Privacy
Saint Mary’s University is committed to protecting the privacy of individuals. Saint Mary’s is governed by the Nova Scotia Freedom of Information and Protection of Privacy (FOIPOP) Act, which prohibits the disclosure of personal information, except under limited circumstances.
What is Personal Information
Personal information may be released only to the person whom the information is about, or, with the written consent of that person, to a third party. Personal information means recorded information about an identifiable individual including:
- the individual's name, address or telephone number
- the individual's race, national or ethnic origin, colour, or religious or political beliefs or associations
- the individual's age, sex, sexual orientation, marital status or family status
- an identifying number, symbol or other particular assigned to the individual
- the individual's fingerprints, blood type or inheritable characteristics
- information about the individual's health care history including a physical or mental disability
- information about the individual's educational, financial, criminal or employment history
- anyone else's opinions about the individual
- the individual's personal views or opinions, except if they are about someone else
- Collect only that personal information required to administer and operate a University program or service. Don't collect more information than you need.
- Use an appropriate method of collection - in most cases get the information directly from the person it is about.
- Ensure that a proper collection notice is printed on the form or included in the letter used to collect the information.
- Create records with access in mind - assume someone will ask to see it.
- Create files with access in mind.
- One case - one file.
- Eliminate copies.
- Use consistent filing practicess.
- Make sure confidential records are kept separate from ones that are not confidential.
- Follow the Records Retention Schedule if one exists for the record. Only destroy records as authorized under the Records Retention Schedule, or by checking with the FOIPOP Administrator.
- Retain records used to make a decision about an individual for a minimum of one year.
- Retain complete, accurate and reliable records of evidence.
- Provide participants with a clear statement of confidentiality.
- Require that all materials and evidence be supplied in confidence.
- Write the report with access in mind:
- Make it anonymous whenever possible.
- Keep confidential and non-confidential material separate.
- Avoid writing down subjective comments unless you are prepared to have them read.
- Keep personal details about individuals' private lives private, unless absolutely necessary to support findings and recommendations.
- Avoid making audio or videotapes of interviews or hearings unless necessary
- Remember to plan and implement reasonable security measures to protect personal information.
- Establish authorized logon ID's for access to a local network.
- Password protect access to your desktop computer, local network, each database and automated system.
- Check the software you are using for built-in security features.
- Take steps to protect your system from attack.
What is a privacy breach?
A privacy breach occurs when personal information is collected, retained, used, or disclosed in ways that are against the provisions of the FOIPOP Act. If you think that there has been a privacy breach, please contact the Privacy Officer without delay.
A Privacy Breach Report must be filled out whenever a privacy breach has been identified. Completed forms must be sent to the Privacy Officer
For more information on privacy breaches, please contact the Privacy Officer.
Contact: privacy@smu.ca or 902-491-6565.