Guide to LA FOIP-Chapter 6

Office of the Saskatchewan Information and Privacy Commissioner. Guide to LA FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 102 not require any inference on the part of the organization seeking consent; implied consent arises where consent may reasonably be inferred with from the action or inaction of the individual.284 The Local Authority Freedom of Information and Protection of Privacy Regulations requires that where consent is required by LA FOIP for the collection, use or disclosure of personal information, the consent must: • Relate to the purpose for which the information is required • Be informed • Be given voluntarily • Not be obtained through misrepresentation, fraud, or coercion • A consent may be given that is effective for a limited period • Consent may be express or implied unless otherwise provided • An express consent need not be in writing285 7. Security protections Ensure that reasonable and appropriate physical, administrative and technical safeguards are in place to protect personal information. Safeguards will ensure the integrity, confidentiality and availability of personal information and protect it from being improperly accessed, altered, or destroyed.286 Administrative safeguards, described in written policies and procedures, would also cover the following: • That all personal information should be put away (e.g., in locked cabinets or file drawers) unless it is in use by authorized individuals. Individuals authorized to use the personal information should be clarified. 284 Canadian Health Information Management Association (CHIMA), Abrams, Kelly J., Shirley Learmonth, Candace J. Gibson, The Canadian Health Information Management Lifecycle, 2017, at Glossary. 285 The Local Authority Freedom of Information and Protection of Privacy Regulations, RRS c L-27.1 Reg 1, at section 11. 286 SK OIPC Investigation Report H-2011-001 at [158]. Originates from Canada’s Health Informatics Association, Putting it into Practice: Privacy and Security for Healthcare Providers Implementing Electronic Medical Records – 2010 Guidelines for the Protection of Health Information Special Edition at p. 8.

RkJQdWJsaXNoZXIy MTgwMjYzOA==