RISK MANAGEMENT INFORMATION MINNESOTA GOVERNMENT DATA PRACTICES ACT YOU WANT WHAT? WHEN?
|
|
- Georgiana May
- 5 years ago
- Views:
Transcription
1 RISK MANAGEMENT INFORMATION MINNESOTA GOVERNMENT DATA PRACTICES ACT YOU WANT WHAT? WHEN? Overview The Minnesota Government Data Practices Act, Minn. Stat. ch. 13, attempts to balance the public s right to information, individual s right to privacy, and government s need to function responsibly. The general presumption of the Act is simple: government data are public unless otherwise classified by state or federal law. Government data that is collected, created, stored, or maintained by a city are public and are accessible for both inspection and copying. There is nothing in the Act requiring any city to hand over requested information on the spot. While a great deal of the information at city hall is public and must be released when requested, a city is entitled to establish and follow a process for evaluating and complying with data requests. Simply put, it is much better to take a conservative approach when considering a data request, even if that means the data is not released immediately. In the long run, a delay, during which a city confirms the data being requested and ensures that release is permitted under the Act, may prevent a city from being sued for sharing data that should not have been released. The Act requires government entities, including cities, to identify the types of data they maintain and determine how each type of data is classified. A city must develop a public document identifying these data categories and classifications for data on individuals. (The Act does not require such a document for data that is not on individuals.). This public document must contain the name, title, and address of the city s Responsible Authority and copies of any forms used to collect private data on individuals (i.e., Tennesen Warning). This document must be updated annually. While the Act does not require that a data request be in written form, a city may require that data requests be submitted in writing and may require the use of a form designed for this purpose. Cities must respond to data requests appropriately and promptly. More than anything else, what is appropriate and prompt depends upon the scope of the request, and may vary depending upon the size and complexity of a city, the type and/or quantity of data requested, the clarity of the data request, and the number of staff available to respond to the request. Meeting the requirements of the Act can be difficult because of the demands placed on city staff to know intricate details that may differ depending on the data being requested. Finding guidance on how to apply the Act is not always as easy as simply consulting the statutes. In addition to the statutes, the Commissioner of Administration prepares educational materials and model policies. This material is provided as general information and is not a substitute for legal advice. Consult your attorney for advice concerning specific situations.
2 The Commissioner also has authority to issue advisory opinions regarding how the Act should be applied in certain situations. On occasion, Minnesota appellate courts are called upon to interpret provisions of the Act. These court decisions may disagree with the Commissioner s opinions. Appellate court decisions take precedence over Commissioner s opinions. Required Officials A city is required to have two officers to administer the responsibilities set forth in the Act. The required officers are the Responsible Authority and the Compliance Officer. The Responsible Authority is an individual designated by the city council to be responsible for collection, use, and dissemination of any set of data. The Compliance Officer is an individual designated by the Responsible Authority to handle questions or issues with data access. The Compliance Officer can be the same person as the Responsible Authority. According to the Act, requests for data are to be directed to the Responsible Authority. The Responsible Authority then makes the determination to provide or deny access to the data requested. If a person believes he/she has been wrongfully denied access to data, he/she can work with the Compliance Officer. A different outcome seems unlikely if the Compliance Officer is the same person who previously denied access to the requested data in the role of the Responsible Authority. While the concept of having both a Responsible Authority and a Compliance Officer may not seem practical in a smaller city, cities must have both to meet the requirements of the Act. The Responsible Authority may designate one or more persons to perform the required duties of this position. In larger cities, the Responsible Authority is usually the chief administrator. That person in turn might designate a representative in each department to handle data practices requests for information in those departments. In smaller cities, the city clerk is often the Responsible Authority and handles all data requests personally. The Act requires that each Responsible Authority establish procedures to ensure requests are received and complied with in an appropriate and prompt manner. These procedures must be in written form. Changes in personnel or circumstances that might impact public access to government data are to be incorporated by August 1 of each year. A copy of these procedures must be available to the public free of charge or a copy must be posted in a conspicuous place that is easily accessible to the public. Forms of Data Government data are defined as all data collected, created, received, maintained, or disseminated by a city regardless of physical form, storage media, or conditions of use. Besides paper documents, government data includes audio and videotapes, computer disks, s, and even computer hard drives. Mental impressions are not government data. Government data are more than official city records. For example, calendars with dates, times and locations of meetings, as well as notes taken at meetings, are government data. As government data, this information is subject to public access under the Act. A calendar that is a mix of personal 2
