Privacy Reports
Decision Information
Summary:
On March 21, 2001, the Office of the Information and Privacy Commissioner (IPC) received a letter from the Leader of the Ontario New Democratic Party alleging a disclosure by electronic mail of a report entitled 2000 Traumatic Fatalities Reported in Occupational Disease & Survivor Benefits Program (the Report), and asking the IPC to investigate. Enclosed with the letter was a copy of an e-mail and the Report, which he had received from one of the e-mail recipients.
That same day, the Commissioner received a telephone call from the Minister of Labour (the Ministry) in respect of the same incident, assuring us of their intention to cooperate fully with our investigation.
The IPC initiated an investigation under the Freedom of Information and Protection of Privacy Act (the Act) against the Ministry (PC-010013-1).
On March 27, 2001, the IPC met with the Ministry's Freedom of Information and Privacy Co-ordinator, and in the course of the discussions determined that the Report in question was a Workplace Safety and Insurance Board (WSIB) report. While the Minister of Labour has overall responsibility for WSIB, WSIB is a separate institution under the Act.
Accordingly, on March 29, 2001 the IPC initiated an investigation involving WSIB (PC-010014-1), and met with some of WSIB's senior staff.
Both complaints are addressed in this report because the disclosure of the WSIB report involved both Ministry and WSIB staff. Further, there is considerable overlap in the events, relationships and actions taken.
Decision Content
PRIVACY COMPLAINT REPORT PRIVACY COMPLAINTS PC-010013-1 and PC-010014-1 Ministry of Labour - PC-010013-1 Workplace Safety and Insurance Board - PC-010014-1 April 20, 2001
_ 2 _ PRIVACY COMPLAINT REPORT PRIVACY COMPLAINT NOS. PC-010013-1 and PC-010014-1 MEDIATOR: Mumtaz Jiwan INSTITUTION: Ministry of Labour (PC-010013-1) Workplace Safety and Insurance Board (PC-010014-1) INTRODUCTION: On March 21, 2001, the Office of the Information and Privacy Commissioner (IPC) received a letter from the Leader of the Ontario New Democratic Party alleging a disclosure by electronic mail of a report entitled 2000 Traumatic Fatalities Reported in Occupational Disease & Survivor Benefits Program (the Report), and asking the IPC to investigate. Enclosed with the letter was a copy of an e-mail and the Report, which he had received from one of the e-mail recipients. That same day, the Commissioner received a telephone call from the Minister of Labour (the Ministry) in respect of the same incident, assuring us of their intention to cooperate fully with our investigation. The IPC initiated an investigation under the Freedom of Information and Protection of Privacy Act (the Act) against the Ministry (PC-010013-1). On March 27, 2001, the IPC met with the Ministry’s Freedom of Information and Privacy Coordinator, and in the course of the discussions determined that the Report in question was a
- 3 - Workplace Safety and Insurance Board (WSIB) report. While the Minister of Labour has overall responsibility for WSIB, WSIB is a separate institution under the Act. Accordingly, on March 29, 2001 the IPC initiated an investigation involving WSIB (PC-010014-1), and met with some of WSIB’s senior staff. Both complaints are addressed in this report because the disclosure of the WSIB report involved both Ministry and WSIB staff. Further, there is considerable overlap in the events, relationships and actions taken. BACKGROUND OF THE INVESTIGATION (a) Sector Inter-Agency Groups WSIB – formerly the Workers Compensation Board – operates under the authority of the Workplace Safety and Insurance Act, 1997 (the WSIA) which focuses on safety and prevention in the workplace. In order to implement an integrated approach to reducing injuries and creating a safe environment in the workplace, WSIB and the Ministry have created new partnerships with Ontario health and safety associations, funded by WSIB, to provide training programs, products and services to the province’s employers and workers. These partnerships work through Sector Inter-Agency Groups (SIGs) to increase co-operation and communication between partners in the Ontario health and safety system to better integrate prevention strategies. The SIGs bring together sector-based representatives from the Ministry, WSIB, Human Resources Development Canada and various Health and Safety Associations. (b) Client Service Health and Safety Councils As part of its mandate, the Ministry of Labour has established regional Client Service Health and Safety Councils across the province. The mandate of these councils is to share information and expertise that will assist clients in achieving healthy and safe workplaces. Councils review the workplace injuries in particular sectors and geographical areas, share information, and work with those sectors to promote a safe workplace through prevention. Client Service Health and Safety Council members include representatives from the Ministry, WSIB, Safe Workplace Associations, the Workers Health and Safety Centre, the Office of the Worker Adviser, the Office of the Employer Adviser, the Occupational Health Clinics for Ontario Workers, and Human Resources Development Canada - Labour. At the centre of the disclosure in this investigation are two Councils: the Northwestern and the Northern. The Northern Council’s terms of reference state that it will “act as a resource forum by establishing partnership initiatives for the purpose of exchanging information and co-ordinate
