further training on the management of personal information was provided to business areas across the Agency. For example, a presentation was made to the Agency's Business Information Management Advisor Working Group.
Advice and guidance was provided on an ad hoc basis in response to requests.
6. Policies, Guidelines, Procedures and Initiatives
There were no changes to the Agency's policies, guidelines and procedures with respect to the administration of the Act.
A new initiative was undertaken to communicate to all staff their responsibility to protect privacy. For example, reminders were sent through intranet messaging and included in on-boarding procedures.
7. Summary of Key Issues and Actions Taken on Complaints or Audits
There were no key issues in 2016-2017.
The Agency revised the personal information collection statements on its website to ensure that they are easily understood.
Complaints
There is one open complaint from 2014-2015.
The complainant alleges that the Agency contravened the use and disclosure provisions of the Act when it disclosed a personal e-mail address in the c.c. field of its e-mails to over 100 applicants involved in the adjudication of a dispute with an airline. The complainant is of the view that such a practice has highly negative impacts on the privacy of individuals and the security of their individual data systems, and it creates a potential financial hardship for them. All information in response to the complaint, including explanations as to why personal information may be shared amongst applicants during an adjudication proceeding, was provided to the Office of the Privacy Commissioner (OPC) in April 2015. Further to this, the OPC was advised in June 2015 of the Federal Court of Appeal Decision No. 2015-FCA-140, requiring the Agency to provide public access to all information on the public record, including what would otherwise be considered personal information.
In the reporting year, it was decided that a formal process was required, and the complaint remains open.
8. Monitoring Compliance
The Agency tracked all administrative activities related to requests under the Act in the PrivaSoft AccessPro case management system, including due dates in order to meet statutory timelines. Due dates for all actions were communicated to staff and reminders sent as required. All actions were also detailed in a separate tracking tool and the status of each request was communicated to the Chief Corporate Officer and the Director, IMTSD on a weekly basis. Processing time was not otherwise monitored except by Legal Services in support of their internal performance monitoring.
9. Material Privacy Breaches
No material privacy breaches were identified during the reporting period.
10. Privacy Impact Assessments
No new PIAs were conducted in 2016-2017. Two completed PIAs from the previous fiscal year were sent to the OPC. Neither PIA required further action.
11. Public Interest Disclosures
During the reporting period, the Agency did not disclose information pursuant to paragraph 8(2)(m) of the Act.
Appendix A: Statistical Report on the Privacy Act
Reporting Period: 2016 - 2017
Part 1: Requests Under the Privacy Act
Number of Requests | |
---|---|
Received during reporting period | 6 |
Outstanding from previous reporting period | 0 |
Total | 6 |
Closed during reporting period | 5 |
Carried over to next reporting period | 1 |
Part 2: Requests Closed During the Reporting Period
Disposition of Requests | Completion Time | |||||||
---|---|---|---|---|---|---|---|---|
1 to 15 Days | 16 to 30 Days | 31 to 60 Days | 61 to 120 Days | 121 to 180 Days | 181 to 365 Days | More Than 365 Days | Total | |
All disclosed | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
Disclosed in part | 0 | 3 | 1 | 0 | 0 | 0 | 0 | 4 |
All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
No records exist | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Request abandoned | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 1 | 3 | 1 | 0 | 0 | 0 | 0 | 5 |