3 and public information creates the need for a city to separate the public from private before releasing requested information. Electronic forms of government data present special challenges in meeting the requirements of the Act. One such challenge is the permanency of computer files; when something is deleted on the screen, it is generally still recoverable. This is significant in the context of . Employees often use in the same way as verbal communication not realizing that leaves a record that is likely accessible under the Act. It is important to remember the Act requires that all forms of government data be accessible this includes electronic data. This requirement should be considered both when determining how best to store government data (regardless of its form) and when separating data in response to a request. Charges for Information A city cannot charge a fee for inspection of data. The Act requires that government data be kept in a manner that makes it easily accessible for convenient use. So, no matter how much time and effort is needed to find and retrieve requested data, a city may not charge a fee if a person only requests to inspect data. Inspection includes viewing the data, but does not include a city printing copies of the data unless printing a copy is the only method by which the data could be inspected. When a person requests copies or electronic transmittal of public government data, and the requester is not the subject of the data, a city may require the requester to pay a fee. Suggested guidelines for calculating such a fee are provided below. Regardless of which method is used, a city may not charge a fee for separating public data from private data. Fee Calculation Method I: If 100 or fewer pages of black and white, letter or legal size paper copies are requested, a city may charge a per-page fee of not more than 25 cents for each page copied (50 cents for a two-sided copy). A city may charge only the per-page fee and cannot require the requester to pay any other costs associated with providing the copies. A city is not permitted to divide a single request into multiple requests for copies of fewer than 100 pages in order to avoid charging a fee based on the actual cost of providing copies. Fee Calculation Method II: In all other circumstances, including requests to provide data via facsimile, a city may require the requester to pay the actual costs of searching for and retrieving the data, and for making, certifying, compiling, and electronically transmitting the data or copies of the data. A city may not charge a minimum fee. (Further guidance about this fee calculation method is on the IPAD website at Costs that may be included as long as they are reasonable: Staff time required to: o Retrieve documents, or to remove staples or paper clips o Sort and label documents, only if necessary to identify the data to be copied o Take documents to copier for copying, copy documents Note: a city may not assess a fee for labor costs that exceed those of the lowest paid employee who could complete the task(s) performed Materials (paper, copier ink, staples, magnetic tapes, video or audio cassettes, etc.) 3
4 Special costs associated with making copies from computerized data Mailing costs Vehicle costs (directly involved in transporting data to another facility when necessary to provide copies) Costs that may not be included: Staff time required to: o Separate public from private data o Open a data request that was mailed o Sort, label, or review data if not necessary to identify the data to be copied o Return documents to storage o Provide information about the data to the requester (i.e., explain content and meaning of data) o Prepare data for mailing, prepare cover letter, fax sheet of invoice for copies o Prepare cover letter, fax sheet, or invoice for copies o Credit payment and perform other associated accounting functions Purchase, rental, maintenance, and/or depreciation of copier Normal operating expenses of computer/copier, including electricity used, and machine wear/tear The entire cost of operating a multi-tasked computer for a measured unit of time, when fulfilling a request for copies was only one of the tasks performed during that unit of time Administrative costs that are not related to copying or records storage Sales tax Personnel Data Personnel data are information about an individual collected because the person has or had an employment relationship or applied for a position with the city. The presumption under the Act regarding personnel data is the opposite of the general presumption of the Act: personnel information is presumed to be private data unless otherwise noted in the Act. Tennessen Warning When a city asks a person to provide private data about himself or herself, that person must be informed of: (a) the purpose and intended use of the requested data; (b) whether he/she may refuse or is legally required to supply the requested data; (c) any known consequence of supplying or refusing to supply private or confidential data; and (d) the identity of other persons or entities authorized to receive the data. Access to personnel data in general Private personnel data can only be accessed by the data subject and by government officials whose duties reasonably require access. There is no formal definition of work duties that reasonably require access to private personnel data. This determination depends on the facts of each situation. It is the role of the Responsible Authority to decide if an individual s work duties reasonably require access to such data and to establish written procedures that ensure access is gained only by those entitled. 4
5 A common issue occurs, especially in smaller cities, when a council member requests private personnel data on a city employee. City council members do not have an automatic right to review private personnel data. Facts of the situation at hand must be evaluated by the Responsible Authority who then decides whether or not access to the data should be granted. This scenario may place the Responsible Authority, who is often the city clerk, in a difficult position when access should be denied under the Act. It is a good idea to develop a written policy that specifies when council members can have access to private personnel data. Access to personnel data by data subject A city may limit access by a data subject to all private data (personnel data or other) to once every six months. The data subject is entitled to more frequent access if additional data are collected or created or if there is a dispute about data completeness or accuracy. It is up to each city or Responsible Authority to decide whether they are going to enforce this limitation. If such a restriction is to be enforced, the practice should be in writing and a city must apply it uniformly and not selectively. If a data subject requests access to data about themselves, the Responsible Authority must respond to the request immediately or within ten business days if immediate compliance is not possible. If the subject requested the data