- 4 - activities to enhance client service... and ... to focus on enhanced health and safety objectives for northern Ontario.” The Council’s terms of reference further state that “[c]lient confidentiality will be maintained at all times.” THE DISCLOSURES OF THE REPORT The Report was disclosed in two separate e-mail distributions, to a total of 65 addressees who were members of the Northwestern and Northern Councils. In turn, four of the addressees made further disclosures of the Report to other individuals. It is important to note that the Report is not generally available within WSIB. A hard copy of the Report is produced by and for the Occupational Disease and Survivor Benefits Branch in the Health Services Division, and a disc is provided to the Agility Program for the purpose of building a claims management system. WSIB’s Director of Forestry and Pulp and Paper Sectors in the Operations Division is responsible for the operational aspects of the WSIA which includes a new focus on prevention. He also represents WSIB as the Chair of the Health and Safety Council for Northwestern Ontario. The members on the Northwestern Council include another WSIB Director, a District Manager from the Ministry and his assistant, who performs secretarial functions. Other members include Health and Safety Councils from various sectors (for example, pulp and paper, transportation). (a) The First Disclosure At a Northwestern Council meeting in February, 2001, the WSIB Director, in his capacity as Chair, presented a report for discussion on workplace fatalities which occurred in two sectors (the bi-sectorial report). He had obtained the report from WSIB’s Provider Relations office in the Prevention Division. This division gathers statistical information and compiles reports for use in discussions and dissemination for promoting prevention and safety in the workplace. As is the usual practice, the bi-sectorial report which he received and presented was “sanitized”, meaning that it did not contain names, claim numbers, claim status or any other personally identifying information which could serve to identify the claimant. At the next meeting, the Chair was asked to obtain a full report, covering all the sectors across the province. The Chair requested the Report from a staff member in Provider Relations. As it turned out, Provider Relations does not normally receive this report, so the staff requested it from Agility. Once Provider Relations obtained the Report from Agility, it was sent to the Chair electronically. The Chair states that he opened the e-mail and scrolled through it to ensure that it included all sectors. The Chair assumed that all personal information would have been removed from the report prior to his receiving it from Provider Relations, and consequently did not check to ensure
- 5 - that the report had indeed been sanitized. He then forwarded the report electronically to the Ministry’s District manager’s assistant (the Northwestern Council secretary), asking her to distribute it with the minutes to all the members. The Northwestern Council secretary then forwarded the e-mail with the attached Report to the 30 members of the Council and to the secretary of the Northern Client Services Council. (b) The Second Disclosure The secretary of the Northern Client Services Council, in turn, forwarded the Report to the 35 members of the Northern Council. (c) Further Disclosures Four of the addressees provided the Report to other individuals. Issues Arising from the Investigation (A) Was the information disclosed in the Report “personal information” as defined in section 2(1) of the Act? (B) Was the disclosure of the personal information by the WSIB and the Ministry in compliance with section 42 of the Act? RESULTS OF THE INVESTIGATION Issue A: Was the information disclosed in the report “personal information” as defined in section 2(1) of the Act? Section 2(1) of the Act states, in part: “personal information” means recorded information about an identifiable individual, including,.... (c) any identifying number, symbol or other particular assigned to the individual, (h) the individual’s name where it appears with other personal information relating to the individual or where the disclosure of the name would reveal other personal information about the individual;
