Office of the Saskatchewan Information and Privacy Commissioner. Guide to LA FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 331 Digital signatures ensure accuracy by preventing the email contents from being tampered with or altered. The email system should be secure and meet current industry standards. The International Organization for Standardization (ISO) is the leading authority on international standards. ISO recommended the following with regards to electronic messaging: 13.2.3 Electronic messaging Control Information involved in electronic messaging should be appropriately protected. Implementing guidance Information security considerations for electronic messaging should include the following: a) protecting messages from unauthorized access, modification, or denial of service commensurate with the classification scheme adopted by the organization. b) ensuring correct addressing and transportation of the message. c) reliability and availability of the service. d) legal considerations, for example requirements for electronic signatures. e) obtaining approval prior to using external public services such as instant messaging, social networking, or file sharing. f) stronger levels of authentication controlling access from publicly accessible network.777 When outside the local authority network, emails may be intercepted, may not be backed-up and may not have strong passwords. Section 23.1 of LA FOIP explicitly requires local authorities to have adequate written policies and procedures in place that protect personal information against any reasonably anticipated threat or hazard to the security or integrity of the information. The policies and procedures 777 International Organization for Standardization, Information Technology, ISO/IEC 27002, 2013. See also, SK OIPC Investigation Report 101-2017 at [30].
RkJQdWJsaXNoZXIy MTgwMjYzOA==