The Privacy Governance and Accountability Framework applies to all McMaster University faculty, staff and student employees when handling personal information or personal health information on behalf of the institution.  The Framework sets out the accountabilities for ensuring that all individuals involved in the management and day-to-day operations of McMaster University are in compliance with FIPPA, and with PHIPA, their associated regulations and the privacy policies, procedures and practices set out by McMaster University.  The Privacy Program includes the following policies:

• Privacy Governance and Accountability Framework
• Privacy Breach Protocol
• Policy for the Handling of Personal Information
• Portable Storage and Mobile Devices Policy– REVISED– effective July 1, 2017
• Background Check Policy – Students/Alumni– REVISED– effective July 1, 2017
• Electronic Mail (E-mail) Protocol for Personal Information (PI) and Personal Health Information (PHI)– REVISED – effective July 1, 2017
• Policy for the Handling of Personal Health Information (PHI)
• Policy on Access to Personal Health Information (PHI)
• Policy on Correction of Personal Health Information (PHI)
• Guideline for Verifying Identity for Formal Correction of Personal Health Information (PHI)NEW – effective July 1, 2017
• Guideline on Obtaining Consent re Personal Health Information to be Transmitted viaEmail (PHI) NEW – effective July 1, 2017
• Lock Box Protocol for Personal Health Records (PHI)NEW – effective July 1, 2017

Please visit Privacy at McMaster website to find more information regarding the Freedom of Information and Protection of Privacy Act (FIPPA), the Personal Health Information Protection Act (PHIPA), the Canadian Anti-Spam Legislation (CASL), McMaster’s Privacy Governance and Accountability Framework, as well as privacy tools and resources.