- 6 - I have reviewed the 15-page Report. It details 130 cases of workplace fatalities and includes the names, claim numbers, and dates of death of the claimants, the industry, the status of the claim, the name of the adjudicator and a summary of how the claimant died. The names of the deceased, claim number, date of death and status of the claim qualify as “personal information” under section 2(1) of the Act. Section 2(2) provides: Personal information does not include information about an individual who has been dead for more than thirty years. I note that the fatalities listed in the report occurred in the years 1999 or 2000 and, therefore, section 2(2) does not apply in the circumstances of this complaint. Conclusion A: The information disclosed in the Report was “personal information” as defined in section 2(1) of the Act. Issue B: Was the disclosure of the personal information by the Ministry and WSIB to the Councils in compliance with section 42 of the Act? Section 42 of the Act sets out a number of circumstances under which an institution may disclose personal information. None of these circumstances are present in these two cases. Accordingly, I find that the disclosures of personal information by both the Ministry and WSIB were not in compliance with the Act. The Ministry and WSIB also agree with this finding. While the disclosure was not in accordance with the Act, what makes this disclosure even more problematic is the format in which the personal information was disclosed. The electronic transmission of personal information can present a serious threat to privacy in ways not possible when the disclosure is made by hard copy. The number of potential recipients may be without limit. Fortunately, in this case, disclosure beyond the sixty-five e-mail addressees was limited, easily accounted for, and quickly contained. • In this office’s paper Privacy Protection Principles for Electronic Mail Systems, we note the following: e-mail systems should not be used for the purposes of collecting, using and disclosing personal information, without adequate safeguards to protect privacy; organizations should have formally documented e-mail policies; and users should receive proper training about security/privacy issues related to the use of e-mail. Conclusion B: The disclosure of personal information by the Ministry and WSIB was not in compliance with section 42 of the Act.
- 7 - SUMMARY OF CONCLUSIONS: In summary, I conclude that: • The information disclosed in the report was “personal information” as defined in section 2(1) of the Act. • The disclosure of personal information by the Ministry and WSIB was not in compliance with section 42 of the Act. STEPS TAKEN BY THE MINISTRY AND WSIB UPON LEARNING OF THE DISCLOSURES The Ministry stated that on the morning of March 21, 2001, it became aware of the open letter from the NDP to the IPC on the NDP’s website. It immediately took steps to identify the source and substance of the distribution, and to co-ordinate a retrieval and containment plan for the distributed information. Within hours, senior staff met to investigate the circumstances of the distribution and to plan the steps to ensure that all distributed information was retrieved and/or destroyed. The Minister contacted the IPC and offered the Ministry’s full co-operation if the IPC decided to investigate. The Ministry also established a sub-committee to advise on privacy issues related to communications, training and education, and re-design of activities if necessary. The Minister also contacted the Chair of WSIB who appointed the Vice-President of Policy and Research to co-ordinate and lead WSIB’s investigation, containment and retrieval activities. By the evening of March 21, both the Ministry and WSIB had begun the process of contacting each of the recipients of the two e-mail distributions. The recipients included Ministry and WSIB staff and the representatives from the Health and Safety Associations who sit on the two councils. The Ministry and WSIB obtained confirmation from each of the recipients that they had not further distributed the information, either electronically or in hard copy. The Ministry and WSIB retrieved any copies printed and obtained confirmation that the recipients had deleted the electronic copies which they received. Because some of the members sit on both the Northwestern and the Northern Councils, these individuals received more than one copy and the Ministry and WSIB obtained confirmation that the recipients had deleted or returned all the copies which they may have received. By March 22, the Ministry and WSIB were able to confirm that they had been successful in contacting all of the recipients and had ensured that all electronic copies had been deleted and all hard copies either retrieved or destroyed.
