Office of the Saskatchewan Information and Privacy Commissioner. Guide to LA FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 122 Unauthorized disclosure An unauthorized disclosure is revealing, exposing, showing, providing copies of, selling, giving, or telling personal information in a way that is not in accordance with section 28 (Disclosure of personal information) of LA FOIP.336 Unauthorized modification Is the act of making changes to personal information without authorization.337 Unauthorized modification may occur unintentionally, through malicious code, forgery, or the wrongful addition of information to a record containing personal information.338 Common threats are: • Unauthorized access – e.g., a private business receives numerous faxes in error from the Saskatchewan Health Authority. The faxes were intended for a physician and contain personal health information of patients. It was found the only difference between the telephone numbers was one digit.339 • Unauthorized use – e.g., employees using their access privileges to view the information of a co-worker (i.e., snooping) in electronic systems for a purpose other than what it was collected for is an unauthorized use.340 • Unauthorized disclosure – e.g., unauthorized verbal disclosure, leaving information displayed on a monitor, electronic interception of information travelling over a transmission line, such as a fax machine or cellular phone, faxing information to the wrong fax number. • Unauthorized modification - malicious code, forgery, addition of data to a record. 336 British Columbia Government Services, FOIPPA Policy and Procedures Manual, Section 30 – Protection of personal information, available at https://www2.gov.bc.ca/gov/content/governments/services-for-government/policiesprocedures/foippa-manual/protection-personal-information#Unauthorized_access. Accessed June 11, 2020. 337 Adapted from Pearsall, Judy, Concise Oxford Dictionary, 10th Ed., (Oxford University Press) at p. 916. 338 Adapted from Government of Alberta, Health Information Act, Guidelines and Practices Manual, March 2011 at p. 136. Available at https://open.alberta.ca/dataset/50877846-0fba-4dbb-a99feeb651533bc4/resource/3e16d527-2618-48ae-80b8-93f69973878e/download/hia-guidelinespractices-manual.pdf. Accessed June 18, 2020. 339 SK OIPC Investigation Report 043-2018 at [25] and [26]. 340 SK OIPC Investigation Report H-2013-001 at [41] and [42].
RkJQdWJsaXNoZXIy MTgwMjYzOA==