within the previous six months, it is acceptable to respond by informing the data subject that the city limits access to private data to once every six months pursuant to the Act and therefore the data cannot be released at this time. Complaints and discipline The existence and status of any complaint about a city employee are public. In general, the identity of the complainant is also public unless the complainant is another employee. When the complainant is another employee, any data collected would be considered personnel data and, as noted earlier, the presumption is that personnel data are private data unless covered by an exception. On occasion, a complaint will result in a city taking disciplinary action against an employee. Prior to what is called a final disposition only the existence and status of the complaint are public. Once a final disposition occurs, then the disciplinary action is public along with specific reasons for the action and data documenting the basis for the action. It is important to note that if no disciplinary action is taken, no final disposition occurs. When this happens, only the existence and status of the complaint are public. When discipline is imposed, the key is determining when the disposition is final. For a non-union employee, final disposition occurs when a city makes its final decision about discipline. For a union employee, if arbitration under a union contract is a possibility, final disposition occurs at the end of the arbitration proceedings or at the expiration of the time period during which arbitration may be requested. 5
6 Other Issues to Note While there are probably as many potential data practices issues and questions as there are Minnesota cities, some issues tend to come up repeatedly. Some of the more common data practices issues and considerations are noted in the following sections. Elected Officials The Act addresses data on applicants for election or appointment separate from personnel data. However, the Responsible Authority may determine that elected and appointed officials are to be treated as employees for purposes of applying the Act. In that case, both the personnel data noted in the Act and the following are considered public data on applicants for election or appointment: name, city of residence, education and training, employment history, volunteer work, awards and honors, and prior government service or experience. Law Enforcement Data Law enforcement agencies are responsible for a tremendous amount of data. Both because of the frequency with which law enforcement data are requested and because of the potentially sensitive nature of the data, it is essential to have a well thought-out policy documenting procedures for requesting and releasing law enforcement data. The following describes the classification of commonly requested law enforcement data: Request for service data are collected or created when a member of the public requests law enforcement services. Request for service data are public data and include data on the nature of the request or activity complained of, the name and address of the person making the request, the time and date of the request, and the response initiated by the law enforcement agency. The audio recording of a 911 call made to request service from a law enforcement, fire, or medical agency is private data with respect to the individual making the call. However, a written transcript of the audio tape is public, unless it reveals the identity of an individual who is entitled to privacy. Response or incident data are collected or created by a law enforcement agency documenting the agency's response to a request for service or describing actions taken by the agency on its own initiative. Response or incident data are public data and include the date, time, and place of the action, a factual reconstruction of events associated with the action, as well as the names and addresses of witnesses, and the names and addresses of victims. Investigative data collected or created by law enforcement to prepare a case are confidential even the subject of the data is denied access while the investigation is active. Inactive investigative data are public unless release of the data would jeopardize another active investigation or would reveal the identity of an individual who is entitled to privacy. Photos that are part of an inactive investigation, but are clearly offensive to common sensibilities are private. However, the existence of such photos must be disclosed. A law enforcement agency is entitled to withhold otherwise public information if it determines that revealing the identity would threaten an individual's personal safety. Law enforcement agencies are required to establish procedures for making the determination as to when it is necessary to protect the identity of an individual. 6
7 Parks and Recreation Data Data used for the purpose of enrolling individuals in a city s recreational and other social programs are private. Specifically, the name, address, telephone number, and other data that identifies an individual are private. So are any data describing the health, medical condition(s), family relationships, living arrangements, and/or opinions as to the emotional makeup or behavior of an individual. Utility Data Data about customers of a municipal utility are public with the exception of electric utility data. If Social Security Numbers are collected in connection with municipal utility service, they must be edited from data provided to a requester. Electric utility data have an exception that makes them private data that may be released to law enforcement, a school for the purposes of assembling pupil census data, and to a public child support authority. Requests for information on new utility customers should be honored by any municipal utility other than an electric utility. Data revealing the identity of people delinquent in their utility bills are also public, again with the exception of electric utility data. It is a city s responsibility to ensure that the information being released is accurate. Releasing information that a customer is delinquent on his/her utility bill when the bill is in fact current could be considered defamatory. Cities should develop a practice of double-checking the accuracy of information before responding to such requests. Property Complaints The identity of a person making a complaint about a violation of law or ordinance concerning the use of real property is confidential data. This classification is used to shield the identity of an individual(s) who complains to a government agency from anyone who might seek retribution against the complainant. The Commissioner has issued opinions that this part of the Act not only covers the physical use of property, but noise and odors, too. Complaints against both city property and private property are included. The general presumption of the Minnesota Government Data Practices Act, Minn. Stat. ch. 13, is simple, but meeting the requirements can be difficult. However, following the items described in this memo can assist you in meeting these requirements. Tracie Chamberlin
