The following information statutes affect Lakehead University:
- The federal Personal Information Protection and Electronic Documents Act (PIPEDA);
- The Personal Health Information Protection Act (PHIPA) of Ontario; and
- Ontario's Freedom of Information and Protection of Privacy Act (FIPPA).
PHIPA, however, concerns only personal health information records and, to the extent that the University conforms to FIPPA, it will, in most cases, comply automatically with PIPEDA. In practice, then, FIPPA and its associated Regulations, 459 and 460, have the broadest relevance for the University in the areas of access to information and protection of privacy.
All institutions governed by FIPPA are identified in the Schedule attached to Regulation 460. Lakehead University is included.
FIPPA has the following main purposes, laid out in section 1 of the Act:
- to establish a general right of access, limited only by specific exemptions and exclusions expressly identified in the Act, to all recorded information in the custody or control of public institutions (i.e. in the jurisdiction of the province of Ontario); and
- to protect the privacy of individuals with respect to personal information about themselves in the custody or control of public institutions.
In consequence, under FIPPA everyone has the right to request access to every record in the custody or control of the University and, provided that the requester pays any associated fees and costs authorized by the Act and its Regulations, the University is bound to give such access – except with respect to information and uses of information to which the Act does not apply, or for which the Act grants mandatory or discretionary exemptions from disclosure.
The principal disclosure exemption concerns personal information, which can be revealed only, except in the cases expressly stipulated by FIPPA, to the person to whom the information relates. In addition everyone has the right to request, free of charge, correction of all errors in their own personal information held by the University.
For further detailed information on the significance and operation of this legislation please click on the links on this page. In particular you will find
- the actual privacy legislation FIPPA (Regulation 459 and Regulation 460), PHIPA (Regulation 329/04), and PIPEDA to which the University is subject;
- instructions on how to access and correct information in the custody or control of the University and an overview of FIPPA for faculty;
- the forms necessary for information access and correction;
- also among the "Forms" one for reporting breaches of privacy - that is disclosures of personal information contrary to law. We are required to report significant breaches of privacy to the Office of the Information and Privacy Commissioner of Ontario. The purpose of such reporting is NOT to punish or embarrass, but primarily to ensure that (a) every breach has been contained and redressed to the greatest extent possible, and (b) measures are put in place to try to prevent similar breaches from recurring.
- form for privacy and security review of prospective cloud services contracts:
- forms for staff involved in the administration of FIPPA requests.
All questions and comments concerning information legislation can be directed to:
Millo Shaw, Director,
Risk Management and Access to Information,
955 Oliver Road,
Ontario P7B 5E1
Telephone: (807) 343-8518
Fax: (807) 346-7735
The Administrative Assistant for the Office of Risk Management and Access to Information is:
Telephone: (807) 343-8267
Fax: (807) 346-7735