Back to News & Articles

Get informed about information

Think you don’t need to worry about privacy and access to information? What types of information do you keep on your employees? On your clients and customers?

How do you manage it? How do often do you update it?

Learn more about Information and Records Management, Access to Information and Protection of Privacy at Maintaining Connections!

June 18th and 19th 2013, at the World Trade and Convention Centre in downtown Halifax, NS

Join us in Halifax, NS in June!

Facing the breach: Privacy and security as an ecosystem

Chantal Bernier Assistant Privacy Commissioner of Canada Office of the Privacy Commissioner of Canada

The present decade has been marked by an endless procession of data breaches in every sector and of every flavour. Public-sector breaches can be uniquely troublesome, given the level of sensitivity and the sheet quantity of citizens’ personal information held by government organizations, but also because of the compulsory nature of the collection. In this keynote address, Assistant Privacy Commissioner of Canada Chantal Bernier discusses the importance – and meaning – of security in the context of public-sector data breaches, and the particular challenges faced by privacy commissioners in investigating these breaches, on the basis of concrete examples pulled from the Office of the Privacy Commissioner of Canada’s case files.
9:45 am – 10:30 am

Failing to Measure Up: An Analysis of Access to Information Legislation in Canadian Jurisdictions

Michael Karanicolas Legal Officer Centre for Law and Democracy

This presentation is based on a comparative analysis of Canada’s 14 federal, provincial and territorial access laws using the RTI Rating, a methodology for measuring the strength of access legislation which has become accepted as the gold standard in this area. Among the findings of the Analysis:
Every Canadian jurisdiction excludes major public bodies from their access laws, often including the legislature and/or the cabinet.
Every jurisdiction except Quebec, Saskatchewan and the Yukon allow for indefinite extensions of the time limits for responding to requests.
Despite rules in many access laws to the effect that public bodies may only charge for actual costs incurred, regulations in every province go far beyond that, charging $0.20 or $0.25 per page of photocopying, up to $10 for a CD and up to $60/hour for employee time.

Although every provincial and territorial access law presumptively overrides conflicting legislation, the list of exceptions to this is growing, so that numerous secrecy provisions override access laws (38 in Alberta, 26 in Saskatchewan, 24 in Newfoundland and 22 in Nova Scotia).

Every access law in Canada contains a massively overbroad exception for internal government deliberations that fails to conform to international standards.
Information Commissioners in eight jurisdictions – Canada, New Brunswick, Newfoundland, Nova Scotia, the Northwest Territories, Nunavut, Saskatchewan and Yukon – lack the power to order the disclosure of information. In addition to spelling out which jurisdictions are the strongest and weakest and why, this presentation will isolate areas most in need of improvement, with a particular emphases on the shortcomings of the maritime provinces with respect to elsewhere (New Brunswick tied for worst in Canada).

1A: Social media and collaborative technologies: Information management dream or nightmare? 

Louise Spiteri Director. School of Information Management Dalhousie University

As social computing tools become increasingly integrated into company infrastructure, stakeholders must consider how existing records management policies can be expanded and extended in order to address social computing content, examine how companies review current practices in light of evolving social computing technologies, and provide guidance in policies to support the use of these technologies within the company. This session will cover the following learning objectives: Governance: how organizations need to listen to what is said about them, both by employees and clients or the general public. Privacy & Security: how to maintain and protect the privacy and security of information pertaining to your employees and your organization Staffing and Education: what education is needed to implement a successful social media records policy Archiving: how to maintain and preserve social media content

1B: Information Sharing 2.0 – Privacy Enabling Integrated Service Delivery 

Bob Doherty Principal Robert P. Doherty Access and Privacy Services

This presentation will explore the challenges of integrating services in the public sector with or without private sector partners. In the current climate, governments are increasingly seeking out team approaches to provide more coordinated solutions in education, social services, health, and justice. However, for these initiatives to have success they need to be compliant with a myriad of privacy laws or privacy provisions in other statutes. The session will provide suggestions re the best approaches for integrated service delivery initiatives and will provide a recommended series of tasks that need to be completed prior to implementing the initiative. Finally, the session will provide a look at some of the privacy challenges that may arise in the implementation of an initiative, and how to deal with them.

