Principle 1: Accountability

Printer-friendly version

An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance with the following principles.

Policies and procedures for ensuring the confidentiality and security of Data held at Population Data BC are strictly enforced.  The primary aim of these policies is to respect the privacy of users, the requirements of the providers of the Data, and to protect against loss, destruction or unauthorized use.

 

Policies

Related Procedures

Policy 1.1

Population Data BC (UBC) resides under the legal umbrella of the University of British Columbia, which has ultimate legal accountability for it. Operations and facilities at Population Data BC’s other sites (i.e. SFU and UVic) will, in kind, come under the legal umbrella of their respective universities.

Procedure 1.1

  1. All legal contracts to which Population Data BC (UBC) is party will be reviewed by legal advisors of the University of British Columbia for compliance with applicable legislation and UBC policies. Legal contracts to which Population Data BC (SFU) and Population Data BC (UVic) are parties will be reviewed by legal advisors of their respective universities.

Policy 1.2

Population Data BC’s Executive Director has ultimate operational accountability and responsibility for Population Data BC’s operations and its compliance with these principles for the protection of Personal Information. The Executive Director is responsible to the Advisory Board and Governance Oversight Committee. Designated Population Data BC unit Leads have responsibility for the day-to-day management of various functions of Population Data BC and report to the Executive Director.

Procedure 1.2

  1. Population Data BC’s Systems and Security Manager is responsible for and oversees the physical and technical security measures in place to protect Data and reports to the Executive Director.

  2. The Privacy and Governance Lead (who also acts as the Privacy Officer) is responsible for, and oversees compliance with privacy requirements and the development and management of privacy and security policies and procedures.

  3. Only a limited number of personnel are authorized to work with Data.

  4. All staff will be oriented in the principles of privacy and Data protection at Population Data BC and must sign a confidentiality agreement and complete privacy training prior to gaining access to Data.

Policy 1.3

Population Data BC’s Privacy and Governance Lead (i.e., Privacy Officer) is responsible for management of privacy matters and privacy compliance within the organization.

Procedure 1.3

The Privacy Officer will:

  • Develop, review, and/or revise Population Data BC’s policies and procedures as necessary to ensure compliance with FIPPA and contractual privacy and security obligations of Population Data BC.

  • Provide privacy and information security training.

  • Ensure confidentiality agreements are in place for all staff and Researchers.

  • Respond to privacy-related developments and issues as they arise, including privacy complaints and requests for information access, and report issues and policy decisions to the Executive Director.

 


Page last revised: July 6, 2015