The New Canadians Centre Peterborough, hereby referred to as "the Organisation", is committed to an environment where personal information is protected. The following principles shall govern the collection and use of personal information.
Information should be:
- • adequate, relevant & not excessive
- • accurate and up-to-date
- • accessed only by those who need to know
- • kept only as long as necessary
- • securely stored
- • disposed of appropriately
- • in accordance with all funder requirements and government legislation
All active and former board members, staff members and volunteers are required to abide by this policy and to sign an oath of confidentiality. The obligation to maintain confidentiality continues indefinitely.
Executive Director shall,
- • Be responsible for the implementation and monitoring of privacy protection policies and procedures.
- • Oversee privacy compliance with all contribution agreements and legislation on behalf of the Board of Directors
- • Monitor changes in contribution agreements and legislation, or assign the responsibility to a designate
- • Ensure that each member of the management team administers policies in a fair and consistent manner
Confidentiality is the protection of personal information. Confidentiality applies to information that is obtained verbally, in writing or through observation. The types of information considered confidential can include, but are not limited to:
- • personal information such as date of birth, address and contact information
- • immigration records or documents
- • employment contracts and appraisals
- • payments and donations
- • details of funding agreements
Immigration Contribution Agreement Reporting Environment (iCARE) is the reporting database used by Immigration, Refugees and Citizenship Canada. Client information in iCARE is sensitive information and must be kept confidential at all times in accordance with privacy provisions in the IRCC Contribution Agreement. IRCC site visits, reviews and/or audits may be conducted at any time, and iCARE usernames and passwords may be revoked by IRCC at any time.
Informed consent is a process for getting permission before disclosing personal information. Informed consent requires that the person giving consent is told what information is being disclosed, to whom it is being disclosed, and for what reason it is being disclosed before agreeing to the disclosure.
Any individual who is not a current employee of the Organisation.
5.0 Relevant Legislation
- • Child and Family Services Act CFSA s.72 (1)
- • Criminal Code (R.S.C., 1985, c. C-46)
- • Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5)
- *Note, non-profit organisations are not covered by PIPEDA unless engaged in commercial activities
6.0 Client Confidentiality
The Organisation recognises the importance of confidentiality in building and developing a trusting relationship that allows for the flow of information. The Organisation collects, stores, accesses, releases, communicates and destroys client information in a confidential manner.
- • All clients shall be informed of the Organisation’s approach to confidentiality.
- • Only information that is reasonably necessary to provide services is collected from clients. Copies may be made of relevant documents. Originals are kept securely and returned to clients as soon as possible.
- • Client information is stored securely and protected from unauthorised access. Employees and volunteers only access information required to perform their work.
- • Client information is disclosed to a third party on a “need to know” basis where clients have given informed consent to the disclosure or where disclosure is required by law.
- • Communication with clients, regardless of the medium, is conducted in a confidential manner.
- • After a period of inactivity of seven years, clients' paper and electronic records are destroyed and their contact information, street address and immigration number are removed from the Organisation's database. Names, country of residence, date of birth and record of services may be stored indefinitely for the purposes of statistical analysis. Documents purged of identifying information may be kept for training purposes.
Procedures - 1) Collecting Information
Staff will meet with clients in a private space such as meeting rooms and staff offices. For non-sensitive issues only, staff may meet clients in a quiet public space or shared office, provided there are no other clients present and that the clients give consent.
If data is inputted in an open office area, precautions are taken to ensure that monitors are not able to be viewed easily by unauthorized persons. Computers are locked when left unattended, even for short periods of time.
Clients are informed of the Organisation’s confidentiality policy before the information is collected and before services are delivered. Clients are informed that:
- • Personal information such as contact, immigration status, date of birth and date of arrival are required by funders. Copies of the IRCC brochure Gathering information to better meet the needs of newcomers to Canada are available in the language of their choice.
- • Information is shared with supervisors and other staff involved in service delivery.
- • No information is shared with third parties without informed consent or where there is reason to suspect harm to self, harm to others or harm to children.
Type of Information
Information is collected directly from the client, except in the case of minors or where clients consent to others speaking on their behalf. Staff confirm that information is accurate, up-to-date and complete.
Regardless of what information a client discloses, only information relevant to the delivery of the client service is collected. The type of information required will depend on the service being delivered. For all services, staff collect at minimum:
- • Full, legal name
- • Contact information
- • Address
- • Date of Birth
- • Country of Birth
- • Date of Arrival in Canada
- • Immigration Status
- • Immigration Number
Clients may choose to remain anonymous or refuse to disclose personal information. Due to funder requirements, not all services may be accessed by clients who do not disclose required information (e.g. language assessments). All data for anonymous client will be recorded in the database, using the established contact "Anonymous".
If there are safety concerns, staff disable the Safe to Contact field in the Contact form in the database and instead include contact details in the comments section. This prevents the possibility of accidental contact (e.g. a query for client emails for the purposes of sending a survey).
Case notes contain sufficient detail for supervisors to clearly understand the client’s situation and the services provided to the client. For particularly sensitive issues, supervisors can place a security lock on the case notes.