Access Rights and Responsibilities. A guide for Individuals and Organisations
Access Rights and Responsibilities A guide for Individuals and Organisations This guide is aimed at both individuals and organisations. It is designed to bring individuals through the process of making
More informationCell Phone Policy. 1. Purpose: Establish a policy for cell phone use and compensation allowance.
Cell Phone Policy 1. Purpose: Establish a policy for cell phone use and compensation allowance. 2. Authority: The Clinton County Board of Commissioners. 3. Application: This Cell Phone Policy (the Policy)
More informationMINNESOTA GOVERNMENT DATA PRACTICES ACT
BELTRAMI COUNTY GUIDELINES AND PROCEDURES FOR THE MINNESOTA GOVERNMENT DATA PRACTICES ACT Right to Access Public Data The Data Practices Act (Minnesota Statutes, Chapter 13) presumes that all government
More informationNEWTON COUNTY OPEN RECORDS ACT POLICY
NEWTON COUNTY OPEN RECORDS ACT POLICY As a public entity, Newton County is subject to the Open Records Act, O. C. G.A. 50-18- 70 et seq. Newton County is committed to conducting its business in a manner
More informationPUBLIC RECORDS. May 2016
PUBLIC RECORDS May 2016 ACCESS Florida Law creates a right of access to inspect and/or have copies of public records. WHO? This means ANYONE regardless of: Identity Reason YOU MAY NOT REQUIRE A REQUESTOR
More informationSUBJECT: Effective Date: Policy Number: Florida Public Records Act: Scope and
SUBJECT: Effective Date: Policy Number: Florida Public Records Act: Scope and 2-100.4 1/14/2014 Compliance Supersedes: Page Of 2-100.3 1 6 Responsible Authority: Vice President and General Counsel DATE
More informationPrivacy Policy... 1 EU-U.S. Privacy Shield Policy... 2
Privacy Policy... 1 EU-U.S. Privacy Shield Policy... 2 Privacy Policy knows that your privacy is important to you. Below is our privacy policy for collecting, using, securing, protecting and sharing your
More informationRecords Information Management
Information Systems Sciences Records Information Management Region V Spring Conference March 26, 2015 Was I supposed to keep that 1 Where did we store that 2 Space Issues. Need storage space for a classroom
More informationRights & Responsibilities: The Rights of Requesters and the Responsibilities of Hampton City Schools under the Virginia Freedom of Information Act
Rights & Responsibilities: The Rights of Requesters and the Responsibilities of Hampton City Schools under the Virginia Freedom of Information Act The Virginia Freedom of Information Act (FOIA), located
More informationShaw Privacy Policy. 1- Our commitment to you
Privacy Policy last revised on: Sept 16, 2016 Shaw Privacy Policy If you have any questions regarding Shaw s Privacy Policy please contact: privacy@shaw.ca or use the contact information shown on any of
More informationVIACOM INC. PRIVACY SHIELD PRIVACY POLICY
VIACOM INC. PRIVACY SHIELD PRIVACY POLICY Last Modified and Effective as of October 23, 2017 Viacom respects individuals privacy, and strives to collect, use and disclose personal information in a manner
More informationFreedom of Information Act Procedures, Guidelines and Written Public Summary
Freedom of Information Act Procedures, Guidelines and Written Public Summary I. GUIDELINES A. PURPOSE GREAT LAKES CYBER ACADEMY is a public body required by law to provide public records to persons requesting
More informationData Subject Access Request
Data Subject Access Request DATA PROTECTION ACT 1998 Version: 10.0 Approval Status: Approved Document Owner: Graham Feek Classification: Internal Review Date: 03/07/2017 Effective from: 1 July 2015 Table
More informationMaking a Request for records from Portsmouth Public Schools
Rights & Responsibilities: The Rights of Requesters and the Responsibilities of Portsmouth Public Schools under the Virginia Freedom of Information Act The Virginia Freedom of Information Act (FOIA), located
More informationGUIDE FOR INDIVIDUALS WHO ARE THE SUBJECT OF DATA
GUIDE FOR INDIVIDUALS WHO ARE THE SUBJECT OF DATA This document explains the rights of individuals (meaning natural persons) who are the subject of MnDOT data and how those individuals can obtain public
More informationYour FOIA Rights. You have the right to request to inspect or receive copies of public records, or both. 09/23/16
1 Rights & Responsibilities: The Rights of Requesters and the Responsibilities of Wytheville Community College under the Virginia Freedom of Information Act The Virginia Freedom of Information Act (FOIA),
More informationRights & Responsibilities: The Rights of Requesters and the Responsibilities of New College Institute under the Virginia Freedom of Information Act
Rights & Responsibilities: The Rights of Requesters and the Responsibilities of under the Virginia Freedom of Information Act The Virginia Freedom of Information Act (FOIA), 2.2-3700 et seq. of the Code
More informationMaking a Request for records from The Town of Gordonsville
Rights & Responsibilities: The Rights of Requesters and the Responsibilities of the Town of Gordonsville under the Virginia Freedom of Information Act The Virginia Freedom of Information Act (FOIA), located
More information[Utility Name] Identity Theft Prevention Program
[Utility Name] Identity Theft Prevention Program Effective beginning, 2008 Minnesota Municipal Utilities Association Sample Red Flag policy I. PROGRAM ADOPTION The [Utility Name] ("Utility") developed
More informationUniversity Policies and Procedures ELECTRONIC MAIL POLICY
University Policies and Procedures 10-03.00 ELECTRONIC MAIL POLICY I. Policy Statement: All students, faculty and staff members are issued a Towson University (the University ) e-mail address and must
More informationDATA SUBJECT ACCESS REQUEST PROCEDURE
DATA SUBJECT ACCESS REQUEST PROCEDURE DATA PROTECTION ACT 1998 This procedure seeks to ensure that the Transport Executive receives and processes Data Subject Access Requests in accordance with the Data
More informationRETINAL CONSULTANTS OF ARIZONA, LTD. HIPAA NOTICE OF PRIVACY PRACTICES. Our Responsibilities. Our Uses and Disclosures
