Agenda

Day 1: Thursday, May 31, 2007

8:00am – 8:45am

Breakfast and Conference Registration


8:45am – 9:00am

Welcome and Opening Remarks


9:00am – 9:30am

Pre-Texting Guidelines


Jennifer Stoddart
Privacy Commissioner of Canada
Office of the Privacy Commissioner of Canada

Commissioner Stoddart will discuss the impact of the Federal Accountability Act on the operations of her Office. In addition, she will speak about a very important phenomenon that is threatening privacy in many ways - that being pretexting, or simply put, pretending to be someone else - and its links to identity theft.

Jennifer Stoddart
Privacy Commissioner of Canada
Office of the Privacy Commissioner of Canada

Jennifer Stoddart was appointed Canada's Privacy Commissioner by the Governor in Council, effective December 1, 2003, on unanimous resolutions adopted by both the House of Commons and the Senate, for a seven-year term. Since her arrival, she has led the Office's institutional renewal, and has also reoriented it toward its multi-disciplinary approach to preventing privacy breaches in the public and private sectors, and to protecting and promoting the privacy rights of Canadians.

Ms. Stoddart was previously President of the Commission d'accs ˆ l'information du QuŽbec, an organization responsible for both access to information and the protection of personal information. She has held several senior positions in public administration for the Governments of QuŽbec and Canada, including at the Canadian and the Quebec Human Rights Commissions. Ms. Stoddart has been active in the Canadian Bar Association, the Canadian Institute for the Administration of Justice, and has also lectured on history and legal sciences at the UniversitŽ du QuŽbec ˆ MontrŽal and McGill University.

9:30am – 10:30am

Breakout Session 1

1A: Employee Monitoring


Kris Klein
Litigation Counsel
Office of the Privacy Commissioner of Canada

No relationship in the world of privacy is so fraught with difficulties as the one between employer and employee. From the issues of control over personal information to the question of employee surveillance, the tensions are constant and seemingly unrelenting. Advances in technology, which touch all of us, have the potential to affect employees as a group of citizens even more. Increasingly it is easy for employers to use these technologies for example, to imporve productivity, to cut down on employee theft, and even in some circumstances, to "manage" employees. Employees for their part find themselves fighting for dignity in the workplace. In this session, Kris will explore how neither side in this struggle is necessarily right or wrong and he will talk about the need to find an appropriate balance that lends harmony to the privacy issues that arise in the employement context.

Kris Klein
Litigation Counsel
Office of the Privacy Commissioner of Canada

Kris Klein practices exclusively in the area of privacy law for the Privacy Commissioner Canada. Mr. Klein previously practiced with a national law firm and the Federal Department of Justice. He teaches the Privacy Law course at Ottawa University's Law School and he has written extensively on this subject. He is the Editor-in-Chief of the monthly newsletter entitled the "Klein-Kratachanov Report" that reports on developments in the areas of freedom to information and privacy. Mr. Klein's experience in both the private and public sectors provides a particularly insightful and practical analysis found in his texts: "The Law of Privacy in Canada" and "Privacy in Employment: Control of Personal Information in the Workplace."

He is native to Ottawa and studied in a specialized Geographic Information Systems program at Carleton University. He is active within his community, serves on the Board of Directors of Bronson Centre and of the Canadian Lacrosse Foundation, and coaches hockey and soccer.

1B: Canadian Certification Program


Carla Heggie
National Chair
Canadian Association of Professional Access & Privacy Administrators

This session will give an overview of a new nation-wide project mandated with the development of standards for the IAP profession and the enablement of independent certification of the IAP professional in Canada. The need for standards and the options for certification will be discussed. Participants at the conference will be invited to submit their comments on this issue; in turn, these comments will be submitted to the national Professional Certification Standards Committee for consideration as part of stakeholder input.

Carla Heggie
National Chair
Canadian Association of Professional Access & Privacy Administrators

Carla Heggie is the National Chair for the Canadian Association of Professional Access & Privacy Administrators [CAPAPA]. Her primary focus in this area is the professional development of access & privacy specialists and the promotion of CAPAPA as a national organization of professionals. Ms.Heggie is the Information Access & Privacy Manager for NS Environment & Labour. She has been working in the policy area of access and privacy since the early 1990's and has been administering FOIPOP for about a decade. A graduate of Dalhousie University with a degree in political behaviourism and labour economics, this spring Ms.Heggie completed the Information Access and Protection of Privacy [IAPP] Certificate Program at the University of Alberta. Ms.Heggie also sits on the National Advisory Committee for the IAPP Program at the U of A.

