Agenda

Discover what the future holds: digital media, social media, electronic evidence, generational workforce changes, etc. Joins us and see how all of these elements merge to challenge today's privacy ideologies and engage in a discussion on whether or not privacy and access to information exists currently, as well as in the future. How has Face Book and Google changed the face of privacy as we know it? What does this mean to your organization? Has the lines between public and private life blurred completely to a point of disappearing? Do younger generations care about privacy? Mr. Benay has travelled the world engaging industry leaders in shaping key information management policies and currently works for the world's leading enterprise content management organization in engaging public sector leaders across Canada in establishing tomorrow’s information management foundations.

Alex Benay
Director - Customer Enablement
Open Text Corporation

Alex has close to 10 years of experience in the information management domain, ranging from policy and program management to solutions development and implementation. Having spent the first eight years of his career in the Canadian Federal Government in such organizations as Library and Archives Canada, Natural Resources Canada, and the Canadian International Development Agency as Director IM. Alex is now responsible for ECM developments in the Government of Canada as well as the provincial governments of Québec and the Maritimes.

The session will provide a high level review of provincial law on freedom of information and how this can be at odds with requests for police centric background checks. The presentation will discuss what is available to police agencies and the role that police play in assisting agencies with background checks while maintaining the personal privacy of potential applicants to that agency. The issues associated with the disclosure of a person's interaction with police, medical related information , charges and criminal record/conviction will all to discussed.

Bill Moore
Superintendent - Community Projects
Halifax Regional Police

Supt. Bill Moore is the FOIPOP Administrator and the Mental Health Liaison Officer for the Halifax Regional Police. He has experience in a variety of operational and administrative assignments throughout during his 25 years of policing. Supt. Moore holds a BSc. in Psychology from Dalhousie University and is a graduate of the FBI National Academy in Quantico Virginia. He has completed certificate course work at both the University of Pennsylvania Wharton School of Business and Saint Mary's University in Halifax.

Supt. Moore is presently the officer in charge of Community Projects Division.

This session will provide an overview of electronic records within the context of Freedom of Information (FOI) applications, and what FOI Administrators can do to adjust to this changing landscape and manage FOI issues resulting from the trend to electronic formats. Much has changed since the early days of FOI and email, audio and video tapes, digital photos, and data bases now not only present logistical difficulties for records searches, but also policy challenges in record retention and format decisions.

Session attendees will get an insight into how information and privacy commissioners and the courts have viewed the definition of a “record”, obligation to create records, format requirements, and the application of exemptions. They will also receive some best practice tips on dealing with FOI applications that involve electronic records, or records in electronic formats such as data bases.

Robert P. Doherty
President
Access & Privacy Services

Bob Doherty was the Province of Nova Scotia’s first Director of Information Access and Privacy, a position he held for 10-plus years and in that capacity oversaw and provided education and training services to the Nova Scotia Government, universities, hospitals, and school boards. He also provided policy and legislative advice to the government.

Since leaving the public service he has continued to be a guest speaker at conferences in Nova Scotia, New Brunswick, and Ontario and has provided access and privacy consulting and training services to federal, provincial, and municipal clients as well as to the private sector. He has also written op-ed page opinion pieces on privacy for the Halifax Chronicle Herald and authored an analysis of the proposed new Nova Scotia Health Information Act for the "The Winston Report" an on-line journal of the Canadian Association of Professional Access and Privacy Administrators (CAPAPA). He has taught seminars in access and privacy law at Mount St. Vincent University, and worked with the University of Alberta's on-line certificate program in information access and privacy.

He holds a Bachelor of Arts degree from St. Francis Xavier University, a Master of Science degree in Communications from Boston University, and a Bachelor of Laws Degree from Dalhousie University. He is on the board and is a regional representative for the Canadian Association of Access and Privacy Professionals (CAPAPA). He is also a practicing member of the Nova Scotia Barristers Society and specializes in Access to Information and Privacy Law.

For many years, within information technology we have defined and implemented security to protect access to various electronic information more accessible by various parties. Our past experiences has allowed us to redefine our approach when looking at authentication, authorization and audit. The industry has evolved and various standards have emerged, Technology vendors develop solution to enable organization achieve Single Sign On to their systems. After years of experimentation, implementation and spending, many organizations still struggle on dealing with this problem. Even though technologies exist and have matured, the question is are we really taking the right approach to solving the problem. Is a new approach the way to start solving our long term goal of allowing an employee, a customer, a citizen to access our services in a secure way but transparently.

Rob Wilson
Senior Principal Consultant
CA Inc.