RETINAL CONSULTANTS OF ARIZONA, LTD. HIPAA NOTICE OF PRIVACY PRACTICES This notice describes how health information about you may be used and disclosed and how you can get access to this information. Please
More informationRappahannock-Rapidan Regional Commission (RRRC) Freedom of Information Act (FOIA) Administrative Policy
Rappahannock-Rapidan Regional Commission (RRRC) Freedom of Information Act (FOIA) Administrative Policy The Virginia Freedom of Information Act (FOIA), located 2.2-3700 et seq. of the Code of Virginia,
More informationCalifornia Code of Regulations TITLE 21. PUBLIC WORKS DIVISION 1. DEPARTMENT OF GENERAL SERVICES CHAPTER 1. OFFICE OF THE STATE ARCHITECT
California Code of Regulations TITLE 21. PUBLIC WORKS DIVISION 1. DEPARTMENT OF GENERAL SERVICES CHAPTER 1. OFFICE OF THE STATE ARCHITECT SUBCHAPTER 2.5. VOLUNTARY CERTIFIED ACCESS SPECIALIST PROGRAM Program
More informationTerms & Conditions. Privacy, Health & Copyright Policy
1. PRIVACY Introduction Terms & Conditions Privacy, Health & Copyright Policy When you access our internet web site you agree to these terms and conditions. Bupa Wellness Pty Ltd ABN 67 145 612 951 ("Bupa
More informationFreedom of Information and Protection of Privacy (FOIPOP)
Freedom of Information and Protection of Privacy (FOIPOP) No.: 6700 PR1 Policy Reference: 6700 Category: FOIPOP Department Responsible: Records Management and Privacy Current Approved Date: 2008 Sep 30
More informationDCU Guide to Subject Access Requests. Under Irish Data Protection Legislation
DCU Guide to Subject Access Requests Under Irish Data Protection Legislation Context Under section 4 of the Irish Data Protection Acts 1988 & 2003 an individual, on making a written request to DCU, may
More informationAbout the information we collect We collect and process personal data including but not limited to:-
Privacy Policy About us TP Supported Accommodation is responsible for collecting, processing, storing and safe keeping of personal information as part of our business activities. We manage information
More informationCHASE GRAMMAR SCHOOL PRIVACY STATEMENT General Data Protection Regulations (GDPR)
CHASE GRAMMAR SCHOOL PRIVACY STATEMENT General Data Protection Regulations (GDPR) The GDPR is the biggest change to data privacy laws in the last 20 years and comes into effect on 25 May 2018. The new
More informationNebraska State College System Cellular Services Procedures Effective Date June 15, 2012 Updated August 13, 2015
Nebraska State College System Cellular Services Procedures Effective Date June 15, 2012 Updated August 13, 2015 Definitions Cellular Telephone Service For the purposes of this policy, cellular telephone
More informationGuide for Members of the Public Requesting Information. This document is required by Minnesota Statutes, section 13.03, subdivision 2(b).
Guide for Members of the Public Requesting Information This document is required by Minnesota Statutes, section 13.03, subdivision 2(b). 1 Right to Access Public Data The Data Practices Act (Minnesota
More informationNSDA ANTI-SPAM POLICY
NSDA ANTI-SPAM POLICY Overview On July 1, 2014, Canada s Anti-spam Legislation (CASL) took effect. Coupled with existing regulations, the new legislation sets specific restrictions on using electronic
More informationAshford Board of Education Ashford, Connecticut POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION
Ashford Board of Education Ashford, Connecticut Series 2000 Administration POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION I. POLICY The Board of Education (the Board ) complies with all
More informationData Protection Policy
Data Protection Policy Addressing the General Data Protection Regulation (GDPR) 2018 [EU] and the Data Protection Act (DPA) 2018 [UK] For information on this Policy or to request Subject Access please
More informationHIPAA Omnibus Notice of Privacy Practices
HIPAA Omnibus Notice of Privacy Practices Revised 2013 Urological Associates of Bridgeport, PC 160 Hawley Lane, Suite 002, Trumbull, CT 06611 Tel: 203-375-3456 Fax: 203-375-4456 Effective as of April/14/2003
More informationData Protection Policy
The Worshipful Company of Framework Knitters Data Protection Policy Addressing the General Data Protection Regulation (GDPR) 2018 [EU] and the Data Protection Act 1998 (DPA) [UK] For information on this
More informationTITLE 595. DEPARTMENT OF PUBLIC SAFETY CHAPTER 10. CLASS D DRIVER LICENSES AND IDENTIFICATION CARDS AND MOTOR LICENSE AGENT PROCEDURES
TITLE 595. DEPARTMENT OF PUBLIC SAFETY CHAPTER 10. CLASS D DRIVER LICENSES AND IDENTIFICATION CARDS AND MOTOR LICENSE AGENT PROCEDURES RULEMAKING ACTION: EMERGENCY adoption PROPOSED RULES: Subchapter 11.
More informationCastle View Primary School Data Protection Policy
Castle View Primary School Data Protection Policy Aims The Headteacher and Governors of the school intend to comply fully with the requirements and principles of the Data Protection Act 1998. All staff
More informationSteffanie Hall, RHIA HIM Director/Privacy Officer 1201 West 12 th Emporia, Kansas ext
JOINT NOTICE OF PRIVACY PRACTICES NEWMAN REGIONAL HEALTH, NEWMAN REGIONAL HEALTH MEDICAL PARTNERS, HOSPICE, NEWMAN PHYSICAL THERAPY, COMMUNITY WELLNESS AND MEMBERS OF THE NEWMAN REGIONAL HEALTH ORGANIZED
More informationBYOD (Bring Your Own Device): Employee-owned Technology in the Workplace
BYOD (Bring Your Own Device): Employee-owned Technology in the Workplace MCHRMA Spring Conference April 4, 2014 PRESENTED BY: Sonya Guggemos MCIT Staff Counsel for Risk Control sguggemos@mcit.org The information
More informationRed Flag Policy and Identity Theft Prevention Program
Unified Government of Wyandotte County and Kansas City, Kansas Adopted: 5/11/2011 Red Flag Policy and Identity Theft Prevention Program Authority: The Mayor and the Board of Commissioners are responsible
More informationPrivacy Notice. General Information Protection Regulation ( GDPR )
Privacy Notice General Information Protection Regulation ( GDPR ) Please read the following information carefully. This privacy notice contains information about the information collected, stored and otherwise
More informationBISHOP GROSSETESTE UNIVERSITY. Document Administration. This policy applies to staff, students, and relevant data subjects
BISHOP GROSSETESTE UNIVERSITY Document Administration Document Title: Document Category: Privacy Policy Policy Version Number: 1.0 Status: Reason for development: Scope: Author / developer: Owner Approved
More informationDakota County. Public Data Requests
Dakota County Public Data Requests Revised October, 2017 Table of Contents Introduction: Right to Access Public Data... 3 How to Make a Data Request... 3 How Dakota County Responds to a Data Request...
