Jul 13, 2017

Manitoba Ombudsman has released new privacy-related guidelines for public bodies and trustees (organizations) subject to FIPPA and PHIA – Guidelines for Implementing a Privacy Management Program for Privacy Accountability in Manitoba’s Public Sector.

The new guidelines provide a step-by-step road map for implementing an effective, accountable and transparent privacy management program. The framework is scalable and can be used by organizations of any size.

Manitobans entrust organizations with their information, including highly sensitive information, in order to receive services, programs and benefits. An effective and accountable privacy management program is critical to ensuring that personal information and/or personal health information is protected and managed in accordance with FIPPA and PHIA. “Accountable” in this context means accepting and demonstrating responsibility for this information. This includes having policies, procedures and practices in place that support compliance with the acts.

Accountability for privacy management also includes transparency in communications with individuals concerning their personal and/or personal health information. These communications may include giving notice about the collection of the information, seeking consent from individuals, responding to requests by individuals for access to their own information and requests for correction of personal and personal health information.

The guidelines are available online at: https://www.ombudsman.mb.ca/uploads/document/files/privacy-management-program-guidelines-en.pdf