1C: Intersection of 3 Legislations


Susan Norman
Partner
Stewart, McKelvey, Stirling & Scales


Susan Norman
Partner
Stewart, McKelvey, Stirling & Scales

Susan NormanÕs specialties are Corporate/Commercial, Entertainment Law, and the increasingly important and complicated field of Technology and Intellectual Property. Also an excellent litigator, Susan received both her under-graduate science and law degrees from University of Western Ontario.

10:30am – 11:00am

Morning Break


11:00am – 12:00pm

Breakout Session 2

2A: IPC Office Introduction


Sandy Hounsell
Executive Director
Office of the Information and Privacy Commissioner (NL)

Mr. Hounsell will be providing an overview of the IPC NL Office, including a description of roles and responsibilities, statutory powers, legislated time frames and the process followed when investigating the response of a public body to an access to information request. He will also provide some tips on dealing with the IPC Office.

Sandy Hounsell
Executive Director
Office of the Information and Privacy Commissioner (NL)

Sandy Hounsell has been employed with the Newfoundland and Labrador provincial government for 18 years. From 1995 to 1998 he was Manager of Operations with the Government Service Centre. From 1998 to 2002 he was Manager of the High Sheriff's Office and in April of 2002 he was appointed to the position of Director of Access to Information and Protection of Privacy with the Department of Justice. In January of 2005 he was appointed to his current position of Executive Director of the Office of the Information and Privacy Commissioner. He is also an Instructor with the Law Society of Newfoundland and Labrador Bar Admission Course, Chairperson of the Holy Family School Council in Paradise and is a Certified Public Health Inspector. My Hounsell was also recently elected as the President of the Newfoundland and Labrador Federation of School Councils.

Mr. Hounsell has a Bachelor of Applied Science degree from Ryerson Polytechnic University in Toronto, a Master of Business Administration degree from Memorial University and is a Fellow of the School of Graduate Studies at Memorial University. In addition, Mr. Hounsell is a recipient of the 2001 Public Service Award of Excellence. Mr. Hounsell has spoken extensively on access and privacy issues throughout the Province of Newfoundland and Labrador. He has also spoken on these issues both nationally and internationally.

2B: Access Requests Š for coordinators and managers


RenŽe Pendergast
Manager
Office of the ATIPP Coordinator

Ms. Pendergast, will be providing an overview of processing an Access Request for ATIPP Coordinators and Mangers. This session will assist you in interpreting the ATIPP legislation and how it relates to you, in your responsibility as a Manger/Coordinator of a government public body. The session will explain legislated time frames, fees, disclosure guidelines and exceptions.

RenŽe Pendergast
Manager
Office of the ATIPP Coordinator

RenŽe Pendergast, has been employed with the Provincial Government for the last 10 years. Her background is Computer Science, and Information Management. She began her career as an instructor at the College of the North Atlantic, in the Computer Science Faculty. In 2004, she took a position with the Department of Justice at the Royal Newfoundland Constabulary, as their Manager of Information Services. She recently left the RNC to move to the ATIPP office as Manager/Facilitator of Training.

12:00pm – 1:00pm

Lunch


1:00pm – 2:00pm

The A to Z's of PIAs


Monica Fuijkschot
Director
Office of the ATIPP Coordinator

This session will provide a comprehensive overview of the Privacy Impact Assessment (PIA) process from beginning to end, as well as review the essential elements contained in PIAs. In particular, the session will discuss the philosophy behind the PIA tool developed in Newfoundland and Labrador and stratgies for building privacy management capacity.

Monica Fuijkschot
Director
Office of the ATIPP Coordinator

Monica Fuijkschot is the Director of the Office of the ATIPP Coordinator with the Newfoundland and Labrador Department of Justice. Her Office is responsible for coordinating the work of over 460 public bodies province-wide is delivering the ATIPP program. Ms Fuijkschot holds a Masters Degree in Library Science from Syracuse University - her areas of special interest are ATIPP compliance initiatives and ATIPP community building.

2:05pm – 3:00pm

Breakout Session 3

3A: IT Privacy Risks


Kevin Fleming
President
Plato Group Inc.

Although organizations place great importance on protecting sensitive information from external threats, research indicates that 70 to 80 percent of all security breaches originate from inside. While an organization may have the maximum security available against an attack from the outside world, it may still be leaving the company vulnerable to an internal privacy breach. If a company becomes the victim of a privacy breach, not only could it be faced with a lengthy and costly lawsuit, but its reputation in the marketplace could be damaged forever. This presentation will distinguish between security and privacy, highlight recent examples of privacy breaches, as well as explore some of the current trends in the privacy industry. Privacy enhancing solutions and practical advice will be discussed.