More informationManaging and Electronic Records: A Transition Priority
TRANSITION Managing Email and Electronic Records: A Transition Priority NGA RESOURCES AUGUST 2018 Electronic communications tools such as email and text messaging present new challenges to the governor-elect
More informationBCN Telecom, Inc. Customer Proprietary Network Information Certification Accompanying Statement
BCN Telecom, Inc. Customer Proprietary Network Information Certification Accompanying Statement BCN TELECOM, INC. ( BCN" or "Company") has established practices and procedures adequate to ensure compliance
More informationPrivacy Notice - General Data Protection Regulation ( GDPR )
THIS PRIVACY NOTICE APPLIES TO ANY PERSON WHO INSTRUCTS AN INDIVIDUAL BARRISTER AT 12 OLD SQUARE CHAMBERS EITHER DIRECTLY OR THROUGH A SOLICITOR OR WHO ASKS THE INDIVIDUAL BARRISTER FOR A REFERENCE Privacy
More informationCELLULAR TELEPHONE USE POLICY
CLACKAMAS COUNTY EMPLOYMENT POLICY & PRACTICE (EPP) EPP # 50 Implemented: 01/01/03 Clerical Update: 09/05, 11/06, 12/07 CELLULAR TELEPHONE USE POLICY DEFINITION: References to cell phones include cell
More informationSubject access policy and template response letters
Barham Parish Council. Subject Access Requests ( SAR ) Checklist Inform data subjects of their right to access data and provide an easily accessible mechanism through which such a request can be submitted
More informationHIPAA For Assisted Living WALA iii
Table of Contents The Wisconsin Assisted Living Association... ix Mission... ix Vision... ix Values... ix Acknowledgments... ix Who Should Use This Manual... x How to Use This Manual... x Updates and Forms...
More informationWIRELESS DEVICES: ACCEPTABLE USE AND GUIDELINES
Intermediate School District #917 WIRELESS DEVICES: ACCEPTABLE USE AND GUIDELINES Procedures Manual April 2009 Table of Contents Overview 3 Definitions 3 General Guidelines 4 Eligibility Requirements 5
More informationThe date when this policy is posted to the online Company Policy Manual and communicated to all business lines: December 14, 2012
GENERAL POLICIES DATE: CP-134 RETENTION OF RECORDS The date when this policy is posted to the online Company Policy Manual and communicated to all business lines: December 14, 2012 SUPERSEDES POLICY DATED:
More informationYour Information. Your Rights. Our Responsibilities.
Notice of Privacy Practices Your Information. Your Rights. Our Responsibilities. This notice describes how medical information about you may be used and disclosed and how you can get access to this information.
More informationAGENCY APPLICATION AND PARTICIPATION AGREEMENT MISSOURI POLICE CHIEFS CHARITABLE FOUNDATION CERTIFICATION PROGRAM
AGENCY APPLICATION AND PARTICIPATION AGREEMENT MISSOURI POLICE CHIEFS CHARITABLE FOUNDATION CERTIFICATION PROGRAM This Application and Participation Agreement (hereinafter the "Agreement") is entered into
More informationCNH Industrial Privacy Policy. This Privacy Policy relates to our use of any personal information you provide to us.
CNH Industrial Privacy Policy General Terms The CNH Industrial Group appreciates your interest in its products and your visit to this website. The protection of your privacy in the processing of your personal
More informationExercising Your Data Access Rights under the Personal Data (Privacy) Ordinance (Frequently Asked Questions and Answers)
Leaflet Exercising Your Data Access Rights under the Personal Data (Privacy) Ordinance (Frequently Asked Questions and Answers) Under the Personal Data (Privacy) Ordinance (the Ordinance ), an individual
More informationSubject: Kier Group plc Data Protection Policy
Kier Group plc Data Protection Policy Subject: Kier Group plc Data Protection Policy Author: Compliance Document type: Policy Authorised by: Kier General Counsel & Company Secretary Version 3 Effective
More informationCOUNTY OF EL DORADO, CALIFORNIA BOARD OF SUPERVISORS POLICY
PURPOSE: Page 1 of 8 This policy is intended to provide uniform and consistent standards for the application of cellular telephones, including devices often referred to as Smartphones (PDA s), to County
More informationREGULATION BOARD OF EDUCATION FRANKLIN BOROUGH
R 3321/Page 1 of 6 The school district provides computer equipment, computer services, and Internet access to its pupils and staff for educational purposes only. The purpose of providing technology resources
More informationFor any questions regarding this notice call: Meredith Damboise, Privacy Officer , ext. 17
This notice describes how information about you may be used and disclosed and how you can get access to this information. Please review it carefully. For any questions regarding this notice call: Meredith
More informationDirectory of Personal Information Banks Residential Tenancies Dispute Resolution Services (RTDRS)
Directory of Personal Banks RTDRS Hearing Files PIB #: 1 RTDRS Offices and Archives May include name, address, postal code, telephone numbers, e-mail addresses, rental property addresses and other personal
More informationData Protection Policy
Page 1 of 6 General Statement The Local Governing Bodies of the academies have overall responsibility for ensuring that records are maintained, including security and access arrangements, in accordance
More informationEmployee Security Awareness Training Program
Employee Security Awareness Training Program Date: September 15, 2015 Version: 2015 1. Scope This Employee Security Awareness Training Program is designed to educate any InComm employee, independent contractor,
More informationCELLULAR TELEPHONE USE POLICY
CLACKAMAS COUNTY EMPLOYMENT POLICY & PRACTICE (EPP) EPP # 50 Implemented: 01/01/03 Clerical Update: 09/05, 11/06, 12/07, 09/17 CELLULAR TELEPHONE USE POLICY DEFINITION: References to cellular telephones,
More informationRelayHealth Legal Notices
Page 1 of 7 RelayHealth Legal Notices PRIVACY POLICY Revised August 2010 This policy only applies to those RelayHealth services for which you also must accept RelayHealth s Terms of Use. RelayHealth respects
More informationEDENRED COMMUTER BENEFITS SOLUTIONS, LLC PRIVACY POLICY. Updated: April 2017
This Privacy Policy (this Privacy Policy ) applies to Edenred Commuter Benefits Solutions, LLC, (the Company ) online interface (i.e., website or mobile application) and any Edenred Commuter Benefit Solutions,
More informationPrivacy Policy. Effective date: 21 May 2018
Privacy Policy Effective date: 21 May 2018 We at Meetingbird know you care about how your personal information is used and shared, and we take your privacy seriously. Please read the following to learn
More informationA full list of SaltWire Network Inc. publications is available by visiting saltwire.com.
