Privacy Training for Child & Family Service Providers

The following information relates to Privacy Training requirements for third party service providers, foster caregivers, and delegated aboriginal agencies (DAAs).

Government Privacy Management and Accountability Policy requires that all employees as well as all service providers, including their employees, agents, volunteers and sub-contractors, and DAAs, who have access to personal information, complete government privacy training.  This requirement is in addition to any existing privacy training that service providers may have developed in their organizations.

The training provides a brief introduction to the service provider’s roles and responsibilities in handling personal and confidential information in a secure and privacy-enhanced manner. You will learn best practices in information sharing, information management, record keeping, privacy, and information integrity.

• Specific requirements for Third Party Service Providers & Foster Caregivers
• Specific requirements for Delegated Aboriginal Agencies

We work in environments where personal and sensitive information is collected, used and disclosed. We all have a duty to protect this personal information, whether it is about clients or staff. In light of recent privacy breaches and the ease with which information can be shared in an increasingly electronic world, the Province has recognized the need for us to be increasingly vigilant in our privacy practices.

Personal Information means recorded information about an identifiable individual collected or created by the contractor as a result of performing contracted services but excluding any information that would not be under the control of a public body as interpreted under the Freedom of Information and Protection of Privacy Act.

The following is a non-exhaustive list of examples of Personal Information:

1. the individual’s name, address or telephone number;
2. the individual’s race, national or ethnic origin, colour or religious beliefs or associations;
3. the individual’s age, sex, sexual orientation, marital status or family status;
4. an identifying number, symbol or other particular assigned to the individual;
5. the individual’s fingerprints, blood type or inheritable characteristics;
6. information about the individual’s health care history, including a physical or mental disability;
7. information about the individual’s educational, financial, criminal or employment history;
8. anyone else’s opinions about the individual; and,
9. the individual’s personal views or opinions, except if they are about someone else.

Personal Information could be received either verbally or written. 

Contractors & Service Providers

The Step-By-Step Guide for Contractors explains what is required in order to successfully complete the FOIPPA Foundations course.

All government contractors and service providers who collect or create personal information must complete FOIPPA Foundations and retain a copy of the certificate of course exam completion for their records.

Reporting:

All service providers or DAAs are required to create and maintain a log which will include:

• the names of all contractors and their employees, agents, volunteers and sub- contractors who may collect, create, or access Personal Information.
• the status of the contractors and their employees, agents, volunteers and sub- contractors completion of the privacy training including the date of completion.

These reports must be made available upon request. Audits will be conducted to ensure compliance.