- 8 - On March 22, the Ministry obtained confirmation from the office of the NDP that their electronic copy of the report had been deleted and the paper copy shredded. On March 28, and March 30, the Ministry and WSIB respectively issued memos to all staff on Information Management issues, including the electronic transmission of personal information. I commend both the Ministry and WSIB for the immediacy of their responses to this disclosure, as well as for providing this office with their full cooperation during our investigation. Other Initiatives - WSIB WSIB explained that it has worked closely with the Ministry on the issues raised by this complaint and on the development programs to address the need for training and education. WSIB states that its President and CEO and the Deputy Minister of Labour have bi-weekly meetings; the issue of developing policies and practices on confidentiality will now be a regular agenda item at these meetings. There are also other regular monthly meetings between senior staff of WSIB and the Ministry and again, the issue of confidentiality will become a regular agenda item. WSIB provided this office with a copy of a memorandum dated September 22, 2000, addressed to all employees in the Lotus Notes training program, stating that due to security risks, claim information should not be transmitted by e-mail to any outside party. WSIB’s policy, effective January 10, 2001, refers to the fact that WSIB is subject to the Act, including all claims information, employment information and health-related personal and confidential information. WSIB states that it is aware of a major need for training and education for all of its staff in relation to privacy and security concerns when handling confidential information and in the use of technology and electronic transmission for business practices. With that in mind, it has established a committee to produce training materials geared toward its front line staff to ensure that privacy is not breached in the delivery of customer service. A video has been produced and supporting materials are in the process of being developed. In light of the complaint, WSIB states that it intends to expand the scope of the training video to incorporate the present fact situation, i.e. the appropriate sharing of information within WSIB and with its partners, including the Ministry and “the designated entities.” In addition, WSIB is undertaking the following initiatives: 1. Review of Business and Technology Processes: WSIB states that it is currently reviewing its business and technology processes. It is currently building an Enterprise Information Warehouse and the information related to WSIB’s prevention mandate will receive priority. WSIB states that it is cognizant of the need to address what
- 9 - information should be protected and what information can be shared with staff, clients and customers, its partners in prevention, and the Ministry. 2. Confidentiality Agreements In furtherance of its concerns relating to confidentiality of information and information sharing, WSIB states that it is in the process of preparing a confidentiality agreement to be signed by the Ministry and the Health and Safety Associations. WSIB has provided evidence that it has already entered into confidentiality agreements with SafeWorkplace Associations. It does not have confidentiality agreements with the Workers Health and Safety Centre (WHSC) and the Occupational Health Clinics for Ontario Workers Inc. (OHCOW). WSIB states that prior to this incident, no personal information has ever been shared with these two entities. WSIB has stated its intent to enter into confidentiality agreements with all of its partners, including WHSC and OHCOW. Where funding of these entities is provided by WSIB, confidentiality agreements, will become a condition of funding. WSIB states that while the issue of confidentiality has been discussed at times at meetings with the Ministry and the Health and Safety Associations, it intends to incorporate confidentiality as a standing item on the agenda. 3. Task Force on Privacy WSIB states that it will establish a task force headed by its Vice-President of Policy and Research with representatives from all the Divisions to develop recommendations for its Senior Management in the following areas: • an audit of WSIB’s information management practices; • the classification and security of confidential information and documents; • information sharing between WSIB staff and external clients, customers, providers, partners, and the public; • the use, storage, transfer and disposition of electronic information; • a review of the current policies regarding confidentiality including the Code of Ethics and E-mail and Internet Security policy; • staff training and education regarding WSIB’s obligations under the WSIA, the Act, the Ontario Health and Safety Act and WSIB’s policies. WSIB has indicated that the mandate, deliverables and timetable of the task force’s work will be developed by April 27, 2001, and that work on the above will be completed by September 30, 2001.
