Accountability Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; an organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance with the following principles.
Accuracy Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; personal information shall be as accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.
Advanced Encryption Standard (AES) Refers to the specification for the encryption of electronic data established by the US National Institute of Standards and Technology. The algorithm described by AES is a symmetric key algorithm using block encryption – the same key is used for both encrypting and decrypting the data.
Advisory Board Refers to the board overseeing Population Data BC from a strategic and operational perspective, reporting to the Governance Oversight Committee.
American Standard Code for Information Interchange (ASCII) format Refers to a character encoding scheme based on the English alphabet that encodes 128 specified characters into 7-bit binary integers. ASCII codes represent text in devices supporting text, such as computers. Data files are provided to Population Data BC as ASCII flat files, as this format can be imported into a wide variety of software programs for analysis.
Archived Project Refers to a research project for which data reside on the Archival Server in the Red Zone and to which Researchers have no access and Population Data BC staff have restricted access. Archived Projects include data and related information developed in the course of the project’s lifecycle. Archived Projects do not require current ethics or Research Agreements. Ethics agreements may, however, dictate how long a project is required to be archived. Access to Archived Projects will require an Archival Research Access Agreement approved by all relevant Data Stewards.
Breach or Breach of Security Refers to any unauthorized access, collection, use, modification, disclosure, destruction, disposal, storage, or loss of information or property held by, in the custody of, or belonging to Population Data BC, and includes unauthorized access to Population Data BC premises.
CHSPR Refers to Centre for Health Services and Policy Research
CSA Refers to Canadian Standards Association
Challenging Compliance Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; an individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals for the organization’s compliance.
Closed Project Refers to a research project for which the data have been destroyed or returned to the data steward(s) by either the Researcher or Population Data BC, or an archived project declared closed.
Colleague Someone who shares research-related interests. Communications to a colleague are not expected to go public or get distributed. Colleagues may be both within or outside the same institution; both within or outside the same research centre or work unit.
Confidential Information Refers to all information held by, in the custody of, or belonging to Population Data BC that is not in the public domain.
Consent Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; the knowledge and consent of the individual are required for the collection, use or disclosure of personal information, except when inappropriate.
Content Data Refers to the data held by Population Data BC that contain person specific information which may be disclosed in the context of a research project. These may include data that are also considered an Identifier. Examples include educational attainment scores, hospital discharge codes, or compensation claim codes.
Content Data Group Refers to a logical unit of, and thus technical separation of, Content Data. The boundaries may vary. At UBC, because of the secure environment within Population Data BC, all Content Data is expected to be handled together as a single Content Data Group. Management of a given CDG may be done by subset of Population Data BC itself (i.e. UBC’s Data Services Unit or Population Data BC - SFU,) or by an external public entity.
Content Data Group ID Refers to a generated number that is unique to an individual in a specific Content Data Group.
Data Refers to any information used for research or statistical purposes, including Personal Information, which is disclosed to Population Data BC by Data Stewards under an Information Sharing Agreement (ISA), data directive or other data sharing agreement.
Data Access Request (DAR) Refers to the formal application for data through Population Data BC. Components of this application form include information on the Researchers, the research questions, the proposed methodology, and details of the proposed cohort and data requested.
Data Access Unit (DAU) Refers to a unit at Population Data BC that coordinates Data Access Requests and facilitates the process of data preparation and delivery.
Data Extract or Research Data Extract Refers to data that are extracted in conjunction with an approved Data Access Request and Research Agreement for the purpose of disclosure to a Researcher.
Data Steward Refers to a public body that has ultimate responsibility for a given data source. In practice, an individual is typically named as having the authority to approve or reject research requests involving that data, typically called “the / a Data Steward.”
Depreciated DAR A depreciated DAR is one that it has been replaced by a more current version. These are DARs that are no longer the latest approved version. For instance, if a project had an amendment approved for additional data, the amended DAR would be the latest approved DAR and the original DAR would be depreciated.
External Data Information Sharing Agreement Refers to a legal agreement that allows for the transfer of research project-specific data between a Data Steward and Population Data BC and the holding, use, and disclosure of that data by Population Data BC.
Freedom of Information and Protection of Privacy Act (FIPPA) Refers to the Act [RSBC 1996] that sets out access and privacy rights of individuals as they relate to the public sector in British Columbia. FIPPA establishes an individual’s right to access records, including one’s personal information and records in custody or control of a public body.
Geomatics Refers to the discipline of gathering, storing, processing, and delivery of geographic information, or spatially referenced information.
High Security Zones Refers to the Red and Purple Zones.
ID Matrix Refers to the mapping that Population Data BC maintains between IDs from all Content Data Groups to each other. The ID Matrix does not contain any Personal Information.
Identifier or Identifier Data Refers to information that identifies an individual or for which it is reasonably foreseeable in the circumstances that it could be utilized, either alone or with other information, to identify an individual [Ontario PHIPA 2004, C.3, Sched. A.s.4 (2)]. In the case of Population Data BC, Identifiers describe individuals and are used to facilitate linkage, and include fields such as name, date of birth, 6-digit postcode, and Personal Education Number.