1C: Retention Scheduling and Compliance: Putting the “Manage” in Records Management 

Laura Dukowski Vice-President, Co-Founder Vestia Solutions Inc
Terry LeBlanc President, Co-Founder Vestia Solutions Inc

During this session, participants will:
Gain a clear understanding of the relationship between thorough, proactive, records management (and retention scheduling in particular) and reducing financial and reputable risk;
Learn about legal and regulatory considerations that must be taken into account when designing a retention schedule;
Learn about the pros and cons of different file classification systems given specific operational requirements.

By developing a sound records management policy that includes robust retention scheduling, organizations can legitimately destroy both physical and electronic documents after a designated period of time. This thwarts all sorts of legal, reputable, and financial risk.

During this session, retention scheduling will be explained, and the legal and regulatory responsibilities of organizations concerning their documents highlighted. The relationship between proactive records management practices and risk management will be explored. Participants will be introduced to different file classification systems, including the pros and cons of each given different operational requirements. Finally, session participants will be provided with implementation strategies to help ensure adoption, should they decide to develop new retention scheduling policies within their respective organizations.

This session will inform participants about records management (RM) best practices (and retention scheduling best practices in particular), and the relationship between RM and improved access to, and security of, an organization’s information. It will therefore deal directly with at least three of the 2013 MAPS & RM Workshop themes: Records Management, Access, and Security.

2A: Is Your Digital Imaging Program CGSB Compliant? 

Juliana MacEwen President Precision Document Management

The Canadian General Standards Board has developed a national standard for digital imaging. With Digital Imaging becoming more and more prevalent it is important to follow a digital imaging standard to ensure that you are creating an exact replication of the paper document when creating a digital image of the record. This session will explain what CGSB Compliance is, and discuss the key components a program needs to follow to be compliant. If time permits will also review a case study of a CGSB Compliant Digital Imaging Program within the NS Government.
2B: Reporting and Tracking Access Requests in NB Show / Hide Details
David Burke Access and Privacy Officer Office of the Common Clerk City of Saint John
Ian Walsh NB Chief Information Access & Privacy Officer Access and Privacy Unit Government of New Brunswick

David Burke Access and Privacy Officer Office of the Common Clerk City of Saint JohnIan Walsh NB Chief Information Access & Privacy Officer Access and Privacy Unit Government of New Brunswick
J. Ian Walsh is the Chief Information Access & Privacy Officer with New Brunswick’s Access and Privacy Unit. He is a graduate of Saint Francis Xavier University, (B.Sc.), Dalhousie University (M.S.W.) and the University of New Brunswick (LL.B.). He is a former Social Worker. In addition, for several years he practiced Family and Insurance Law with the law firm of Tremblay & Associates, Bathurst, New Brunswick. He is also a former Lecturer at Saint Thomas University at Fredericton, having taught Constitutional Law. Since joining the Department of Public Safety, Ian has had extensive involvement in the implementation of the Youth Criminal Justice Act. He has conducted national workshops on the sentencing provisions of the YCJA on behalf of Justice Canada. In addition he has conducted YCJA training sessions on behalf of the governments of New Brunswick, Prince Edward Island, Nova Scotia and Nunavut. He has also been guest speaker at two national YCJA Defence Counsel Symposiums in Ottawa. Ian is currently the Provincial-Territorial Co-chair of the national YCJA Amendments Committee. He is a member of the New Brunswick Law Society and the Canadian Bar Association. He and his wife, Rachelle, currently reside in Fredericton, New Brunswick.

2C: E-Discovery Preparedness: The Importance of Proactive Records Management

Vestia Solutions Inc.
Laura Dukowski Vice-President, Co-Founder Vestia Solutions Inc
Terry LeBlanc President, Co-Founder Vestia Solutions Inc

During this session, participants will:
Gain a clear understanding of the responsibilities that an e-discovery request involves;
Gain a clear understanding of the relationship between robust, proactive, records management practices and e-discovery preparedness/improved risk management;
Learn about records management best practices that are necessary for e-discovery preparedness.

