Protection of Privacy

The protection of your own personal privacy is important and something you should be aware of. There are a variety of known vulnerabilities but some of the most common are human error, network infrastructure, software application, operating system, web, poor documentation, deficiencies, lack of a personal security system and physical security lapses.

With proper knowledge these vulnerabilities can be reduced or be completely eliminated. It may seem a little corny but knowledge and education on the subject of privacy protection is the best defense.

At UNB all employees are responsible for making sure that personal and confidential data is handled properly and if you no longer need a document or piece of media containing sensitive information then the data or document should be properly destroyed (e.g. secure shredding)

There are 10 Privacy Principles to go by when conducting University business in relation to RTIPPA or just as general guidelines that would be in your best interest to follow.


10 Privacy Principles

1. Accountability

We are all responsible for the personal information we access and use in our daily activities. Any other person, including 3rd parties, who have access to personal information for the purpose of conducting UNB business activities are accountable.

2. Identifying Purpose

The purpose for which personal information is collected must be identified at or before the time the information is collected. The information collected must be necessary for the administration or operation of a university program or activity. You should be able to explain to an individual why you are requesting information and how it will be used.

3. Consent

When collecting personal information, reasonable effort must be made to inform individuals why the information is being requested. Consent requires that individuals are knowledgeable and informed about the collection, storage, accessing, use and disclosure of personal info.

4. Limiting Collection

Collection of personal information should be limited to what is necessary for the purpose identified and should be done in an efficient and transparent matter.

5. Limiting Use, Disclosure and Retention

Personal information should be used only for purposes identified and should be done in an efficient and transparent matter.

6. Accuracy

Personal information should be accurate, complete and up-to-date.

7. Protection

Personal information should be protected by best practices for records management. Records should be stored and disposed of in a secure manner that prevents unplanned disclosure.

8. Openness and Assistance

UNB's policies and practices relating to the management of personal information are accessible through this website or by contracting the University Secretariat.

9. Individual Access and Revision

Individuals are able to request access to their own personal information in the custody and care of UNB. If an individual has concerns about the accuracy of completeness of his or her personal info, he or she may request to have it amended.

10. Ability to Challenge and Appeal

Questions or concerns about the University compliance with the 10 Privacy Principles should be directed to the University Secretariat.

The final area of data handling that must be addressed is when you transmit personal or confidential information over a public network, such as the Internet.

When you need to transmit this type of information you should always work closely with UNB ITS to ensure best practices and UNB protocols are in place.

Whenever disseminating information orally or in writing, also be cautious of the potential risk. The unauthorized dissemination of data is on par with any other type of security breach.

Understanding the different aspects of privacy protection will benefit both you and the individual's personal information. The next topic is Email Management which, used properly, will also make your time at work easier.