The URL can be used to link to this page

CLERK-001 - Access Policy_2012ACCESS POLICY FOR THE CITY OF SAINT JOHN (P - SAINT ]MIEN Title: Access Policy Subject: Access Policy for City Records Category: Policy No.: COS -CC -001 M&C Report No.: Effective Date: August 27, 2012 Next Review Date: (3 years) Areas this policy applies to: All City Service Areas Office Responsible for review of this Policy: Common Clerk Related Instruments: COS -CC -002, Policy Sponsor: Common Clerk 003, 004, 007, 010 Document Pages: This document consists of 7 pages. Revision History: Updated on April 2, 2019 Common Clerk's Annotation for Official Record I certify that the Access Policy was approved by Common Council on August 271h, 2012 April 2nd, 2019 Common Clerk Date Contact: Common Clerk Telephone: 658-2862 Email: commonclerk@saintjohn.ca ACCESS POLICY FOR THE CITY OF SAINT JOHN TABLE OF CONTENTS 1. PURPOSE.............................................................................................................................................3 2. POLICY STATEMENT............................................................................................................................. 3 3. SCOPE.................................................................................................................................................. 3 4. POLICY CONTEXT................................................................................................................................. 3 5. LEGISLATION AND STANDARDS............................................................................................................4 6. ROLES AND RESPONSIBILITIES..............................................................................................................4 7. COMPLIANCE....................................................................................................................................... 5 8. MONITOR AND REVIEW.......................................................................................................................5 9. IMPLEMENTATION............................................................................................................................... 5 10. AUTHORIZATION................................................................................................................................ 5 11. GLOSSARY.......................................................................................................................................... 5 12. INQUIRIES.......................................................................................................................................... 7 ACCESS POLICY FOR THE CITY OF SAINT JOHN 1. PURPOSE The purpose of the Access Policy (the "Policy') for The City of Saint John (the "City') is to outline generally accepted access principles with which employees of the City will comply; to ensure that the City will be in compliance with applicable practices and legislation including the Right to Information and Protection of Privacy Act (RTIPPA); to manage requests for information in a timely and consistent manner; and to demonstrate that openness and transparency is a priority for the City. 2. POLICY STATEMENT The City is committed to openness and transparency to make its information easily accessible, with consideration given to the protection of personal privacy and confidentiality, and to assist applicants throughout the entire request process. All activities concerning the handling of records and information within the City are to be in accordance with City policies and supporting procedures. 3. SCOPE This Policy applies to all City employees handling records and information while conducting City business. 4. POLICY CONTEXT Citizens expect a single point of contact where formal access to information requests of the City may be placed. The Common Clerk has been designated by Common Council as the "head "as defined in RTIPPA and is therefore responsible for the administration of the Act. Consequently, all formal requests made under RTIPPA are registered, tracked and processed by the Office of the Common Clerk. Requests for information are triaged into two streams depending on the nature of the information requested: routine requests and formal requests. Often information may be easily accessible without the need to make a formal request under RTIPPA. Routine requests may be responded to directly by service areas; however, service areas must work with the Common Clerk to develop an up-to-date list of records available via the routine release stream. In processing a request made under RTIPPA, the City will adhere to the following access principles: • Process the request without regard to an individual's identity; • Offer reasonable assistance throughout the request process; • Provide information on RTIPPA, including information on the processing of a request and the right to appeal to the Access and Privacy Commissioner of the Province of New Brunswick and/or to the Court of Queen's Bench of the Province of New Brunswick; • Inform applicants without undue delay when a request needs to be clarified; • Make every reasonable effort to locate and retrieve the requested information; • Apply limited and specific exceptions to the requested information; • Provide accurate and complete responses; • Provide timely access to the requested information; ACCESS POLICY FOR THE CITY OF SAINT JOHN • Provide information in the format requested where possible; and • Provide an appropriate location to examine the requested information. 5. LEGISLATION AND STANDARDS The City acknowledges the following laws that relate to records and information management: • Charter of The City of Saint John, 1785 (U.K.) Geo. III as amended • Archives Act, S.N.B. 1977, c.A-11.1 as amended • Community Planning Act, S.N.B. 2017 c. 19 as amended • Electronic Transactions Act, S.N.B. 2011, c.145 as amended • Evidence Act, R.S.N.B. 1973, c.E-11 as amended • Local GovernanceAct.S.N.B. 2017 c. 18 as amended • Official Languages Act, S.N.B. 2002, c.0.0.5 as amended • Personal Information Protection and Electronic Documents Act, R.S.C. 2000, c.5 as amended • Public Records Act, S.N.B. 2011, c.212 as amended • Right to Information and Protection of Privacy Act, S.N.B, 2009, c.R-10.6 as amended. The City acknowledges the following standards, guidelines and best practices that relate to access: • CAN/CSA-Q830 Model Code for the Protection of Personal Information • CAN/CSA-PLUS-8300 Workbook on Applying the CSA Model Code • CAN/CSA-PLUS-8830 Implementing Privacy Codes of Practice. 