Introduction Effective January 1, 2004, private sector organizations must follow a code for the protection of personal information in accordance with the Personal Information Protection and Electronic
More informationPolicy Objectives (the Association) Privacy Act APPs Policy Application ACTU The Police Association Website
Privacy Policy 1. Policy Objectives 1.1 The Police Association Victoria (the Association) is the organisation representing sworn police officers at all ranks, protective services officers, police reservists
More informationSt Bernard s Primary School Data Protection Policy
St Bernard s Primary School Data Protection Policy St Bernard s RC Primary School, A Voluntary Academy Approved by Governors: 11.11.2015 Review date: Autumn 2016 St Bernard s Data Protection Policy General
More informationPRIVACY 102 TRAINING FOR SUPERVISORS. PRIVACY ACT OF U.S.C.552a
PRIVACY 102 TRAINING FOR SUPERVISORS PRIVACY ACT OF 1974 5 U.S.C.552a PRIVACY TOOL BOX WEB SITE: WWW.PRIVACY.NAVY.MIL Lists all approved Navy and Marine Corps Privacy Act systems of records DOD systems
More informationIf you have any questions about this notice, please contact the Head Master.
Parent Privacy Notice Introduction This notice is to help you understand how and why we collect personal information about you and what we do with that information. It also explains the decisions that
More informationThis procedure sets out the usage of mobile CCTV units within Arhag.
CCTV PROCEDURE Statement This procedure sets out the usage of mobile CCTV units within Arhag. Arhag is a registered charitable housing association and is not considered an appropriate authority with regards
More informationAgreements & Contracts: Electronic Documents User Agreement CUSTOMER SERVICE SKOWHEGAN SAVINGS
Agreements & Contracts: Electronic Documents User Agreement CUSTOMER SERVICE SKOWHEGAN SAVINGS 800.303.9511 CUSTSERV@SKOWSAVINGS.COM TABLE OF CONTENTS ELECTRONIC DELIVERY OF DOCUMENTS...3 SYSTEM REQUIREMENTS...3
More informationData Subject Access Request Form (GDPR)
Data Subject Access Request Form (GDPR) Data Subject Access Request Form Article 15 of the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) grants you the right to access your personal
More informationData Subject Access Request Procedure. Page 1 KubeNet Data Subject Access Request Procedure KN-SOP
Data Subject Access Request Procedure Page 1 Table of contents 1. Scope, Purpose and Users... 3 2. Reference Documents... 3 3. Data Subject Access Request ( DSAR )... 3 4. The Rights of a Data Subject...
More informationThe City of Mississauga may install Closed Circuit Television (CCTV) Traffic Monitoring System cameras within the Municipal Road Allowance.
