Freedom of Information and Protection of Privacy Act (FIPPA)
All faculty and staff should be aware that under the Freedom of Information and Protection of Privacy Act (FIPPA) you are required to protect personal information.,, Some excerpts from the University Counsel Access and Privacy - Guide for Faculty and Staff:
- What is personal information? “Personal information” is defined as “recorded information about an identifiable individual”, e.g.. biographical, financial, educational and employment information.
Personal information may not be stored or accessed outside Canada. This restricts UBC’s use of “cloud computing” applications, e.g. Gmail and Facebook.
Ensure personal information is securely stored and transmitted.
Store personal information on secure servers wherever possible. If you must store personal information on mobile devices, it should be encrypted.,
Do not store personal information outside Canada without approval from the OUC (Office of the University Counsel),
The bottom line is that sensitive data (such as spreadsheets containing student names and numbers) should not be:
Distributed through email servers outside Canada - e.g. Gmail.
Be susceptible to loss and theft by being stored unencrypted on mobile devices such as laptop computers, tablets and smart phones.
For more information please see the video on, FIPPA and Accessing Student Records.