Section | Number of Requests |
---|---|
18(2) | 0 |
19(1)(a) | 0 |
19(1)(b) | 0 |
19(1)(c) | 0 |
19(1)(d) | 0 |
19(1)(e) | 0 |
19(1)(f) | 0 |
20 | 0 |
21 | 0 |
22(1)(a)(i) | 0 |
22(1)(a)(i) | 0 |
22(1)(a)(ii) | 0 |
22(1)(a)(iii) | 0 |
22(1)(b) | 0 |
22(1)(c) | 0 |
22(2) | 0 |
22.1 | 0 |
22.2 | 0 |
22.3 | 0 |
23(a) | 0 |
23(b) | 0 |
24(a) | 0 |
24(b) | 0 |
25 | 0 |
26 | 3 |
27 | 3 |
28 | 0 |
Section | Number of Requests |
---|---|
69(1) a) | 0 |
69(1) b) | 0 |
69.1 | 0 |
70(1) | 1 |
70(1) a) | 0 |
70(1) b) | 0 |
70(1) c) | 0 |
70(1) d) | 0 |
70(1) e) | 0 |
70(1) f) | 0 |
70.1 | 0 |
Disposition | Paper | Electronic | Other formats |
---|---|---|---|
All disclosed | 0 | 1 | 0 |
Disclosed in part | 0 | 4 | 0 |
Total | 0 | 5 | 0 |
2.5 Complexity
Disposition of Requests | Number of Pages Processed | Number of Pages Disclosed | Number of Requests |
---|---|---|---|
All disclosed | 180 | 180 | 1 |
Disclosed in part | 4233 | 1265 | 4 |
All exempted | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 |
Request abandoned | 0 | 0 | 0 |
Neither confirmed nor denied | 0 | 0 | 0 |
Total | 4413 | 1445 | 5 |
Disposition | Less Than 100 Pages Processed | 101-500 Pages Processed | 501-1000 Pages Processed | 1001-5000 Pages Processed | More Than 5000 Pages Processed | |||||
---|---|---|---|---|---|---|---|---|---|---|
Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | |
All disclosed | 0 | 0 | 1 | 180 | 0 | 0 | 0 | 0 | 0 | 0 |
Disclosed in part | 1 | 54 | 1 | 197 | 1 | 34 | 1 | 980 | 0 | 0 |
All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Request abandoned | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 1 | 54 | 2 | 377 | 1 | 34 | 1 | 980 | 0 | 0 |
Disposition | Consultation Required | Legal Advice Sought | Interwoven Information | Other | Total |
---|---|---|---|---|---|
All disclosed | 0 | 0 | 0 | 0 | 0 |
Disclosed in part | 0 | 1 | 0 | 0 | 1 |
All exempted | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 |
Request abandoned | 0 | 0 | 0 | 0 | 0 |
Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 1 | 0 | 0 | 1 |
2.6 Deemed refusals
Number of Requests Closed Past the Statutory Deadline | Principal Reason | |||
---|---|---|---|---|
Workload | External Consultation | Internal Consultation | Other | |
0 | 0 | 0 | 0 | 0 |
Number of Days Past Deadline | Number of Requests Past Deadline Where No Extension Was Taken | Number of Requests Past Deadline Where An Extension Was Taken | Total |
---|---|---|---|
1 to 15 days | 0 | 0 | 0 |
16 to 30 days | 0 | 0 | 0 |
31 to 60 days | 0 | 0 | 0 |
61 to 120 days | 0 | 0 | 0 |
121 to 180 days | 0 | 0 | 0 |
181 to 365 days | 0 | 0 | 0 |
More than 365 days | 0 | 0 | 0 |
Total | 0 | 0 | 0 |
Translation Requests | Accepted | Refused | Total |
---|---|---|---|
English to French | 0 | 0 | 0 |
French to English | 0 | 0 | 0 |
Total | 0 | 0 | 0 |
Paragraph 8(2)(e) | Paragraph 8(2)(m) | Subsection 8(5) | Total |
---|---|---|---|
0 | 0 | 0 | 0 |
Disposition for Correction Requests Received | Number |
---|---|
Notations attached | 0 |
Requests for correction accepted | 0 |
Total | 0 |
Part 5: Extensions
Disposition of Requests Where an Extension Was Taken | 15(a)(i)Interference with operations | 15(a)(ii)Consultation | 15(b)Translation purposes | |
---|---|---|---|---|
Section 70 | Other | |||
All disclosed | 0 | 0 | 0 | 0 |
Disclosed in part | 1 | 0 | 0 | 0 |
All exempted | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 |
No records exist | 0 | 0 | 0 | 0 |
Request abandoned | 0 | 0 | 0 | 0 |
Total | 1 | 0 | 0 | 0 |
Length of Extensions | 15(a)(i)Interference with operations | 15(a)(ii)Consultation | 15(b)Translation purposes | |
---|---|---|---|---|
Section 70 | Other | |||
1 to 15 days | 0 | 0 | 0 | 0 |
16 to 30 days | 1 | 0 | 0 | 0 |
Total | 1 | 0 | 0 | 0 |
Part 6: Consultations Received From Other Institutions and Organizations
Consultations | Other Government of Canada Institutions | Number of Pages to Review | Other Organizations | Number of Pages to Review |