Policy Number: 10-09-02 Section: Roads and Traffic Subsection: Traffic Operations Effective Date: April 25, 2012 Last Review Date: Approved by: Council Owner Division/Contact: For information on the CCTV
More informationTo communicate with you via SMS, phone call, , fax, mail and/or any other appropriate communication channels;
Personal Data Policy This Personal Data Policy ( PDP ) is prepared in accordance with the Personal Data Protection Act 2010 ( The Act ) that introduced by the Government to standardise the process of Personal
More informationRed Flags Program. Purpose
Red Flags Program Purpose The purpose of this Red Flags Rules Program is to document the protocol adopted by the University of Memphis in compliance with the Red Flags Rules. Many offices at the University
More informationPrevention of Identity Theft in Student Financial Transactions AP 5800
Reference: Fair and Accurate Credit Transactions Act (Pub. L. 108-159) The Board recognizes that some activities of the Shasta-Tehama-Trinity Joint Community College District, "District," are subject to
More informationHIPAA Privacy and Security. Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012
HIPAA Privacy and Security Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012 Goals and Objectives Course Goal: Can serve as annual HIPAA training for physician practice
More informationPOLICY TITLE: Record Retention and Destruction POLICY NO: 277 PAGE 1 of 6
POLICY TITLE: Record Retention and Destruction POLICY NO: 277 PAGE 1 of 6 North Gem School District No. 149 establishes the following guidelines to provide administrative direction pertaining to the retention
More informationApplication Guideline for BOP/Volume Zone Business Support Coordinator UZBEKISTAN in FY 2015
Application Guideline for BOP/Volume Zone Business Support Coordinator UZBEKISTAN in FY 2015 April 7, 2015 Manabu Shimoyashiro President Director JETRO Tashkent The Japan External Trade Organization, JETRO
More informationProtecting Personally Identifiable Information (PII) Privacy Act Training for Housing Counselors
Protecting Personally Identifiable Information (PII) Privacy Act Training for Housing Counselors Presented by the Office of Housing Counseling and The Office of the Chief Information Officer Privacy Program
More informationSubject: University Information Technology Resource Security Policy: OUTDATED
Policy 1-18 Rev. 2 Date: September 7, 2006 Back to Index Subject: University Information Technology Resource Security Policy: I. PURPOSE II. University Information Technology Resources are at risk from
More informationApplication and Instructions for Firms
United States Environmental Protection Agency Office of Prevention Pesticides, and Toxic Substances EPA 747-B-99-001 March 2010 https://www.epa.gov/lead Application and Instructions for Firms Applying
More informationRed Flags/Identity Theft Prevention Policy: Purpose
Red Flags/Identity Theft Prevention Policy: 200.3 Purpose Employees and students depend on Morehouse College ( Morehouse ) to properly protect their personal non-public information, which is gathered and
More informationThis policy also applies to personal information about you that the Federation collects from any other third party.
ANMF Policy Privacy The Australian Nursing and Midwifery Federation (the Federation) is an organisation of employees (ie a trade union) registered under Commonwealth industrial laws. The Federation is
More information2.1 The type of personal information that auda collects about you depends on the type of dealings you have with us. For example, if you:
auda PUBLISHED POLICY Policy Title: PRIVACY POLICY Policy No: 2014-01 Publication Date: 11/03/2014 Status: Current 1. BACKGROUND 1.1 This document sets out auda's privacy policy, drafted in accordance
More informationSubject Access Requests Guide for Data Controllers
Subject Access Requests Guide for Data Controllers The Data Protection Law provides individuals with a number of rights. The one most commonly used is that of subject access. This guidance note will help
More informationNotice of Privacy Practices Page 1
Notice of Privacy Practices Page 1 Your Rights When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you. Get an
More informationXpress Super may collect and hold the following personal information about you: contact details including addresses and phone numbers;
65 Gilbert Street, Adelaide SA 5000 Tel: 1300 216 890 Fax: 08 8221 6552 Australian Financial Services Licence: 430962 Privacy Policy This Privacy Policy was last updated on 27 February 2017. Our Commitment
More informationHPE DATA PRIVACY AND SECURITY
ARUBA, a Hewlett Packard Enterprise company, product services ( Services ) This Data Privacy and Security Agreement ("DPSA") Schedule governs the privacy and security of Personal Data by HPE in connection
More informationIt applies to personal information for individuals that are external to us such as donors, clients and suppliers (you, your).
Our Privacy Policy 1 Purpose Mission Australia is required by law to comply with the Privacy Act 1988 (Cth) (the Act), including the Australian Privacy Principles (APPs). We take our privacy obligations
More informationGramm Leach Bliley Act 15 U.S.C GLBA/HIPAA Information Security Program Committee GLBA, Safeguards Rule Training, Rev.
Gramm Leach Bliley Act 15 U.S.C. 6801-6809 GLBA/HIPAA Information Security Program Committee GLBA, Safeguards Rule Training, Rev. 11/30/2016 1 Objectives for GLBA Training GLBA Overview Safeguards Rule
More informationGENERAL ASSEMBLY OF NORTH CAROLINA SESSION 2007 H 1 HOUSE BILL 1699
GENERAL ASSEMBLY OF NORTH CAROLINA SESSION 0 H HOUSE BILL Short Title: Option to Stop Junk Mail. (Public) Sponsors: Representatives Fisher; Alexander, Faison, Harrison, and Samuelson. Referred to: Judiciary
More informationGeneral Legal Requirements under the Act and Relevant Subsidiary Legislations. Personal data shall only be processed for purpose of the followings:
General Legal Requirements regarding the Personal Data Protection ( PDP ) Principles under the PDP Act 2010 ( Act ) and the relevant Subsidiary Legislations PDP Principles General Principle Data users
More informationUniversity Privacy Campaign. Introduction to the Personal Data (Privacy) Ordinance
University Privacy Campaign Introduction to the Personal Data (Privacy) Ordinance 1 Personal Data (Privacy) Ordinance Legislative Background Personal Data (Privacy) Ordinance came into effect on 20 December
More informationDallas Central Appraisal District Frequently Asked Questions Public Information Open Records Requests
1. What types of records are subject to the Act? Any information collected, assembled, or maintained by or for a governmental body is subject to the Act. The format (paper, electronic, microfilm, etc.)
More informationPrivacy Shield Policy
Privacy Shield Policy Catalyst Repository Systems, Inc. (Catalyst) has adopted this Privacy Shield Policy ("Policy") to establish and maintain an adequate level of Personal Data privacy protection. This
More information