Office of the Saskatchewan Information and Privacy Commissioner. Guide to FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 275 • Contact information of an individual within the organization who can answer questions and provide further information. • A notice that individuals have a right to complain to the IPC (provide contact information). • Recognition of the impacts of the breach on affected individuals and, an apology. Investigate Once a breach has been contained the next step is to investigate the breach. An investigation is a methodical process of examination, inquiry, and observation including interviewing witnesses and reviewing documents.739 Here are some key questions to ask during a privacy breach investigation: • When and how did your organization learn of the privacy breach. o Has the privacy breach been contained. o What efforts has your organization made to contain the breach. • What occurred o What type of breach occurred (e.g., collection, use, disclosure, accuracy, etc.). o What personal information was involved in the privacy breach. o When did the privacy breach occur? What are the timelines. o Where did the privacy breach occur. • How did the privacy breach occur. o Who was involved. o What employees, if any, were involved with the privacy breach,. What privacy training have they received. o Who witnessed the privacy breach. o What factors or circumstances contributed to the privacy breach. o What is the root cause of the breach. 739 British Columbia Government Services, FOIPPA Policy Definitions at https://www2.gov.bc.ca/gov/content/governments/services-for-government/policiesprocedures/foippa-manual/policy-definitions. Accessed April 23, 2020.
RkJQdWJsaXNoZXIy MTgwMjYzOA==