---|---|---|---|---|
Received during the reporting period | 0 | 0 | 0 | 0 |
Outstanding from the previous reporting period | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 |
Closed during the reporting period | 0 | 0 | 0 | 0 |
Pending at the end of the reporting period | 0 | 0 | 0 | 0 |
Recommendation | Number of Days Required to Complete Consultation Requests | |||||||
---|---|---|---|---|---|---|---|---|
1 to 15 Days | 16 to 30 Days | 31 to 60 Days | 61 to 120 Days | 121 to 180 Days | 181 to 365 Days | More Than 365 Days | Total | |
All disclosed | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Recommendation | Number of days required to complete consultation requests | |||||||
---|---|---|---|---|---|---|---|---|
1 to 15 Days | 16 to 30 Days | 31 to 60 Days | 61 to 120 Days | 121 to 180 Days | 181 to 365 Ddays | More Than 365 Days | Total | |
All disclosed | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Part 7: Completion Time of Consultations on Cabinet Confidences
Number of Days | Fewer Than 100 Pages Processed | 101-500 Pages Processed | 501-1000 Pages Processed | 1001-5000 Pages Processed | More than 5000 Pages Processed | |||||
---|---|---|---|---|---|---|---|---|---|---|
Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | |
1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Number of Days | Fewer Than 100 Pages Processed | 101‒500 Pages Processed | 501-1000 Pages Processed | 1001-5000 Pages Processed | More than 5000 Pages Processed | |||||
---|---|---|---|---|---|---|---|---|---|---|
Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | |
1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Part 8: Complaints and Investigations Notices Received
Section 31 | Section 33 | Section 35 | Court action | Total |
---|---|---|---|---|
0 | 0 | 0 | 0 | 0 |
Part 9: Privacy Impact Assessments (PIAs)
Number of PIA(s)completed | 0 |
---|
Part 10: Resources Related to the Privacy Act
Expenditures | Amount |
---|---|
Salaries | $33,675 |
Overtime | $0 |
Goods and Services | $11,161 |
Professional services contracts | $990 |
Other | $10,171 |
Total | $44,836 |
Resources | Person Years Dedicated to Privacy Activities |
---|---|
Full-time employees | 0.56 |
Part-time and casual employees | 0.00 |
Regional staff | 0.00 |
Consultants and agency personnel | 0.04 |
Students | 0.00 |
Total | 0.60 |
Appendix B: May 2016 Delegation Order
Section of the Privacy Act | Description | Authority Delegated to | |||
---|---|---|---|---|---|
Chief Corporate Officer | Director IMITSD | ATIP Coordinator | ATIP Analyst | ||
8(2)(j)(m) | Disclosure of personal information
|
X | X | ||
8(4) | Requests from investigative bodies
|
X | X | ||
8(5) | Notify Privacy Commissioner of 8(2)(m) disclosures
|
X | X | X | |
9(1) | Retain record of disclosures
|
X | X | X | |
9(4) | Notify Privacy Commissioner of consistent use
|
X | X | X | |
10 | Include personal information in Personal Information Banks
|
X | X | X | |
14(a) | Notice where access requested
|
X | X | X | X |
14(b) | Giving access to the record | X | X | X | |
15 | Extension of time limits
|
X | X | X | X |
17(2)(b) | Language of access
|
X | X | X | |
17(3)(b) | Access in an alternative format
|
X | X | X | |
18(2) | Exempt banks
|
X | X | X | |
Invoking exemptions:
|
|||||
19(1)(2) | Personal information obtained in confidence\ | X | X | X | |
20 | Federal-provincial affairs | X | X | ||
21 | International affairs and defence | X | X | ||
22 | Law enforcement and investigation | X | X | ||
23 | Information prepared by an investigative body for security clearances | X | X | ||
24 | Information collected by the Canadian Penitentiary Services, National Parole Services or National Parole Board | X | X | ||
25 | Safety of individuals | X | X | ||
26 | Personal information about other individuals | X | X | X | |
27 | Solicitor-client privilege | X | X | ||
28 | Medical records | X | X | ||
31 | Receive notice of investigations
|
X | X | X | |
33(2) | Right to make representations
