Open Government provides a gateway to innovation, problem solving, collaboration and more, by leveraging one of our most valuable public assets….information. In this presentation Alyssa Daku discusses the fundamentals of Open Government and the shift in organizational culture that is required to fully embrace an agenda of public transparency and accountability.
Drawing on her experience with the City of Regina’s Open Government launch in 2012 as well as her expertise in data governance and access, Alyssa discusses the benefits of Open Government from more than just a public accountability perspective. Additionally, she will look at some of the practical lessons to be learned for organizations looking to implement a more comprehensive Open Government program including successes, failures and opportunities for improvement.
The presentation addresses how schools and schools divisions must manage personal information they collect and generate about their students. It will cover a variety of issues regarding pupil files, including:
Most public bodies have personal information AND personal health information (eg. client or employee information), governed by The Freedom of Information and Protection of Privacy Act (FIPPA), The Personal Health Information Act (PHIA) and other laws. Making privacy decisions about this information can feel like being in a maze where the path to take is unclear.
This practical session will help you navigate the relationships between laws and understand how they work together. Learn how the privacy principles underlying FIPPA and PHIA provide a foundation for understanding and applying these laws. Hear about the similarities and the important distinctions that you need to know in making good decisions about personal and personal health information, and about the other laws that can affect the decisions you make.
The Ministry of the Environment rebuilt its Freedom of Information (FOI) program through systematic business process review, implementing a far reaching technology solution and investing in human resource capacity. This multi year modernization initiative included components as diverse as reducing paper consumption by 90%, improving request turnaround times to 14 working days and using technology to support web enabled FOI self service and access to information.
The Modernizing FOI initiative has changed in how the Ministry considers its records management program. This has lead to an “end to end” Ministry information access strategy. This paper will provide an understanding of how this transformation initiative evolved and planning and implementation lessons learned.
The overall goal is to prompt broader FOI modernization discussion. A key theme is that FOI service delivery needs to better serve government, the public, non government organizations and business. “Making Connections” between technology, information management and access and privacy communities is essential to this transformation.
This presentation will cover three main areas:
The corporate Information Management/Information Governance requirements in 2013 are more demanding than they have ever been. The landscape has changed and the solutions used in the preceeding decade are now in question. This presentation will explore not only the changes but the direction Information management is going, the standards now in play and the options available.
Wish there was an “easy” button for FIPPA requests? With over 24 years of oversight experience relating to access requests, the Manitoba Ombudsman’s Office has seen a lot of great access practices that can make it easier to respond to requests and comply with the requirements of FIPPA.
This session will focus on the current state of cyber security and what motivates the actors involved in security threats. It will also examine the future of IT Security in the ever-changing threat landscape.
Created and championed by Ontario’s Information and Privacy Commissioner Ann Cavoukian, Privacy by Design (PbD) has become the defining approach to protecting privacy in the 21st Century. The 7 Foundational Principles that constitute PbD are recognized by international data protection authorities, and are being advanced in regulatory standards around the world.
This session will discuss the origins, significance of —and prospects for— PbD in today’s hyperconnected Information Age. Particular emphasis will be placed on:
Your organization is getting ready to launch that hot new mobile app, and people are looking to you for answers. Do you have them?
Our increased use of mobile devices as a platform for service delivery challenges traditional ways of thinking about access, privacy, security and information management. But it’s not all bad news. This session will provide an overview of the emerging legal topics that are associated with buying and selling products and services over mobile devices, such as enforceability issues, online profiling and outsourcing considerations.
Being prepared for a privacy breach entails developing a plan before a privacy disaster strikes. Knowing the steps involved in responding to a breach incident is critical for effective breach management. This session will provide practical guidance to equip you to be prepared for, and respond effectively to, a privacy breach.
The presenters will address:
The sharing of information within public bodies/trustees is critical to informed decision-making, service delivery and business operations. Under FIPPA and PHIA, the use of personal and personal health information must be limited to the minimum amount of information necessary to accomplish an authorized purpose and the information should only be shared with employees who need to know the information to carry out that purpose. Similarly, the sharing of other types of sensitive information may be restricted within an organization.
Determining who needs to know what information for which purposes can be challenging. This session will help you to understand the legal requirements and best practices for sharing information within your organization.
Records and information are critical assets in modern government. Effective recordkeeping not only makes good business sense, it is a fundamental requirement of good government.
In 2011 the Government Records Office launched a self-assessment tool that is designed to help government departments evaluate and improve recordkeeping capacity. Capacity means the policies, people and practices that are needed to support day-to-day work and enable effective use and management of records and information.
The presentation will provide:
Pertinent and appropriate information protection education is key in any successful organization. Training provides staff, volunteers and contractors with the skills to confidently conduct their jobs and minimizes the risk of an incident or breach. Yet many organizations are using outdated training that has not changed with the operating environment and is not customized for the audience. Further, the program was not developed in collaboration with stakeholders across various disciplines, such as privacy, security and information management.
This presentation will address some of the training challenges faced by organizations, such as how to reach vast and varied target audiences and how to ensure executive support for the program. Case studies and the Newfoundland and Labrador Centre for Health Information’s recent experience redesigning its training and awareness program will be used to provide practical tips to help attendees establish programs that work.
Privacy laws require organizations to manage personal information and personal health information in ways that maximizes its protection. A Privacy Impact Assessment is a due diligence exercise in which potential risks to the privacy of personal information and/or personal health information are identified and compliance with applicable legislation is assessed. The Privacy Impact Assessment process provides an opportunity to conduct a thorough analysis of risks and to consider reasonable measures that can be taken to reduce or eliminate them. The presenters will explain what a Privacy Impact Assessment is, the benefits of conducting one, and the expected goals and results.
Municipal governments are often called the "grassroots" level of government and the closest to the people. Local municipal councils are often required to make decisions having the greatest impact on the lives of the residents. As a result of this relationship, citizens expect openness and transparency from their elected council and more often request access to municipal records. But...
These are just some of the questions that will be answered during this session.
Most organizations do not have a business continuity or disaster recovery plan that includes protection for their most valuable asset – records. Many organizations that experience a crisis do not survive unless there is a plan in place to resume operations quickly.
The information for this session is based on lessons learned from past experience. It offers a way to include records as part of a business continuity or disaster recovery plan.
Attend this session to learn how to:
The availability of cheap and easily accessible computing resources supplied under the marketing term "cloud computing" may increase the risk of information privacy breaches. This session will explain the different types of cloud computing, some of the top security concerns and how those concerns impact information privacy.
Attendees will come away with a better understanding of:
Nations around the world are reconsidering data protection law. Many countries without systematic privacy protections, such as in South America, are adopting new laws, while countries with long experience with privacy laws are revisiting them and, for example in Europe and the United States, considering new ones. While the renewed attention to data protection is gratifying and in many ways bringing nations closer together on data protection, many of the new and proposed laws run the risk of ignoring the most critical issues posed by the proliferation of personal data in the 21st century, thereby leaving individuals more at risk than ever. The challenge is to create laws that provide practical approaches to real issues in a global, data-intensive environment.