6. ROLES AND RESPONSIBILITIES The City Manager: • is accountable for holding employees responsible for complying with City policy The Common Clerk: • is accountable for the Policy and delegates the day to day administration and implementation to appropriate staff, • is responsible to ensure the day to day implementation of the Policy; providing advice on RTIPPA; processing and responding to all formal access to information requests in a timely and complete manner; advising the City on the appropriate information to disclose and not to disclose to applicants; providing training and awareness sessions; and monitoring and compliance, • is responsible for identifying the personal information holdings within the City's electronic information repositories, • is responsible to ensure that personal information in any format is retained for a reasonable period of time, • is responsible for authorizing the secure disposition of personal information according to the Right to Information and Protection of Privacy Act and the City's Information Security Policy and procedures. ACCESS POLICY FOR THE CITY OF SAINT JOHN The Chief Information Officer: • is responsible for securely maintaining the City's electronic information repositories, according to the City's Information Security Policy and procedures, such that the integrity and authenticity of the City's information is assured. Service Area Managers: • are responsible for ensuring that employees comply with the Policy, procedures and applicable legislation. • Program Area Commissioners provide management support and leadership. Program Area Commissioners: • are responsible for ensuring that employees comply with the Policy, procedures and applicable legislation. City employees: • are responsible to provide access to all information within their realm of responsibility as defined by the Policy, procedures and applicable legislation. 7. COMPLIANCE Violations or non-compliance with the Policy, regardless of size or scope, may carry potentially significant consequences for the City. Violations may constitute theft, fraud, destruction or alteration of corporate information; privacy breach; unauthorized disclosure of information assets; and/or loss of intellectual property. Violations of the Policy may cause employee disciplinary action, up to and including dismissal. 8. MONITOR AND REVIEW The Policy is subject to review as required. The review will be conducted by a committee established by the Office of the Common Clerk. The committee may be comprised of a cross -functional internal membership or an independent third party. 9. IMPLEMENTATION The Policy will be implemented upon approval by Common Council. 10. AUTHORIZATION This Policy has been approved by Common Council on August 27th, 2012. 11. GLOSSARY Access Principles The City's access principles are based on those of the Government of Canada as expressed in the Directive on the Administration of the Access to Information Act (2012). ACCESS POLICY FOR THE CITY OF SAINT JOHN Applicant A person who makes a request for access to information contained in a record. Employee An employee is an individual or corporation hired by the City to perform work under either a contract for services or a contract of service. Exception Specific instance where the City is entitled to refuse to disclose information in response to a request received under RTIPPA. Exceptions are either discretionary or mandatory. Information Data presented in readily comprehensible form to which meaning has been attributed within the context of its use. Unless the context otherwise requires, this means information contained in a record. Information Security The protection of information and information systems from a wide range of risks including unauthorized access, use, disclosure, disruption, modification or destruction in order to provide authenticity, integrity, confidentiality and availability. Personal Information Recorded information about an identifiable individual, including but not limited to, (a) the individual's name, (b) the individual's home address or electronic mail address or home telephone or facsimile number, (c) information about the individual's age, gender, sexual orientation, marital status or family status, (d) information about the individual's ancestry, race, colour, nationality or national or ethnic origin, (e) information about the individual's religion or creed or religious belief, association or activity, (f) personal health information about the individual, (g) the individual's blood type, fingerprints or other hereditary characteristics, (h) information about the individual's political belief, association or activity, (i) information about the individual's education, employment or occupation or educational, employment or occupational history, (j) information about the individual's source of income or financial circumstances, activities or history, (k) information about the individual's criminal history, including regulatory offences, (1) the individual's own personal views or opinions, except if they are about another person, (m) the views or opinions expressed about the individual by another person, and (n) an identifying number, symbol or other particular assigned to the individual. Privacy Breach An unauthorized access to, or collection, use or disclosure of personal information. Record Recorded information, regardless of medium or characteristics, made or received by an organization that is evidence of its operations, and has value requiring its retention for a specific period of time. Records Retention and Disposition Schedule A schedule that gives the City the authority to dispose of (transfer or destroy) records it no longer requires. This schedule identifies the period of time that personal information in the custody of the City is to be retained. ACCESS POLICY FOR THE CITY OF SAINT JOHN Requests Formal requests - Request for records that are neither routinely available nor available through more informal procedures. A request for access to a record will specify the record requested or where the record in which the relevant information may be contained is not known to the applicant, provide enough particularity as to time, place and event to enable a person familiar with the subject matter to identify the relevant record. Requests must include information specified in the regulations. Unless an applicant has limited ability to read or write in either English or French, or has a disability or condition that impairs his or her ability to make a written request, requests must be made in writing. Formal requests must be directed to the Office of the Common Clerk as soon as they are received. Routine Requests - Requests for information that is easily accessible and not subject to RTIPPA. Applicable fees may be charged, if this has been the practice in the past. The request can be verbal and does not require the involvement of the Office of the Common Clerk. Routinely released records must be identified and listed in a reference table. 12. INQUIRIES For more information on the Policy, please contact the Office of the Common Clerk.