How is your personal information being collected, used and shared?
Information security starts with you: January 28 is Data Privacy Day!
What is Data Privacy Day? It’s an internationally recognized day intended to spark dialogue and awareness around how your personal information is collected, used and shared.
The internet is full of data about you. Do you know where it is, and who can see it? Every time you download an app, check in on a Google Map or catch a Pokémon, personal information about you is created and retained. Do you know what that information consists of, and who has access to it?
Privacy means the right of an individual to seclude themselves, or information about themselves, from others and the right to share information about themselves selectively.
We often choose to share information about ourselves in return for a benefit or service. We have the right to share our information, but also the responsibility to ensure we understand what we are sacrificing, and how our information is being used or shared.
What can you do to mark Data Privacy Day?
- Review the privacy settings on all of your social media accounts.
- Use strong passwords for all of your accounts, and do not use the same password for multiple accounts.
- Read the permissions applications request when you install apps.
- Think before you post, not only about your own privacy, but also about the privacy of your friends and family.
Remember, information security starts with you!
On a wider scale, the University also works to protect the privacy of members of our community and maintain the security of the information intrusted to us.
Protect the information, identity and privacy of others and become educated about privacy resources available at the University of Manitoba.
Under the provincial privacy legislation, The Freedom of Information and Protection of Privacy Act (FIPPA) and The Personal Health Information Act (PHIA), the University of Manitoba has an Access and Privacy Office that facilitates the University’s compliance with the legislation.
Services provided by the Access and Privacy Office:
- Guidance to support University compliance with access and privacy legislation
- Coordination of University responses to access to information requests
- Leadership and support of the University’s records management program
- Privacy training programs
- Privacy breach investigations
- Privacy risk assessments on new and existing information management systems
See more at the Access and Privacy Office website.
Additionally, there is the Information Security and Compliance unit within Information Services and Technology (IST). Their goal is to maintain and enhance the security and integrity of information, computing resources and technology at the UM.
Know what policies are in place at the University of Manitoba.
The data classification guideline governs how the institution organizes the data it interacts with and what rules are in place for processing it.
An information security policy articulates how the institution governs and prioritizes information security activities.
Collect and use only the minimum amount of personal information for an authorized purpose.
And only provide access to personal information to the minimum amount of people who need to know for an authorized purpose.
Only use the information that has been collected for its intended purpose.
If you need to use the information for another reason, check with Access and Privacy Office and refer to applicable policies.
Destroy or de-identify personal information when you no longer need it.
The University has a comprehensive records management program that determines the appropriate length of time that information needs to be maintained before destruction or transfer to Archives.
Check out our Common Records Schedules for University administrative records. Contact the Access and Privacy Office if your unit has records that fall outside of the Common Records Schedules.