About the Training
Why is training on privacy & information security so important?
Nearly every UBC faculty and staff member has access to confidential information, including personal and payment card data. As the loss or disclosure of this information could be very harmful, it's important for you to know how to protect it.
Who Should Take the Training?
Privacy & Information Security – Fundamentals training is a mandatory requirement for faculty, staff, researchers, student employees and contractors who use UBC Electronic Information and Systems.
Privacy & Information Security – IT Professionals training is a mandatory requirement for faculty, staff, researchers, student employees and contractors who are Technical Owners of UBC systems and University IT Support Staff.
Not sure if this applies to you? View our FAQ to learn what 'UBC Electronic Information and Systems' includes.
How Do I Get Started?
To get started, click the "Fundamentals Part 1", "Fundamentals Part 2", "IT Professionals" or "Admin Head of Unit" buttons below. (CWL username/password required)
* Please note, the first time you take the training, you will need to enroll by clicking the "Enroll" button.
Need Help?
Instructions on how to enroll and complete the UBC General Required Courses online
Topics covered in the training include:
Fundamentals Part 1
Privacy & Personal Information | Learn to identify personal information, and the most important rules for handling it. |
Storage & Encryption of Information | Learn how and where to store confidential information, and when it must be protected by encryption. |
Working Remotely | Learn what precautions you should take to protect confidential information when working away from UBC campus. |
Transmission & Sharing of Information | Learn how to securely transmit and share confidential information. |
Phishing | Learn how to spot attempts to trick you into giving away confidential information. |
Fundamentals Part 2
Disclosure of Information | Learn when you should or should not share or disclose information. |
Freedom of Information Requests | Learn about FIPPA and FOI requests, and understand your responsibilities relating to them. |
Managing Records & Information | Learn about the best practices for managing paper and electronic records. |
Managing Accounts & Passwords | Learn how to properly secure UBC accounts and the best practices for managing passwords. |
General Privacy & Information Security Tips | Empower yourself to stay secure online and keep UBC's private data safe. |
IT Professionals
Obligations of an IT Professional | Learn about the Information Systems Policy (SC14) and its relationship to the Information Security Standards (ISS). |
Securing & Managing Accounts and Passwords | Learn about the security requirements associated with User Accounts and Privileged Accounts. |
Protecting Systems | Learn to be aware of the various required system controls and apply the ISS when securing systems. |
Acquiring, Developing & Modifying Software | Learn to employ the ISS when developing or modifying a software application during design and implementation. |
Logging & Monitoring | Learn to identify activities that require logging and monitoring to support investigations and maintain service operations. |
Incident Response | Learn to understand the difference between the different types of incidents through UBC's incident response processes. |
Frequently Asked Questions
What does the training consist of and how long does it take?
Both parts of the online Fundamentals training take approximately 20-30 minutes each. Each course contains a series of short videos and a synopsis of key points, followed by a quiz to embed your learning. The IT Professionals training takes 60-90 minutes to complete. It contains a series of short videos, activities, followed by a quiz per module. It is recommended that you book some dedicated time during the work day to complete the training.
What topics are covered by the training?
Fundamentals Part 1 is focused on security and covers:
- Privacy and Personal Information
- Storage and Encryption of information
- Working remotely
- Transmission and Sharing of Information
- Phishing
Fundamentals Part 2 is focused on privacy and covers:
- Disclosure of Information
- Freedom of Information Requests
- Managing Records and Information
- Managing Accounts and Passwords
- Tips and Reminders
IT Professionals is focused on the UBC Information Security Standards and covers:
- Obligations of an IT Professional
- Securing & Managing Accounts and Passwords
- Protecting Systems
- Acquiring, Developing & Modifying Software Applications
- Logging & Monitoring
- Incident Response
Is Fundamentals Part 1 a prerequisite for Part 2?
No. Each part may be taken independently. However, it is recommended to complete Part 1 before Part 2.
Are there other ways to take training besides online?
Yes. The online training only covers the basic information faculty and staff need to know to protect Confidential Information. UBC offers many other in-person training options on specialized issues around privacy, security, and related issues. If you would like to inquire about group training, please contact privacy.matters@ubc.ca to discuss these options.
What is included in 'UBC Electronic Information and Systems'?
UBC Electronic Information is electronic information needed to conduct University Business.
UBC Systems are services, devices, and facilities that are owned, leased or provided by the University, and that are used to store, process or transmit electronic information.
These include, but are not limited to:
- computers and computer facilities
- computing hardware and equipment
- mobile computing devices such as laptop computers, smartphones, and tablet computers
- electronic storage media such as CDs, USB memory sticks, and portable hard drives
- communications gateways and networks
- email systems
- telephone and other voice systems
- software
I don't typically work on a computer during my workday at UBC. Do I still need to take the training?