Procedures - 2) Storing Information
Client information is stored securely. Secure spaces include rooms, drawers and filing cabinets that are locked, and password-protected computers that are not left unattended.
Client information is stored on the shared drive, not on hard drives of individual staff computers, on staff drives, or on public or personal computers. Confidential information is never stored on email or email calendars. Client information may be stored on Google Drive or other secure shared networks when the shared drive is not appropriate; however, permission to share the document will not be given to any individual who is not an employee of the Organisation.
The Executive Director will record which staff have remote access to the shared drive. Staff will store laptops and phones in secure, off site locations.
Individual files are created for all clients. Client files, including resumes, applications and case notes, are the property of the Organisation.
All general client information (e.g. date of birth) and client service records are stored in the Organisation's database. Resumes, applications and scanned documents (e.g. immigration records) are stored in the Client section of the shared drive. Paper files are only created when documents must be stored for funders (e.g. language assessment booklets) and are stored in centralised, locked filing cabinets. Cabinet keys are kept in a secure location.
Files, regardless of type, are clearly labeled and organized. Access to client files is limited to employees who work directly with clients.
Where required for service delivery, staff may make copies of identity or other documents with the consent of the client, provided the original is returned to the client as soon as possible. Where original documents are forgotten or otherwise cannot reasonably be returned, they will be kept in a secure location; important identity documents such as passports will be kept in the Executive Director's safe.
Procedures - 3) Accessing Information
Staff may access client information where required to provide services or collect/tabulate data. If data is accessed in an open office area, precautions are taken to ensure that monitors are not able to be viewed easily by unauthorized persons. Computers are locked when left unattended, even for short periods of time.
Volunteer access to client information is restricted to volunteers who require access to fulfill their volunteer role, who have signed a confidentiality oath and who have reviewed a copy of this policy. Placement students or volunteers providing direct services to clients work under a staff member who will take responsibility for protecting confidentiality.
Clients may request:
- • A list of any documents or applications on file
- • Copies or destruction of any personal documents or applications on file, excepting records required by funders (e.g. language assessments)
- • A record of services that includes date of service and description of service.
Clients may not access:
- • Staff notes, assessments and observations
- • Information in their file pertaining to another client (e.g. from a shared service).
Requests normally are fulfilled within one business week but may take longer for large files.
Procedures - 4) Releasing Information
Client information is disclosed to a third party on a “need to know” basis where the client has given informed consent.
Consent is obtained directly from the client or, for minors under 14 years of age, from the parent or legal guardian.
Clients are told what information will be discussed with the third party and the criteria of the service to which they are being referred. Where possible, staff work with clients to initiate partner referrals together and agree on what information needs to be shared. However, another important consideration in sharing information is not withholding information that the service provider needs to know, if they are to fulfil their duty of care to the client and other clients within the service. For instance, if the client has a violent background (they may have been charged by police), and staff are referring them to an accommodation service, then the service has a right to know that information. This is for the safety of other clients in the service. Similarly, if the client has a mental illness, the service may need to know so they can ensure the client receives adequate care and access to a specialist service if required.
Consent is limited to the minimum number of individuals and organisations and the shortest period of time required to allow for service delivery. The period of consent cannot be greater than 6 months, but consent can be renewed if required for service delivery. The consent form contains full details on who the consent is for, the purpose (and limitation) of the consent, and how long the consent will last.
“Blanket” consent - approval is where the client gives broad approval for disclosure of information to multiple stakeholders– is not used unless effective service delivery would not otherwise be possible. The most typical exception is for newly arrived Government Assisted Refugees with multiple complex issues and language barriers who benefit from coordination with large numbers of volunteers and partner agencies. In these situations staff explain clearly to clients, partners and volunteers that the period of “blanket” consent is limited and will not be extended unless clearly required. “Blanket” consent is replaced with individual consent with volunteers or partners who continue to collaborate in service delivery.
The staff person who initiates the consent is responsible for monitoring the end of the consent period.
Consent may be given verbally or in writing. In either case, clients are entitled to receive a printed or electronic copy of the consent. Another organisation may obtain consent on behalf of a client to speak with both organisations, provided the Organisation is clearly named in the consent and the consent is signed by the client. All consent forms are recorded in the Organisation's database.
Procedures - 5) Breaches of Confidentiality
There are two situations in which an employee or volunteer is legally required to breach client confidentiality: Duty to Report under the CFSA, and court orders. The Organisation also allows for a breach of confidentiality to avert an imminent risk of serious bodily harm to an identifiable person or group.
Duty to Report - CFSA
Section 72 of the Child and Family Services Act (CFSA) imposes a statutory duty on every person, including a person who performs professional or official duties with respect to children, to forthwith report reasonable suspicions of a child in need of protection, and the information upon which those suspicions are based, directly to the Children’s Aid Society (CAS).
- • Who is a child in need of protection?
The CFSA defines a child in need of protection as a child who appears to be enduring physical, sexual abuse, emotional abuse, neglect, and/or risk of harm.
