Freedom of Information and Protection of Privacy

Author: Shelley McKenzie (Associate Registrar- Registrar Services and Freedom of Information and Protection of Privacy Officer)

Overview and Compliance

The British Columbia Freedom of Information & Protection of Privacy Act (FOIPPA) covers two main areas that UNBC faculty, staff and student employees need to be aware of:

  • Access to Information
    • provide the public with the right of access to records in the custody, or under the control, of UNBC;
    • provide information as part of a formal FOIPOP request;
    • provide routine public information and personal information
  • Protection of Privacy
    • prevent unauthorized collection, use, or disclosure of personal information; Maintain confidentiality.
    • withhold certain records from disclosure (exemptions);
    • provide individuals with the right to access and correct personal information about themselves

In a manner consistent with the Act, UNBC provides access to records and information under the custody and control of the University, balanced with ensuring the protection of the personal privacy of all individuals associated with the University.

As we are all public body employees (of UNBC), we have a legal duty to abide by, adhere to, and be responsive to the Act. 

Important Definitions

“Personal Information” means recorded information about an identifiable individual other than contact information. Contact information: think business card /UNBC phone list

There is an exemption in the Act related to higher-education that’s important to note:

“A record containing teaching materials or research information of employees of a post-secondary education body…”

Teaching materials” include any records produced or compiled for distribution to students, to aid an instructor in relating information to students, or otherwise used to teach (e.g. notes prepared to refer to while presenting lectures). Attendance lists, grading, administrative documents would be considered in scope of the Act.

“Cloud” Computing 

  • Under Section 30.1 of the Act (Storage and Access must be in Canada), we cannot store personal identifiable data outside of Canada or allow a foreign entity access to UNBC identifiable data.
  • Therefore, please refrain from using USB keys, portable drives and cloud-based systems (DropBox, iCloud) to store student or personal information.
    • Please work with the UNBC Centre for Teaching Learning & Technology or UNBC Information Technology Services to find compliant solutions.
  • Whenever possible, ensure appropriate encryption of data and mobile devices is in place. Please contact UNBC Information Technology Services for assistance.
  • Also, please ensure you are only using your official “@unbc.ca” email account for corresponding with others on official university business (e.g. faculty, researchers, students, colleagues). We encourage everyone to only email students via their “@unbc.ca” email account. Students have the option of forwarding email to their own personal accounts.

Records Management

  • Under the Act, records are considered to be: “books, documents, maps, drawings, photographs, letters, vouchers, papers and any other thing on which information is recorded or stored by graphic, electronic, mechanical or other means…”
  • UNBC employees must be aware and take care to create written documentation in an objective and professional manner. Remember that whatever you type, write or record becomes part of a public record that can be accessed.
  • Record Retention: Unless otherwise legislated, general rule of thumb is to retain personal information for at least 1 year (CY+1) if used to make a decision that directly affects the individual.

Please visit the Records Management website for more information, guidelines and assistance at: http://www.unbc.ca/records-management