Freedom of Information and Protection of Privacy Policy

Purpose

​​To appropriately steward information in Seneca’s custody or control while protecting the privacy of individuals’ personal information in compliance with the Freedom of Information and Protection of Privacy Act (FIPPA).

Scope

This policy applies to all Seneca employees. 

Key definitions

Freedom of Information and Protection of Privacy Act

The main principles of FIPPA are:

  • Access: To provide the public with a right of access to records in Seneca’s custody or control

  • Privacy: To protect an individual’s personal information held by provincial institutions and to provide individuals a right of access to their own personal information.

Record

Information in Seneca’s custody or control relating to Seneca students and employees or to Seneca’s business operations and the administration of academic programs and services. Information may be recorded in printed form, on film, by electronic means or otherwise. 

Personal information

Information about an identifiable individual, including:

  • Race, national or ethnic origin, religion, age, gender, sexual orientation, and marital or family status

  • Employment and educational history

  • Medical, psychiatric and psychological history, prognosis, condition, treatment and evaluation

  • Any identifying number (Social Insurance Number, student number), symbol or other assigned particular 

  • Home address and telephone number

  • Personal opinions of or about the individual

Note: Information about individuals acting in their business or professional capacity is not personal information. This includes their name, title, business address, business telephone number and business email address.

Privacy Office

Coordinates Seneca’s activities related to FIPPA, including facilitating freedom of information access requests and ensuring Seneca’s compliance with FIPPA provisions.

Policy

1. Policy statement

2. Access and correction rights 

  1. Individuals have a right to request access to records in the custody and/or under the control of Seneca.
  2. Individuals have the right to access their own personal information and the right to request a correction to records that contain their personal information.

  3. Before making a formal request under FIPPA for access to personal or general records, individuals should contact the department or faculty directly to determine if they are able to access the information, and/or to follow the standard process for the types of records being sought.

  4. Individuals seeking to make a formal request under FIPPA should be directed to Seneca’s Freedom of Information website.  

3. FIPPA exemptions

  1. FIPPA contains mandatory and discretionary exemptions.  This means that some records will be exempt from disclosure in certain circumstances including, but not limited to:
    • Where the disclosure could reasonably be expected to interfere with a law enforcement matter
    • Where the disclosure could reasonably be expected to compromise Seneca’s economic interest or competitive position
    • Where the disclosure could reasonably be expected to prejudice the use or results of tests, testing procedures or techniques used for an educational purpose.

4. FIPPA exclusions

  1. There are certain records to which FIPPA does not apply.  These records are excluded from FIPPA and include, but are not limited to:
    • Labour relations and employment related records
    • Records respecting or associated with research conducted by an employee of Seneca
    • Teaching materials that are collected, prepared, or maintained by or on behalf of Seneca for use at Seneca.

5. Collection, use, and disclosure of personal information  

  1. Seneca collects, uses and discloses personal information in accordance with FIPPA.
  2. The primary purposes for which Seneca collects, uses and discloses personal information from students, prospective students, employees, and alumni include the following:
    • Academic and non-academic programs and evaluations
    • Experiential learning activities (e.g. work/field placements, work integrated learning)  
    • Recruitment, admission and graduation
    • Financial aid assistance, awards and bursaries 
    • Philanthropic initiatives and activities
    • Employment-related matters 
    • Security and information technology
    • Institutional planning, research and statistics 
    • Working with third-party organizations for Seneca-related activities.
  3. Seneca’s Privacy Notice provides additional information regarding Seneca’s collection, use and disclosure of personal information.

6. Protection of personal information

  1. Seneca employs reasonable measures to protect personal information from loss, theft and unauthorized use and disclosure.
  2. Seneca has implemented specific security measures that include:
    • Information Technology policies (e.g. password restrictions and automatic lockout of computers when idle)
    • Technical safeguards (e.g. firewalls, multifactor authentication)  
    • Physical safeguards (e.g. locking cabinets and offices) 
    • Administrative safeguards (e.g. limiting employees’ access to certain files).
  3. Questions regarding the protection of personal information should be directed to Seneca’s Privacy Office: privacyoffice@senecapolytechnic.ca.

7. Recordkeeping, retention and disposal

  1. Records in all formats and media containing sensitive information must be securely collected, stored and disposed of (e.g., destroyed or transferred to the Archives of Ontario). This includes records containing personal information of students and employees, and those related to Seneca’s operations and administration.
  2. Seneca retains personal information for a period of at least one (1) year from its last use unless the affected individual consents to a shorter period. Personal information cannot be disposed of prior to this time and may be subject to longer retention periods as per department/program retention practices and/or as required by legislation.
  3. Prior to disposing a series of records containing personal information, employees must submit a Disposal of Personal Information form to the Privacy Office for approval (See Appendix A).

Supporting documentation

Related Seneca policies

Related materials


Approval Date: April 2018

Last Revision: March 2023