- 10 - 4. President to address all staff on the need to protect privacy WSIB has informed this office that on April 19, 2001, the President and CEO will begin a tour of all the provincial offices in an initiative known as “Spring Forward.” The CEO’s presentation will include a strong emphasis on the obligation to protect the privacy of personal information. Other Initiatives -- the Ministry The Ministry relies on the Management Board Secretariat Directives which address the issues surrounding the management of confidential documents and the electronic transmissions of such documents and, therefore, it does not have an e-mail policy of its own. The Ministry states that the Directives were circulated to all Ministry staff last summer. The Ministry states that information management initiatives are already underway and has provided information on the following: 1. Ministry-wide inventory of information management obligations The Ministry states that in January 2001, it undertook a Ministry-wide assessment of confidential document security which resulted in the establishment of a committee. This committee is headed by the Ministry’s Manager of Freedom of Information and Privacy. It shares information regarding best practices for handling confidential documents and is responsible for developing training and education materials for all Ministry staff. This review was circulated among senior managers to raise the profile of information management issues within the Ministry and will form the basis of work done by other working groups. 2. Sub-committees Sub-committees have already been established under the auspices of the Information Management/Information Technology Committee which works with all the program areas within the Ministry to ensure the security and confidentiality of information. The sub-committees include the following: 1. sub-committee on confidential document security led by the Manager of Freedom of Information and Privacy will share knowledge and best practices on handling confidential documents and will develop orientation and training for all Ministry staff; 2. sub-committee on information sharing led by staff from the Legal Branch and the Manager of Freedom of Information and Privacy, with representatives across the Ministry will work with WSIB and other Ministry partners to review information sharing practices to ensure compliance with the Act; this committee will also review Ministry practices and processes related to communications,
- 11 - correspondence and the Ministry website to ensure consistency with the requirements of the Act and will share information with staff on these issues; 3. sub-committee to ensure that the Ministry conducts privacy impact assessments for new information management initiatives, in accordance with the MBS guidelines; 4. sub-committee, led by the Director of Jobs Protection Office, is reviewing Ministry’s processes for the back-up, storage and retention of electronic information. 3. Privacy as a standing agenda item The Ministry states that it has placed the issue of the handling and security of confidential information as a standing agenda item on the Ministry’s Executive Committee meetings. The first such meeting was held on April 4, 2001. The Ministry has also made freedom of information and privacy issues a standing agenda item on the bi-weekly meetings between the President of WSIB and the Deputy Minister as well as the monthly meetings between the Assistant Deputy Ministers and WSIB’s Vice-Presidents. Information management and privacy issues are also now a standing agenda item for the Information Management/Information Technology committee. 4. Follow-up Audit The Ministry states that it has undertaken a follow-up audit to an earlier one conducted in 1997. The 1997 audit looked at a wide range of Ministry security procedures to ensure that confidential documents were properly protected. As a result of the audit, the Ministry implemented a number of improved security procedures including a clean desk policy, a documented security policy, the use of Medeco keys and access cards. 5. Orientation and Training The Freedom of Information and Privacy Office provides orientation and briefing to the Minister’s Office and Deputy’s Office staff on their appointment and as part of the orientation training to all new inspectors and field staff. The office also provides regular training on an ongoing basis. RECOMMENDATIONS In addition to their immediate efforts to contain the disclosure of the personal information at issue in this investigation, both the Ministry and WSIB have provided this office with detailed information about a number of ongoing and long-term initiatives which, when completed, should have a positive impact and far-reaching effects on the protection of privacy within their institutions. It is possible for both the Ministry and WSIB to further the goals of the Sector Inter-Agency Groups and the Health and Safety Councils by only sharing health and safety information in anonymized form, which has, in fact, been their past practice. In most cases,
- 12 - absent the name of the claimant and the WSIB claim number, the remaining information would be rendered sufficiently anonymous that it would lose its characterization as personal information. WSIB’s initiatives include the following: • Staff training • Review of business and technology processes • Confidentiality Agreements • Task Force on Privacy • President’s address to staff WSIB has provided this office with the dates on which it expects to complete or substantially complete each of the listed initiatives. The Ministry’s initiatives include the following: • Ministry-wide inventory of information management obligations • sub-committee on confidential document security (including orientation and training) • sub-committee on information sharing • sub-committee to ensure that the Ministry conducts privacy impact assessments for new information management initiatives • sub-committee to review Ministry’s processes for the back-up, storage and retention of electronic information • Follow-up Audit The Ministry has indicated that the inventory of its information management obligations was commenced in December, 2000 and completed in January, 2001. The Ministry has also provided this office with the completion dates for each of these projects. In view of the above, my recommendations at this time are that both the Ministry and WSIB commit to ensuring that such errors do not occur in future and provide the Office of the Information and Privacy Commissioner with an update on the status of their initiatives, as outlined in this report under the heading “Other Initiatives,” no later than August 20, 2001. I further recommend that the Ministry and WSIB provide this office with final reports upon the completion of all of their initiatives, no later than September 30, 2001. Original signed by: Ann Cavoukian, Ph. D. Date Commissioner
You are being directed to the most recent version of the statute which may not be the version considered at the time of the judgment.