Rob Wilson has worked in the field of information technology for 14 years. He specializes in Identity and Access Management technologies, and is a trusted advisor for numerous Canadian Government, Financial, Telecommunication, and Retail organizations. In previous positions at the Ontario Government and CIBC, Rob was responsible for architecting and implementing security and infrastructure solutions.

Rob holds a Bachelor of Technology from Memorial University of Newfoundland, and a Master of Science in Information Technology from the University of Liverpool focusing on cloud-based identity systems.

This presentation will provide you with a step-by-step breakdown of what to consider when processing an access to information request. All mandatory and discretionary exceptions are taken into consideration while ensuring that the business interests of any 3rd parties are protected. You will learn:

• When to ask for copies of the records versus when to have staff estimate time required and number of pages of records
• Sections to consider and when to sever
• Time lines for both the process and the possible appeal process

Frieda MacLaren
Provincial Access and Privacy Coordinator
PEI Provincial Treasury

Frieda began her career in information access and privacy in 2000. She was the office manager of the Freedom of Information and Protection of Privacy Implementation Team from June 2000 until November 1, 2002. Upon proclamation of the Act she was appointed to the position of Access and Privacy Assistant Coordinator. On April 29,2005, Frieda was appointed as the Provincial Access and Privacy Coordinator.

"If only…"; "Why didn’t they…"; "You should’ve thought…" How much easier the job of being an information access & privacy professional would be if programs, processes, policies, and people considered privacy issues at the very beginning.

• How to 'sell' privacy proactively;
• Whose responsibility is privacy?;
• PIA…the roadmap;
• Using common sense to steer a culture change;
• Privacy—neither an add-on, nor the bottom line.

Carla Heggie
Information Access & Privacy Manager
NS Labour & Workforce Development

Carla Heggie is the Information Access & Privacy Manager for NS Labour & Workforce Development. She has been working with government in the policy area of information access and privacy since the early 1990's, and has been administering the NS Freedom of Information & Protection of Privacy Act [FOIPOP] for about fifteen years, during which time she has been actively involved in the evolution of access and privacy administration within the Provincial government. As well, Ms.Heggie administers the NS Personal Information International Disclosure Protection Act [PIIDPA], along with various corporate and departmental privacy and access policies.

A graduate of Dalhousie University with a degree in political science and labour economics, Ms.Heggie is a graduate of the Information Access & Protection of Privacy [IAPP] Certificate Program at the University of Alberta, and sat on the National Advisory Committee for that program. Ms.Heggie is currently a member of the following committees at Dalhousie University: MLIS Curriculum & Continuing Education Committee; MIM Coordinating Committee; and MLIS Curriculum Advisory Board.

Past chair for the Canadian Association of Professional Access & Privacy Administrators [CAPAPA], Ms.Heggie has been proactive in lobbying for the professional development of access & privacy specialists. As such, she has taken the opportunity to speak at many Information Access & Privacy, and Information Management, venues across the country on the topic of the development and certification of the Information Access & Privacy Professional.

For many years, within information technology we have defined and implemented security to protect access to electronic information and the location where it is located. Content monitoring, filtering and data loss prevention techniques and technologies are now at the forefront at securing your data.

Our past experiences has allowed us to redefine our approach when looking at Data Access Security and the Policies behind it.

The regulatory environment is changing. Find out what organizations, as well as the public and private sector need to consider to best protect themselves from data leaks. Are inspection techniques, classification just catch phrases? Is Data at rest, or Data in motion a concern for your organization? Are you vulnerable for a data loss?

Rob Wilson
Senior Principal Consultant
CA Inc.

Rob Wilson has worked in the field of information technology for 14 years. He specializes in Identity and Access Management technologies, and is a trusted advisor for numerous Canadian Government, Financial, Telecommunication, and Retail organizations. In previous positions at the Ontario Government and CIBC, Rob was responsible for architecting and implementing security and infrastructure solutions.

Rob holds a Bachelor of Technology from Memorial University of Newfoundland, and a Master of Science in Information Technology from the University of Liverpool focusing on cloud-based identity systems.

There is no disputing the incredible popularity of social networking. Many millions of people consider it a very effective way to keep in touch with friends and family and to share information about themselves. Unfortunately, the vast amounts of information that we openly share is often used for purposes that were never intended and, in many cases, can have an adverse effect on our personal and professional lives. In addition, the personal information that we share online can end up in the hands of people who you would not likely consider a “friend.” It is important, therefore, that we take steps to protect our personal information, particularly during our online social interactions. This presentation will explore social networking and its relationship to issues such as online advertising, online scams, identity theft and online predators. Through a number of examples, the presentation will show how providing too much personal information through social networking activity can lead to embarrassment, loss of career opportunities, disciplinary action and even danger.