Certain segments of the employee population have been excluded from the training requirement on the basis that they have no access to UBC Electronic Information or UBC Systems, or that they have already taken equivalent training. If you don't know if you are excluded, or if you are an Administrative Head of Unit who wishes to request exclusions of additional employees, you should contact privacy.matters@ubc.ca.
I don't work at UBC IT, but I am in a technical role at UBC. Do I still need to take the training?
Privacy & Information Security – IT Professionals training is a mandatory requirement for faculty, staff, researchers, student employees and contractors who are Technical Owners of UBC systems and University IT Support Staff.
Examples of those required to complete this training include:
- Those under the IT job family,
- Those with a technical role in the administration of information systems, or
- Those delegated responsibility for the maintenance of information systems and research as part of their role.
It should be taken after you have completed Fundamentals Part 1 and Part 2.
I understand that the training is being offered in the Canvas Catalog platform. Do I need a special account or registration to access Canvas Catalog?
As of April 15, 2020, all Fundamentals training has moved to Canvas Catalog.
If you are a current UBC faculty, staff, researcher, student employee, or contractor you will only need your Campus Wide Login (CWL) to access Canvas Catalog. You can access the online training by following the links at the top of this web page.
I enrolled but I did not complete the course in Canvas or Canvas Catalog. Do I need to restart the training?
Enrolled users should access the course via Workplace Learning. It is recommended that you bookmark this page for future workplace training requirements.
If you cannot complete the course all at once, you can log off and return later to finish viewing the videos or complete the quiz. Please note that the quiz must be completed in one sitting.
I did the training but I don't see my completion record in Workday. What happened?
Course completions are submitted to Workday once per day. It may take a day or two after you complete the training for the records to appear.
If more than three days have passed and you still do not see the completed courses listed in the "Certifications" section on Workday, contact the Integrated Service Centre (ISC) via the UBC Self-Service Portal.
How do I inform my supervisor or HR that I've successfully completed the training?
You will be able to access an electronic certificate acknowledging your successful completion once you've passed each part. Please save copies of both certificates for your own records. Your supervisor or designated HR representative may also request copies.
Your completion will also be logged automatically in Workday. You can view your certificate under the "Career" application on the Home page.
In Workday, you can find your training records by:
- Going to the "Career" application on the Home page and selecting "Certifications" OR to your Profile and clicking "Career" in the left-side menu, and then choosing "Certifications"
- Looking for Privacy & Information Security Fundamentals Part 1 – University of British Columbia and Privacy & Information Security Fundamentals Part 2 – University of British Columbia, and/or Privacy & Information Security Training for IT Professionals – University of British Columbia
Your supervisor or designated HR representative may also request copies. HR administrators and your supervisors are able to access detailed department reports to view your completion and certificate.
I completed the Privacy & Information Security – Fundamentals training while it was on Connect or Canvas, but did not save or print my completion record. Can I get a copy of the completion record now?
Workday has a record of training completion. You can find your training records by:
- Going to the "Career" application on the Home page and selecting "Certifications" OR to your Profile and clicking "Career" in the left-side menu, and then choosing "Certifications"
- Looking for Privacy & Information Security Fundamentals Part 1 – University of British Columbia and Privacy & Information Security Fundamentals Part 2 – University of British Columbia
If you would like your original certificate, or there is an issue with your completion record, the following may help. If you completed:
- between November 26, 2016 to September 10, 2018, your completion certificate is no longer available as this system has been decommissioned,
- between September 10, 2018 to April 14, 2020, your completion certificate can be accessed in Canvas,
- on or after April 15, 2020, the completion certificates can through your Course Dashboard in Canvas Catalog/Workplace Learning.
How to Track Training Results
Detailed Department Reporting
Training completion reports are accessible to managers and contain detailed employee training completion information. Managers can only report on the supervisory organizations they have access.
Managers can check the following training completion reports for all Privacy and Information Courses; Fundamentals 1 Fundamental 2 and IT Professional through Workday:
UBC Privacy & Information Security Courses Active Worker Status - Distributed (requires CWL)
To run this report, you will need to click on the link then input your Supervisory Organization. You may find your Supervisory Organization by clicking on your Workday Profile.
Aggregated % Complete Report by Department
The Fundamentals and IT Professional aggregated training report enables self-service monitoring capabilities for authorized users to monitor campus-wide completion statistics for their own departments and units.
This report has been optimized to provide completion statistics for Fundamentals Part 1, Fundamentals Part 2 and IT Professional.
(CWL is required to authenticate to the report)
Need Help?
Email privacy.matters@ubc.ca if you require access for yourself or someone in your unit, or if you experience any issues with this service.