Office of the Saskatchewan Information and Privacy Commissioner. Guide to LA FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 97 • Ensure compliance with LA FOIP by its employees (23.1(c))263 A policy is a standard course of action that has been officially established by government, including local authorities.264 A procedure is an established or official way of doing something; a series of actions conducted in a certain order or manner.265 Local authorities should have written policies and procedures in place to guide employees with what is required by law concerning privacy protection for personal information. Without written policies and procedures, a local authority has not taken reasonable steps to safeguard personal information in its possession or control.266 The written policies and procedures should be: • Relevant and up to date • Deal with security, records management, and information management • Make administrative roles and responsibilities well-defined and easy to follow267 Safeguards Administrative, technical, and physical safeguards generally include administrative procedures, physical standards and technical security services and mechanisms.268 263 Section 23.1 of LA FOIP was added to LA FOIP following the amendments that were proclaimed in January 2018. However, The Health Information Protection Act (HIPA) has had a similarly worded provision since it first came into force in 2003 (section 16). Much of the guidance in this section of the Guide comes from over 15 years of work by the SK OIPC on establishing guidance on HIPA’s section 16. 264 Garner, Bryan A., 2019. Black’s Law Dictionary, 11th Edition. St. Paul, Minn.: West Group at p. 1401. 265 Pearsall, Judy, Concise Oxford Dictionary, 10th Ed., (Oxford University Press) at p. 1139. 266 SK OIPC Investigation Reports H-2011-001 at [114], F-2007-001 at [48] and LA-2013-003 at [54] to 57]. 267 Government of Newfoundland and Labrador, ATIPP Office, Department of Justice and Public Safety, Protection of Privacy Policy and Procedures Manual, June 2015, at p. 72. 268 Government of Alberta, Health Information Act, Guidelines and Practices Manual, March 2011 at p. 134. Available at https://open.alberta.ca/dataset/50877846-0fba-4dbb-a99feeb651533bc4/resource/3e16d527-2618-48ae-80b8-93f69973878e/download/hia-guidelinespractices-manual.pdf. Accessed June 18, 2020.
RkJQdWJsaXNoZXIy MTgwMjYzOA==