Sandy Hounsell
Senior Research and Outreach Advisor
Office of the Privacy Commissioner of Canada

Mr. Hounsell is the Senior Research and Outreach Advisor for the Office of the Privacy Commissioner of Canada. Prior to accepting this position in September of 2008, Mr. Hounsell was the Assistant Information and Privacy Commissioner for the Province of Newfoundland and Labrador. Prior to that, Mr. Hounsell was the Director of Access to Information and Protection of Privacy with the Provincial Department of Justice, and was responsible for creating and establishing the first comprehensive access and privacy regime for the Province.

Mr. Hounsell has a Bachelor of Applied Science degree from Ryerson Polytechnic University in Toronto, a Master of Business Administration degree from Memorial University of Newfoundland and is a Fellow of the School of Graduate Studies at Memorial University. In addition, Mr. Hounsell is an instructor with the Law Society of Newfoundland and Labrador Bar Admission Course and is a recipient of the 2001 Public Service Award of Excellence.

Management of personal health information is complex and the rules are rapidly changing. It is anticipated that Nova Scotia will introduce a Personal Health Information Act in 2010, joining eight other Canadian jurisdictions in managing personal health information under a comprehensive, modern and flexible piece of provincial legislation.

This presentation will examine the elements of the proposed legislation, including:

• who is covered by the Act
• what information is (and isn’t) covered by the Act
• the new rules planned for the Nova Scotia legislation
• how the Act is designed to accommodate changes in the health sector
• how the Act impacts those not in the health sector – as professionals and as patients

Suellen Murray
Project Manager
Health Information Legislation Project
NS Department of Health

Suellen Murray is the Project Manager for the Health Information Legislation Project at the Nova Scotia Department of Health. Prior to initiating the project in late 2007, she was the Manager of the Information Access and Privacy Unit at the Department, a position she held since forming the Unit in 2002.

Suellen has worked in provincial government policy in Ontario and Nova Scotia for 18 years, with positions in labour, workers' compensation, continuing care, and health information privacy.

Suellen is a graduate of Mount Saint Vincent University with a Bachelor of Public Relations, and of the Dalhousie University Faculty of Law. She was called to the Ontario Bar in 1992.

Join this informal round table discussion, facilitated by the City of Toronto's Rob Candy, where you can network with colleagues from other communities in the Province, and have some of your unique questions answered. Find out what other communities like yours are doing to meet the needs of their constituents and councilors. You will also be able to ask questions and share ideas with Rob, who's got 15 years experience in the municipal Access and Privacy field, with one of the world's largest cities.

Facilitator:
Rob Candy
Manager Training and Compliance - Corporate Access and Privacy
Corporate Access and Privacy Office
City of Toronto

Rob Candy is the Manager Training and Compliance - Corporate Access and Privacy for the City of Toronto's Corporate Access and Privacy Office. His training workshops for the City of Toronto and other municipal and provincial governments and agencies are consistently rated very high.

The world of ATIP has evolved over the last few years, to the point where access to information and privacy issues are now the subject matter of professional development, and post-secondary education. Join Carla Heggie, External Representative on the Curriculum Committee at Dalhousie's School of IM, and Sharon Polsky of CAPAPA, as they outline a few different options of what's available to you to further develop your skills and learning.

Eric Lawton
Manager Information, Privacy and Technology Corporate Access and Privacy Office
City of Toronto

Eric Lawton currently serves voluntarily as the Director of Professional Certification for the non-profit Canadian Professional Association of Professional Access and Privacy Administrators (CAPAPA). His primary focus in CAPAPA is to establish certification and networking resources for access and privacy professionals across Canada. He is also leading CAPAPA's efforts to develop accreditation standards for educational institutions training programs and liaises with other professional bodies in related professions.

Eric's full-time job is Manager of Corporate Access and Privacy, City Clerk's Office, City of Toronto. Eric's unit conducts Privacy Impact Assessments and provides support and advice to City staff. He also does training on Privacy Impact Assessments and develops policy. Eric joined the City in September 2006.

For 16 years prior to that, Eric worked in the Government of Ontario in various roles, most recently as a senior policy advisor in the Ministry of Government Services's Corporate Access and Privacy Office.

New Brunswick's Right to Information Act and Protection of Personal Information Act are being repealed and replaced with the Right to Information and Protection of Privacy Act. Our new Act defines "law enforcement". Virtually all provinces have some form of exemption for law enforcement and/or investigation purposes, but the actual wording varies between jurisdictions. That exemption can apply to permit access to "personal information" without consent, and also prevent the release of information if there is an on-going investigation and there is an access to information request. As well, since 9/11 there has been an increased emphasis upon "intelligence gathering" and the sharing of information that is gathered. For instance, in New Brunswick we have Regional Intelligence Gathering Committees throughout the province, and they meet quite frequently. The Committees consist of designated representatives form all police agencies, Public Safety, Correctional Services Canada and Canada Border Services, etc. They share information on clients, including personal information.

This presentation will outline the definition of "law enforcement" and how the various provinces (as well as federally) have interpreted this exemption, as well as the definition of "investigations". What are the limits on sharing /refusal to release information on the grounds of an "investigation"?

Ian Walsh
Senior Advisor
Strategic Policy & Planning Division
New Brunswick Department of Public Safety

J. Ian Walsh is the Senior Advisor, Legal and Strategic Initiatives, with the New Brunswick Department of Public Safety. He is a graduate of Saint Francis Xavier University, (B.Sc.), Dalhousie University (M.S.W.) and the University of New Brunswick (LL.B.). He is a former Social Worker. In addition, for several years he practiced Family and Insurance Law with the law firm of Tremblay & Associates, Bathurst, New Brunswick. He is also a former Lecturer at Saint Thomas University at Fredericton, having taught Constitutional Law. Since joining the Department of Public Safety, Ian has had extensive involvement in the implementation of the Youth Criminal Justice Act. He has conducted national workshops on the sentencing provisions of the YCJA on behalf of Justice Canada. In addition he has conducted YCJA training sessions on behalf of the governments of New Brunswick, Prince Edward Island, Nova Scotia and Nunavut. He has also been guest speaker at two national YCJA Defence Counsel Symposiums in Ottawa. Ian is currently the Provincial-Territorial Co-chair of the national YCJA Amendments Committee. He is a member of the New Brunswick Law Society and the Canadian Bar Association. He and his wife, Rachelle, currently reside in Fredericton, New Brunswick.

Recent events in Canada and abroad have shone a spotlight on the data handling practices at Facebook, Google, Provincial and Federal Governments. The attention has created an awareness among Canadians about the value and importance of exercising their right to access information held by governments and corporations alike. Is your organization ready to process Access to Information requests in an effective way? Will the programs, processes and systems in your organization help or hinder as you wade through the Access to Information requests? Do you wish for a more efficient way to be able to respond to access requests? This session will explore the role of Access Impact Assessments and help you build the business case for conducting AIAs as a routine part of any new program, process, or system implementation.

Sharon Polsky
President
AMINA Consulting Corp.

Sharon Polsky is President of AMINA Consulting Corp. and has specialized in data protection and information risk management for more than 25 years. Since 2007, she has served as the elected National Chair of the Canadian Association of Professional Access and Privacy Administrators (CAPAPA), and as the Editor in Chief of The Winston Report, the only authoritative journal devoted to the access and privacy profession in Canada. Sharon is a frequent speaker and lecturer in the areas of data privacy, information security, cyber-liability, and the privacy implications of RFID and other emerging technologies. Ms. Polsky has spoken before the Canadian Senate Standing Committee on Legal and Constitutional Affairs on the privacy implications of proposed federal legislation; and she was invited to submit recommendations to the Information Commissioner of Canada addressing the modernization of federal privacy and access laws. Ms. Polsky has been an adjunct instructor at SAIT Polytechnic and the University of Calgary, and for Insurance Institutes across Canada since 2001. She was a key contributor to the Canadian Professional Insurance Broker national certification program. She was also instrumental in developing the Canadian National Competency Standards and the Professional Certification Program for Information Access and Privacy Professionals in Canada.

Whether it's social networking or just simple web browsing we all leave traces of our ourselves scattered around the Internet and in databases. This presentation will give an overview of some of the many ways our activities are tracked and recorded, the problems with having that information public, and some of the steps we can take to minimize the information we reveal.

Wallace Peers
Provincial IT Security Authority
Chief Information Office
Government of Nova Scotia

Wallace Peers, always wary of what the world around him was doing with his personal information, was naturally led into the field of computer and cyber security. Wallace Peers is the Provincial IT Security Authority for the government of Nova Scotia. Previously he worked with Public Safety Canada as a member of the Canadian Cyber Incident Response Centre and has an extensive background in formal security evaluations with the Communications Security Establishment.