Expected to Work/Barriers to Full Employment Policy & Procedures

Published Date: July 23, 2012
Bookmark this page

02 Income Support Overview

Access to Information and Protection of Privacy

Protection of Personal Information

The Freedom of Information and Protection of Privacy (FOIP) Act requires Community and Social Services to protect the personal information it manages. In Fall 2001, Community and Social Services adopted a Privacy Policy to provide guidance on the Department’s expectations for handling personal information.

Collection of Personal Information

Staff must only collect personal information directly related to and necessary for the programs and services that they are responsible for. This is the information collected on Community and Social Services paper and electronic forms in its information systems. Personal information not related to decision criteria of the particular benefit or service is not required and must not be collected without the appropriate authority, even though the information might be potentially useful to other programs in Community and Social Services.

Unsolicited personal information that is not necessary for the operating program or activity is not an authorized collection. This information should be returned to the client.

Staff must be able to explain to the client:

  • The reason(s) the personal information is needed;
  • The use(s) that will make of the personal information;
  • Client options regarding the provision of the personal information and the consequences that may result from not providing it, including any limitations on services; and
  • The name and contact information of a person in Community and Social Services who can answer the client’s questions about the collection of their information.

Use of Personal Information

Use of personal information means employing it to accomplish the program purposes for which it was collected; for example, to administer a program or activity, to provide a service or to determine eligibility for a benefit under the Income and Employment Supports Act (IESA).

Section 39 of the FOIP Act lists the only circumstances under which Community and Social Services may use personal information.

Staff Responsibility to Protect Personal Information

Staff must recognize that given the necessity to handle personal information:

  • They must be aware of the relevant policies (e.g. Privacy and Security Policies) and program requirements for protecting personal information.
  • Appropriate use of personal information means information must only be accessed in “need to know” circumstances.

Disclosure of Personal Information

FOIP Act

Section 40 of the FOIP Act lists the only circumstances under which Community and Social Services may disclose personal information. It enables but does not require the disclosure of personal information in the course of various administrative processes and in response to informal access requests.

The authority to disclose personal information is delegated as per the FOIP Delegation Matrix. For example, personal information may be disclosed to an individual’s lawyer with the individual’s written consent. If in doubt about disclosing personal information, staff should consult with their supervisor. The link to the delegation matrix is via the intranet so would not be accessible by the public.

IESA

Workers can also disclose information only as specified in IESA section 49:

  • Where the disclosure is necessary for the administration of the IESA, or
  • To any person employed in the administration of a similar Act in another province or territory of Canada, or
  • To any person with the written consent of the Regional Director.

The Minister has the power under IESA sec 49(2)(c) to disclose information to any person where he deems it to be in the client’s best interests. This authority is delegated by the Minister to the Regional Executive Director level.

Specific policies for disclosing information under IESA and the FOIP Act are described below.

Disclosure to Members of the Legislative Assembly (MLAS)

Under the FOIP Act, personal information may be disclosed to an MLA who has been requested by the individual the information is about, to assist in resolving a problem. Under the FOIP Delegation Matrix this is delegated to the supervisor or a higher authority level. The supervisor must be confident that the individual has asked the MLA to assist them in resolving a problem and that the disclosure of the personal information is related to that resolution. The person requesting the information should be the MLA or the MLA’s official designate. The disclosure must be documented in Mobius Personal Home Page Notes.

Disclosure Related to Law Enforcement

If a Community and Social Services Alberta Supports Centre receives a request to disclose personal information related to a law enforcement matter, form EMP 2941 Request to Disclose Personal Information must be completed.

Penalties for Breach of Confidentiality

Community and Social Services is committed to the appropriate management of the personal information of its clients. Inappropriate collection and use may result in disciplinary action, up to and including, termination of employment.

In addition, under section 92 of the FOIP Act, persons who willfully collect, use or disclose personal information in contravention of the FOIP Act are guilty of an offence and liable to a fine of not more than $10,000.

Reports to Child and Family Services

The confidentiality requirements of the IESA and the protection requirements under the FOIP Act do not release IS staff from the obligation to report to Child and Family Services when there are any potential child protection concerns.

Procedures for Disclosure

Under the FOIP Delegation Matrix authority to disclose certain information is delegated beyond an Alberta Supports Centre level. If an Alberta Supports Centre receives a request to disclose personal information, the Alberta Supports Centre will:

  1. Complete the EMP 2941 Request to Disclose Personal Information
  2. Fax the completed form to the Regional Executive Director for review.

In situations of law enforcement requests to disclose information, the requesting Alberta Supports Centre completes section 3 of EMP 2941 Request to Disclose Personal Information and faxes to the Regional Executive Director for review.

When the EMP 2941 Request to Disclose Personal Information is received, the Regional Executive Director’s office will:

  1. Review the request in accordance with section 40 of the FOIP Act.

    Note
    The Regional Executive Director may disclose information about a client only in accordance with section 40(1) and 41 of the FOIP Act.

     

  2. Provide verbal consent or refusal for the request.
  3. Complete section 4 of EMP 2941 Request to Disclose Personal Information within 10 working days, and forward to the appropriate Alberta Supports Centre.

Consent to Release

The Alberta Supports Centre will:

  1. Enter the decision by the Regional Executive Director in Mobius Personal Home Page Notes.
  2. Provide the information to the person requesting the information.

Refusal to Release

The Alberta Supports Centre will:

  1. Enter the decision by the Regional Executive Director in Mobius Personal Home Page Notes.
  2. Notify the person requesting the information that the information cannot be disclosed and provide the reason(s) why.

The Alberta Supports Centre and/or Regional Executive Director’s office may consult with the Information and Privacy Office as required.