Identifying Purpose Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; the purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.
Incident Refers to attempted (accidental or malicious) unauthorized access, use, modification, destruction, disposal, disclosure, or loss of information or property held by, in the custody of, or belonging to Population Data BC, and includes unauthorized access to Population Data BC premises.
Individual Access Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; upon request, an individual shall be informed of the existence, use and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Information Privacy Refers to the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.
Information Sharing Agreement (ISA) Refers to a legal agreement that allows for the periodic transfer of data between a Data Steward and Population Data BC and the holding, use, and disclosure of the data by Population Data BC.
Lead is a manager at Population Data BC. The Leads of Population Data BC include the following:
- Lead, Systems and Security (commonly referred to as Systems and Security Manager)
- Lead, Data Services Unit
- Lead, Researcher Liaison Unit
- Lead, Privacy, Policy and Agreements
- Lead, Communications
- Lead, Education and Training Unit
Limiting Collection Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; the collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.
Limiting Use, Disclosure, and Retention Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by the law. Personal information shall be retained only as long as necessary for fulfillment of those purposes.
Linkage or Probabilistic Linkage Refers to the process that involves connecting records referring to the same individual across different sources. Identifiers such as names, birth dates and postal codes are used to create the best matches between known information and new information.
Linkage ID Refers to a generated number that is unique to an individual referenced during linkage
Management Refers to Population Data BC’s Executive Director and unit Leads
Research Materials for Data Steward Review (Research Materials) Includes Research Outputs and Products from results of research, whether complete or not, intended for any public dissemination and may include, but is not limited to: theses, dissertations, journal submissions, books and book sections, conference abstracts and presentations, seminars, lectures, newspaper articles, web output, blogs, op-ed pieces and interviews (both written and audio / visual.)
Medium Security Zone Refers to the Yellow Zone.
OIPC Refers to Office of the Information and Privacy Commissioner of BC
Openness Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; an organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
Open Project Refers to a research project for which Researchers have access to data, and for which they have current ethics approval and a valid Research Agreement.
Partners or Collaborators Refers to the following organizations:
- UBC Centre for Health Services and Policy Research (CHSPR)
- UBC Human Early Learning Partnership (HELP)
- Occupational and Environmental Health at the UBC School of Population and Public Health
- SFU Faculty of Health Sciences (FHS)
- UVic Spatial Sciences Lab (SSL)
- Child and Family Research Institute
- Children and Women’s Hospital
Password or Passphrase Refers to a sequence of characters that allows entry into a restricted system.
Personal Information Refers to recorded information about an identifiable individual other than contact information (Schedule 1 of BC Freedom of Information and Protection of Privacy Act 1996.) and includes any information that can be linked back to or identify an individual through reference or association.
Personal Information Protection Act (PIPA) Refers to the Act [SBC 2003] that sets out how private sector organizations in British Columbia can collect, use and disclose personal information.
Personal Information Protection and Electronic Documents Act (PIPEDA) Refers to the Act [SC 2000 c.5] that sets out how provincially and federally regulated private sector organizations collect, use and disclose Personal Information in the course of commercial activities. PIPEDA applies to information sold across provincial or territorial boundaries. Provinces may be exempted from PIPEDA given substantially similar legislation. PIPA, discussed above, has been declared by the federal Governor in Council to be substantially similar to PIPEDA.
Personal Health Information Access and Protection of Privacy Act (E-Health Act) Refers to the Act [SBC 2008] that sets out legislative authority and privacy protection for the collection and protection of personal information stored in data repositories, Health Information Banks (HIBs), for public bodies.
Personnel or personnel Refers to all persons who work for Population Data BC, including employees, contractors, consultants, temporaries and other workers at Population Data BC, regardless of the amount of time they have been or will be working with Population Data BC. For greater clarification, this shall include Management and staff.
Physical privacy Refers to a type of privacy that is concerned with the human body and preventing intrusions into one’s space or solitude.
Population Data BC Cost Quote Refers to the cost recovery details provided by Population Data BC and signed by the Researcher, covering costs relating to data application coordination, data preparation and checking, and provision of approved data. The Cost Quote is equivalent to the invoiced amount.
Population Data BC - Researcher Services Agreement Refers to a formal agreement signed between Population Data BC and the Researcher prior to receipt of data, outlining terms and conditions of Research Extract provision and use of the Secure Research Environment.
Population Directory Refers to personal identifiable information that Population Data BC maintains and develops; it contains all individuals about whom Population Data BC has information. This includes Personal Information such as name, address, date of birth and other identifying information, as well as a consistent, encrypted identifier (a“PopDataID”) that uniquely identifies each individual.
Privacy Act Refers to the Act [RSC 1985 c. P-21] that sets out access and privacy rights of individuals as they relate to the public sector in Canada. The Act establishes an individual’s right to access records, including one’s personal information and records in the custody or control of federal government institutions and crown corporations.
Privacy Impact Assessment Refers to a requirement under the Freedom of Information and Protection of Privacy Act that provides a formal assessment of a new enactment, system, project or program to ensure compliance with Part 3 (Privacy) of the legislation.