|
X | X | X | |
35(1) | Privacy Commissioner’s Report
|
X | X | X | |
35(4) | Access to be given to complainant
|
X | X | X | |
36(3) | Review of exempt banks
|
X | X | X | |
37(3) | Compliance investigation
|
X | X | X | |
51(2)(b) | Special rules for hearings
|
X | X | X | |
51(3) | Representations in hearings
|
X | X | X | |
70 | Cabinet Confidences | X | X | ||
72(1) | Annual Report
|
X | X | X | |
Responsibilities under sections 9, 11, 13 and 14 of the Privacy Regulations: | |||||
9 | Provide reasonable facilities and time for examination of information | X | X | X | |
11(2) | Upon receipt of Correction Request Form, provide notification to individual that correction has been made and provide notifications in 11(2)(b) and (c) | X | X | X | |
11(4) | Where a request for correction is refused, attach notification to the personal information that a correction was refused and provide notifications in 11(4)(b)(c) and (d) | X | X | X | |
13(1) | Authorize the disclosure of medical records to a qualified medical practitioner or psychologist for opinion as to whether disclosure would be contrary to the best interests of the individual | X | X | ||
14 | Examination in presence of medical practitioner of psychologist | X | X | X |
Appendix C: October 2015 Delegation Order
Section of the Privacy Act | Description | Authority Delegated to | |||
---|---|---|---|---|---|
General Counsel | Access to Information and Privacy Coordinator | ATIP Analyst | IM/IT Director | ||
8(2)(j)(m) | Disclosure of personal information
|
X | X | ||
8(4) | Requests from investigative bodies
|
X | X | ||
8(5) | Notify Privacy Commissioner of 8(2)(m) disclosures
|
X | X | ||
9(1) | Retain record of disclosures
|
X | X | ||
9(4) | Notify Privacy Commissioner of consistent use
|
X | |||
10 | Include personal information in Personal Information Banks
|
X | |||
14(a) | Notice where access requested
|
X | X | X | |
14(b) | Giving access to the record | X | X | ||
15 | Extension of time limits
|
X | X | X | |
17(2)(b) | Language of access
|
X | X | ||
17(3)(b) | Access in an alternative format
|
X | X | ||
18(2) | Exempt banks
|
X | X | ||
Invoking exemptions:
|
X | X | |||
19(1)(2) | Personal information obtained in confidence | X | X | ||
20 | Federal-provincial affairs | X | X | ||
21 | International affairs and defence | X | X | ||
22 | Law enforcement and investigation | X | X | ||
23 | Information prepared by an investigative body for security clearances | X | X | ||
24 | Information collected by the Canadian Penitentiary Services, National Parole Services or National Parole Board | X | X | ||
25 | Safety of individuals | X | X | ||
26 | Personal information about other individuals | X | X | ||
27 | Solicitor-client privilege | X | X | ||
28 | Medical records | X | X | ||
31 | Receive notice of investigations
|
X | X | ||
33(2) | Right to make representations
|
X | X | ||
35(1) | Privacy Commissioner’s Report
|
X | X | ||
35(4) | Access to be given to complainant
|
X | X | ||
36(3) | Review of exempt banks
|
X | X | ||
37(3) | Compliance investigation
|
X | X | ||
51(2)(b) | Special rules for hearings
|
X | X | ||
51(3) | Representations in hearings
|
X | X | ||
72(1) | Annual Report
|
X | X | ||
77 | Responsibilities under sections 9, 11, 13 and 14 of the Privacy Regulations: | X | X | ||
9 | Provide reasonable facilities and time for examination of information | X | X | ||
11(2) | Upon receipt of Correction Request Form, provide notification to individual that correction has been made and provide notifications in 11(2)(b) and (c) | X | X | ||
11(4) | Where a request for correction is refused, attach notification to the personal information that a correction was refused and provide notifications in 11(4)(b)(c) and (d) | X | X | ||
13(1) | Authorize the disclosure of medical records to a qualified medical practitioner or psychologist for opinion as to whether disclosure would be contrary to the best interests of the individual | X | X |
- Date modified: