In accordance with the directions of the minister responsible for the Freedom of Information and Protection of Privacy Act (FIPPA), the Office of the University Counsel has published information about UBC's Privacy Management Program, highlighting practical and operational controls for privacy functions across business units and the university. We are all responsible and accountable for following the program.
The program components include internal policies, standards, procedures, guidelines, and other privacy-related processes, such as the process of conducting privacy impact assessments, handling privacy breaches, and privacy awareness and education activities.
Looking to the Future
It's not just about policy and compliance
The responsibility for monitoring UBC’s privacy management program is held by UBC’s Privacy and Information Security Management (PrISM) program, which is a collaborative cross-portfolio initiative operated jointly by the Office of the University Counsel, Safety & Risk Services (SRS), and the Office of the CIO. The PrISM SRS team continually monitors UBC’s privacy management program and makes recommendations to improve the effectiveness of the program.
The program framework is anticipated to expand so as to demonstrate long-term strategic planning and to meet the demands of other regulatory and compliance functions as well as organizational changes.
Review these valuable resources to learn more
Protecting information entrusted to UBC.
Providing guidance on privacy and information security issues affecting UBC and governing the use and protection of University data and computing resources.
The CIO has published Information Security Standards that govern the use and protection of University data and computing resources.
A risk-based approach assessing the treatment of personal information in the design and product selection at UBC.
Fundamentals training is a mandatory requirement for faculty, staff, researchers, student employees, and contractors who use UBC Electronic Information and Systems.
Processing and responding to a privacy breach and complaint.
Ensuring that service providers at UBC are aware of their privacy and information security obligations.