Electronically stored information is not strictly limited to company related transactions, but also includes all staff text messages, voice mail, internet search histories, digital camera images, cell phones and non-essential emails; electronic data that is accountable during a discovery period. Many organizations are unprepared for the possibility of an electronic discovery request, and consequently are putting themselves at considerable financial risk. Even fewer companies have a litigation hold policy to suspend document deletion when litigation has commenced, thus running the risk of inadvertently committing the act of spoliation (destroying evidence).

During this session, the e-discovery process will be explained, and the responsibilities of litigants highlighted. The relationship between proactive records management practices and e-discovery preparedness, as well as risk management in general, will be explored. Finally, session participants will be provided with frameworks for developing effective records management policies within their respective organizations.

3A: IT Security & Protection 

3B: Boomtown in Q-Town: One of the fastest growing municipalities in New Brunswick grapple with records management challenges 

Dwight Colbourne Municipal Planning Officer Town of Quispamsis
Lisa MacInnis Records and Information Management Coordinator Town of Quispamsis

A case study showing challenges and application of solutions in Records Mangement – details coming soon.

3C: Privacy Issues in Records Management

Carla Heggie Information Access & Privacy Manager Nova Scotia Labour & Advanced Education

Wednesday, June 19, 2013
8:30 am – 9:30 am

Cyberbullying, children’s rights and the media Show / Hide Details
Christian Whalen Acting Child and Youth Advocate Province of New Brunswick

This presentation will focus on anti-bullying legislation in Canada, recent case-law emerging from incidents of cyber-bullying and how an understanding of children’s rights in Canada should inform the jurisprudence, law reform and policy responses to online violence and harassment of children or by children.
9:35 am – 10:40 am

4A: Legal considerations for municipal staff and council: recent developments 

André Daigle Avocat / Lawyer CHIASSON & ROY Lawyers

4B: The City of Moncton and the Right to Information and Protection of Privacy Act – Year One

Nick Robichaud Solicitor City of Moncton
Barbara Quigley City Clerk/Director of Legislative Services City of Moncton

This presentation will describe the City of Moncton’s experience in its first year under the Right to Information and Protection of Privacy Act [RTIPPA]. Main themes will include:
Establishing a training and education program for staff and elected officials
Ensuring legal compliance with RTIPPA requirements: policies, collection of personal information notices, responding to access to information requests, etc.
Establishing an access to information request process
Examples of access requests received, and how we dealt with them – the role of records management
3 learning objectives for this session:

Training for elected officials, managers and their employees plays a vital role in the implementation of a successful privacy and access program.
Municipalities should consider the benefits of transparency, openness, and proactive disclosure of public information.
Although a daunting task for many municipalities, a comprehensive records management program is an important part of a successful privacy and access program.
4C: Patient, Privacy and Confidentiality Show / Hide Details
Alison Shea Privacy Officer / FOIPOP Administrator Capital District Health Authority

Using practical examples, the speaker will explore how e-health has created new challenges and opportunities in healthcare privacy. Changing the expectations of patients and providers alike in terms of the accessibility of health information and privacy controls, what are reasonable privacy expectations to have in the e-health world? What level of risk is acceptable? Consent directives, email use, social media and auditing are some of the topics to be discussed. Nova Scotia’s new Personal Health Information Act and recent Privacy Commissioner decisions from across Canada will also be highlighted.
10:40 am – 11:00 am
Morning Break (Day 2)

11:00 am – 12:00 pm
The Bragg Decision (anonymity), Proposed Legislation Limiting Circulation of Images & the Rehtaeh Case Show / Hide Details
Wayne MacKay Professor of Law, Yogis & Keddy Chair in Human Rights Law Schulich School of Law Dalhousie University

12:00 pm – 1:00 pm
Lunch (Day 2)

1:00 pm – 4:30 pm
W1: IM Awareness Toolkit Show / Hide Details
Trevor Banks President-Elect ARMA NCR (Ottawa) Chapter