Project Member Refers to the Researcher(s) and other individuals specifically identified in an approved Data Access Request as requiring access to the Research Extract; an individual who has completed and signed Population Data BC’s privacy training and confidentiality pledge under the Research Agreement.
Public Body Refers to definition under British Columbia’s Freedom of Information and Protection of Privacy Act [RSBC 1996]. (a) a ministry of the government of British Columbia, (b) an agency, board, commission, corporation, office or other body designated in, or added by regulation to, Schedule 2, or (c) a local public body but does not include (d) the office of a person who is a member or officer of the Legislative Assembly, or (e) the Court of Appeal, Supreme Court or Provincial Court.
Purple Zone Refers to the highly secure, restricted physical environment where all Population Data BC servers are located. This resides within the Red Zone; however, access controls for this area are even more limited.
Record ID Refers to a generated number unique to each record received from a Data Steward.
Red Zone Refers to, in physical terms, a highly secure space accessible only to named persons who work on the individual-level data on “Red Zone” terminals. In network terms, it is the moated environment that is present within the physical Red Zone, unconnected to the outside world.
Research Agreement (RA) Refers to an agreement between a Researcher and Data Steward(s) for the access and use of specific fields of data for specific research projects and outlining obligations associated with that access.
Research Ethics Board (REB) Refers to autonomous entities whose primary responsibility is to protect the rights and welfare of human participants taking part in research conducted under the auspices of an educational institution or equivalent. The REB reviews and oversees such research to assure that it meets ethical principles and that it complies with all applicable regulations and standards pertaining to human participant protection including the Tri-Council Policy Statement Version 2 (TCPS2).
Research Extract or Research Data Extract Refers to data that are extracted in conjunction with an approved Data Access Request and Research Agreement for the purpose of disclosure to a Researcher.
Research Liaison Unit (RLU) Refers to a unit at Population Data BC that coordinated Data Access Requests and facilitated the process of data preparation and delivery. THIS UNIT IS NOW CALLED THE DATA ACCESS UNIT (DAU).
Research Output Refers to analytical results and derived information generated using the Data that does not directly identify an individual. This includes but is not limited to research notes taken from the Data, and aggregations of the Data including maps, tables and graphs. It does NOT include raw data from the research extract.
Research Materials Refers to any Research Outputs and Products, whether complete or not, intended for any public dissemination from results of research and may include but is not limited to: theses, dissertations, journal submissions, books and book sections, conference abstracts and presentations, seminars, lectures, newspaper articles, , web output, blogs, op-ed pieces and interviews
Research Product Refers to any publications produced using the Data. This includes but is not limited to journal articles and abstracts, theses, dissertations, reports, conference papers, maps and atlases, and books and book sections.
Researcher Services Agreement (RSA) Refers to the Agreement with Population Data BC that sets out the terms and conditions relating to the provision of Research Extracts by Population Data BC to Researchers and other Project Members in accordance with a signed Research Agreement, governing legislation and Population Data BC’s/ University of British Columbia’s policies.
Researcher Refers to a person who is a student, teacher or researcher either enrolled at or employed by any of the following institutions: a) universities as defined in the Universities Act, R.S.B.C. 1996, c. 468, b) colleges, university colleges, and Provincial institutes as defined under the Colleges and Institutions Act, R.S.B.C. 1996, c. 52, c) the open university continued under the Open Learning Agency Act, R.S.B.C. 1996, c. 409, d) Royal Roads University continued under the Royal Roads University Act, R.S.B.C. 1996, c. 409, e) any other institutions offering public post-secondary education services that may be described in the statutes above, and f) other comparable institutions in other jurisdictions worldwide.
Safeguards Refers to the principle outlined by the Canadian Standards Association (CSA) Model Code; personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
Secure Research Environment (SRE) Refers to a study-specific space on a central server at Population Data BC, where Research Extracts are stored and analyses can be performed remotely using Virtual Private Networking.
Spatial privacy Refers to a type of privacy that is concerned with any locational information that may identify an individual. This includes personal territories that are typically considered to be private such as the home and workplace.
Study ID Refers to a person specific number, unique to each Research Extract and appended to each record within a Research Extract.
Trusted Third Party for Linkage (TTPL) Refers to an independent, neutral body that does not have stewardship over the data being linked, as referenced in the September 2005 Canadian Institute for Health Research’s Privacy Best Practices (http://www.cihr-irsc.gc.ca/e/29072.html). Population Data BC is such a TTPL.
University Shall mean the university at which the functions or activities are undertaken and enforced.
Refers to the use of cameras and associated technologies to create recorded images of physical activity.
Yellow folders Refers to the specialized network folder created by Population Data BC that facilitates transfer of permitted information out of the Secure Research Environment to local networks
Yellow Zone Refers to in both physical and network terms, the semi-secure environment where Population Data BC staff and external Researchers work. Programmers may have a Yellow Zone networked computer within the Red Zone that allows them to connect to the internet or email.
YubiKey® token Refers to a hardware authentication device that is employed for secure access to Population Data BC’s Secure Research Environment via two-factor authentication.