In accordance with the directions of the minister responsible for the Freedom of Information and Protection of Privacy Act (FIPPA), the Office of the University Counsel has published information about UBC's Privacy Management Program, highlighting practical and operational controls for privacy functions across business units and the university. We are all responsible and accountable for following the program.
The program components include internal policies, standards, procedures, guidelines, and other privacy-related processes, such as the process of conducting privacy impact assessments, handling privacy breaches, and privacy awareness and education activities.
Looking to the Future
It's not just about policy and compliance
The responsibility for monitoring UBC’s privacy management program is held by UBC’s Privacy and Information Security Management (PrISM) program, which is a collaborative cross-portfolio initiative operated jointly by the Office of the University Counsel, Safety & Risk Services (SRS), and the Office of the CIO. The PrISM SRS team continually monitors UBC’s privacy management program and makes recommendations to improve the effectiveness of the program.
The program framework is anticipated to expand so as to demonstrate long-term strategic planning and to meet the demands of other regulatory and compliance functions as well as organizational changes.
Review these valuable resources to learn more
Privacy Management Program
Protecting information entrusted to UBC.
Privacy Policies and Processes
Providing guidance on privacy and information security issues affecting UBC and governing the use and protection of University data and computing resources.
Information Security Standards
The CIO has published Information Security Standards that govern the use and protection of University data and computing resources.
Privacy Impact Assessments
A risk-based approach assessing the treatment of personal information in the design and product selection at UBC.
Privacy and Information Security Fundamentals Training
Fundamentals training is a mandatory requirement for faculty, staff, researchers, student employees, and contractors who use UBC Electronic Information and Systems.
Privacy Complaint and Breach Process
Processing and responding to a privacy breach and complaint.
Information Sharing Agreements
Ensuring that service providers at UBC are aware of their privacy and information security obligations.
Privacy and Information Security Management (PrISM) at UBC is a coordinated effort between Safety & Risk Services, the Office of the University Counsel, and the Office of the CIO.
Go even further...
For a much more in-depth look at privacy management at UBC, you can:Learn how to protect personal information online
Learn how your personal information is handled