Kevin Fleming
President
Plato Group Inc.

Kevin is the President and a founding principal of Plato. Plato's focus includes privacy enhancing software, as well as information privacy, healthcare and human resource IT consulting, with a client base throughout North America. Kevin holds Bachelor and Masters Degrees in Business Administration, supplemented by almost 20 years experience in IT, business development, and strategic planning. Prior to forming Plato in 1997, he spent upwards of 10 years in the telecommunications and information technology sector.

3B: Health Consent


Dr. Richard Neuman
Professor of Pharmacology
Co-Chair, Human Investigation Committee
Memorial University

Express consent to receive medical treatment is not required; consider the present ATIPP Act and the draft HIA Act, for example. The Ontario health legislation, (PHIPA) on the other hand, requires consent for many, if not all, of the collections, uses and disclosures of personal health information. This leads to two schools of thought on consent. Dr. Neuman gave a riveting lecture last February on research ethics, and it has only added to the debate. He presented an overview on the history of research ethics and details of particular cases were very interesting. They will lead the delegation to pause for thought on why privacy protection and ethical treatment are "prime directives."

Dr. Richard Neuman
Professor of Pharmacology
Co-Chair, Human Investigation Committee
Memorial University

Richard Neuman is a professor of pharmacology at Memorial University and Co-chair of the Human Investigation Committee (HIC), the joint biomedical REB of Memorial University Faculty of Medicine and Eastern Health. Richard is a member of the transition team responsible for implementing the act creating a Health Research Ethics Authority for Newfoundland and Labrador. Richard is also a board member of the Canadian Association of Research Ethics Boards.

3:00pm – 3:30pm

Afternoon Break


3:30pm – 4:30pm

Breakout Session 4

4A: The ABCs of Privacy Protection in Schools, Colleges and Universities


Rosemary Smith
IAPP Coordinator
IAPP Office
Memorial University

Video surveillance, disclosure of students' personal information to parents and guardians, posting student achievements on an institution's web site, and whether or not a volunteer should have access to personal information are some of the privacy issues covered in this presentation.

Rosemary Smith
IAPP Coordinator
IAPP Office
Memorial University

Rosemary is Information Access and Privacy Protection Coordinator for Memorial University of Newfoundland. Her responsibilities include establishing policy, guidelines and best practices in access and privacy, managing access to information requests, and delivering education and training to administrative and academic offices on three campuses of the university. Rosemary is a member of the inaugural graduating class (2004) of the University of Alberta's Information Access and Privacy Protection Program. She serves the Canadian Association of Professional Access and Privacy Administrators as Acting Treasurer and Regional Representative for Newfoundland and Labrador.

4B: ŅSorry, You CanÕt Have That InformationÓ Stakeholder Awareness, Perceptions and Concerns Regarding the Disclosure and Use of Personal Health Information


Angela Yetman
Senior Privacy Analyst
Office of the ATIPP Coordinator
Department of Justice

The purpose of this project is to assess stakeholder awareness, perceptions and concerns regarding the collection, use, and disclosure of personal health information for the purpose of health research. While studies conducted in other jurisdictions have focused primarily on the public (Government of Canada, March 2003; GPC Alberta 2003), or upon specific stakeholder groups affected by the emerging privacy regimes at both the national and provincial levels (Willison et al, 2003; Health Canada Vision 2020 Workshops, 2000), this project aims to assess a wide range of stakeholders including the general public, health researchers, physicians, pharmacists, nurses, social workers, as well as custodians of information databases and data stewards. Our aim is to determine the relative level of familiarity among these groups with regard to current privacy legislation and regulations, and to assess the degree to which different stakeholder groups express similar or quite different concerns regarding the health information they can either access or share for research purposes.

Angela Yetman
Senior Privacy Analyst
Office of the ATIPP Coordinator
Department of Justice

Angela Yetman is a Senior Privacy Analyst in the ATIPP Office, Department of Justice. She has a Bachelor of Arts Degree and an Applied Ethics Diploma from Memorial University of Newfoundland. She has recently completed an Information Access and Protection of Privacy (IAPP) Certificate from the University of Alberta and is currently pursuing a MasterÕs of Arts Š Integrated Studies from Athabasca University. Angela has extensive experience with qualitative and quantitative Social Science research, both within and outside the healthcare setting. In assisting the Principal Investigator and Health Research Unit she has been acting as a Coordinator for the Privacy Study since 2005. In addition to this role she has been pursuing her career in privacy holding various roles within the Faculty of Medicine, the Newfoundland and Labrador Centre for Health Information and now the Department of Justice.