The CFSA applies to any child who is under the age of 16 years. It also applies to children already under a child protection order who are 16 and 17 years old.
- • What is reasonable suspicion?
It is not required that a person be absolutely certain that a child is or may be in need of protection to be responsible to report under the CFSA. All that is required is that a person have reasonable grounds, referring to the information upon which the suspicion is based, that an average person using normal and honest judgement would need in order to decide to report to the CAS. It is then the responsibility of the CAS to assess the information upon which the suspicion is based. The CAS will investigate the information and then has the authority and responsibility to decide how to proceed.
Even if an individual knows a report has already been made about a child, they must make a further report to the CAS if there are additional reasonable grounds to suspect that the child is or may be in need of protection.
Staff may discuss a case hypothetically with Children’s Aid, who will determine if there is a sufficient basis to warrant further assessment of the concerns about the child and if there is a duty to report.
- • What is a subpoena?
A subpoena is a document that most often orders a witness to attend at proceedings. The subpoena will set out the time, date and place of the required attendance. Usually, the subpoena also directs the witness to bring "any documents or materials which are relevant to the action."
Contacting the legal counsel who served the subpoena is typically a useful first step in determining what is required. Serious sanctions can be imposed if a subpoena is ignored.
- • Does a subpoena influence the responsibility to maintain client confidentiality?
A subpoena is not authorization to breach client confidentiality. It is a command to attend. A subpoena alone does not grant employees authority to speak to the lawyer who issued the subpoena or to agents such as police officers about the contents of client records or any aspect of a client’s case before appearing in court.
If the subpoena requires, employees must bring the original paper records or a printout of any electronic records with them to court and be prepared to release them (or a copy) when a direction is issued by a court or a judge requiring an individual or the Organisation to do so. Only the information specified in the order should be provided.
The only other situation in which the Organisation would consider a breach of confidentiality is to avert an imminent risk of serious bodily harm to an identifiable person or group. All such cases should be reported to a supervisor, who will assess the risk and make a determination on how to proceed. In the case of immediate threat, staff will CALL 911 and take the appropriate emergency response measures.
The degree to which confidentiality is breached, self-determination is usurped, and outside intervention is imposed should be directly related to the seriousness of the threat and the vulnerability of the client.
Suicidal risk factors include:
- • Suicidal ideation
- • Recurrent, chronic major depressive episodes
- • Previous suicide attempts and hospitalization
- • Knowing others who have committed suicide
- • Relational, social or economic losses
- • Age (15-24, 50 and over)
- • Physical illness and disability
- • High isolation, stigma and isolation
- • Immediate access to methods of self-harm
High-Risk Behaviours (Violence Potential) include but are not limited to:
- • Specific threats with details (who what how)
- • Repeated threats
- • Past history of violence
- • Possession of weapons
- • Aggressive behavior
Unauthorized Breach of Confidentiality
Employees concerned about a co-worker’s conduct should refer to the Dispute Resolution section of HR Policy # 2 for guidance. In addressing unauthorized breaches of confidentiality, supervisors should refer to the Discipline section of HR Policy # 5.
All attempts or occurrences involving actual or potential unauthorized access to client information is immediately reported to Executive Director.
Procedures - 6) Communicating Information
Once appropriate access and consent is determined, care should still be made in how, when and where information is communicated.
General The preferred methods of communicating confidential information are through phone, in-person meetings, hard copy documents, USB drives, or Google Drive or other secure shared networks. For Google Drive and other shared networks, permission to share the document will not be given to any individual who is not an employee of the Organisation. Confidential information is shared through email and email calendars only when necessary and is limited to essential information; under no circumstances are SIN numbers, bank information or credit card information communicated via email. Confidential information is only shared via fax to known and trusted organisations.
Staff provide only facts and refrain from communicating personal opinions and judgments so that staff at other agencies can form their own relationship without being influenced by another’s perceptions.
Staff and Volunteers
Discussions about clients are in the furtherance of service-delivery or client well-being. Discussions are held only with supervisors, or staff or volunteers directly involved in service delivery. Discussions are held in private areas, not public areas inside or outside of the agency (e.g. reception, kitchen area, parking lot) where others not directly involved in the service can hear the conversation.
Discussions with clients, including phone calls, are held in private spaces. Voicemails, text, email calendars and emails do not reference highly sensitive or confidential information.
Clients who request that information be kept confidential are informed of the Organisation’s confidentiality policy as it applies to their situation. There are no secrets between staff and clients.
Procedures - 7) Destroying Information
The following information will be deleted and / or destroyed when clients have not accessed services, volunteered or contacted the Organisation for a period of seven years:
- • Phone number(s)
- • Email(s)
- • Unit, Street Number, and Street Name
- • Immigration Number
- • Copies of immigration and identity documents
- • Immigration and other service applications
All other client information shall be kept indefinitely.
All paper documentation is shredded. Electronic copies are deleted. Electronic copies contained in system-backup media are maintained in confidence and are not readily accessible to users.