St. John’s Coun. Wally Collins was involved in a privacy breach in October last year when he forwarded a traffic report to two residents. A city spokesperson said it was a mistake and Collins wasn’t aware he had breached an individual’s privacy when he forwarded the report.
It’s the kind of scenario the city’s newly adopted privacy management policy aims to prevent, though the policy wasn’t created in response to that specific breach.
As a public body, the city is governed by the Access to Information and Protection of Privacy Act, 2015 (ATIPPA), but this policy will help councillors ensure compliance with the act.
“Some concerns had been expressed by councillors – you know, I’ve got this information – so, we just want to make sure that we’re treating personal information with the utmost confidentiality.”
To that end, he said councillors had a privacy training session last week.
“We just want to make sure that council is more aware of their requirements and their obligations under the act, and just to ensure that we’re keeping private information that gets to us – that we’re treating that with the level of confidentiality that’s required.”
According to the meeting agenda, the city told the Office of the Information and Privacy Commissioner (OIPC) in March 2018 that a privacy management policy would be developed.
That commitment to the OIPC was in response to a privacy breach in December 2017 when a city parking enforcement officer asked another city worker to access personal information in the motor registration database about a person who allegedly assaulted the officer.