THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT 1

The Freedom of Information and Protection of

Privacy Act
Chris Todoruk and Melanie Gamache
March 14, 2016

Table of Contents
Part 1: Overview of the Statute.................................................................................. 2
1. Access to Information and Exceptions to Disclosure.........................................3
2. Collection, Correction and Retention of Personal Information (section 36).......3
3. Restrictions on Use and Disclosure of Personal Information..............................4
4. The Ombudsman, Adjudicator, and Complaints................................................4
Part 2: Critical Analysis............................................................................................... 4
1. Exclusion of Teaching Materials.........................................................................4
2. Use or Disclosure of Information.......................................................................5
3. Information Management..................................................................................5
4. Student Information.......................................................................................... 6
Part 3: Implications..................................................................................................... 6
1. Teaching Materials............................................................................................ 6
2. Use and Disclosure of Information....................................................................6
3. Information Management..................................................................................7
4. Student Information.......................................................................................... 7
References.................................................................................................................. 8
THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT 2

Part 1: Overview of the Statute

The Freedom of Information and Protection of Privacy Act (FIPPA) is a
Manitoba law that was enacted on June 28, 1997 and came into force May 4, 1998
for the purpose of allowing people to access records under the control of a public
body, both pertaining to themselves or others, to control how personal information
is used or disclosed, as well as to provide a process to review actions, decisions and
complaints regarding inappropriate use and disclosure of personal information by a
public body. It was significantly amended as of January 1, 2011.
In short, FIPPA administers access to information held by public agencies and
sets out stringent guidelines that these agencies must follow to protect the privacy
of personal information.
The Act provides a number of terms of references, but for the purposes of this
course and this discussion as it relates to education, the terms of reference to note
are:
Adjudicator- a person who impartially decides or resolves a dispute or
controversy
Educational body - a school division or school district or a college or
university
Employee - a person who performs services for the public body
Head - the person or group of persons designated as the head of the public
body
Information manager - a person or body that processes, stores, or destroys
personal information and provides information management or information
technology services to a public body.
Local public body - an educational body
Ombudsman a person (such as a government official or an employee) who
investigates complaints and tries to deal with problems fairly
Personal information - recorded information about an identifiable individual
include name, address/phone number/email, age, sex, sexual orientation,
marital/family status, ancestry/race/colour/nationality/ethnic origin, religion or
association, personal health information, blood type, fingerprints or
hereditary characteristics, political beliefs or association, education,
employment, occupation (or any of those histories), source of income,
finances, criminal history, personal views or opinions (unless theyre about
another person), views expressed about the individual by another person, or
an identifying number or symbol.
Record - includes information that is written, photographed, recorded or
stored in any manner.
FIPPA applies to all records, but there are several records to which this Act does
not apply. For our purposes, it does not apply to records pertaining to those of
judicial administration, MLAs, incomplete inquests, Credit Union records or
teaching materials or research information of an employee of an educational
institution or a question that is to be used on an exam or test. (p. 10). Additionally,
this act is superseded by:

The Personal Health Information Act

THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT 3

The Adoption Act (section 99)

The Child and Family Services Act (section 86.1)
The Mental Health Act
The Securities Act (section 154.1)
The Statistics Act (subsection 9(4))
The Vital Statistics Act (section 49.1)
The Workers Compensation Act (section 116)

1. Access to Information and Exceptions to Disclosure

The Act determines that anyone has access to their own personal
information, and in some cases information about others. To request information,
the applicant would contact the public body in writing and making the request. The
request will either be approved, in which case the individual will be made a copy or
allowed to view the records, or will be denied, in which case an explanation for the
denied access will be provided. Denied access may occur if the request is
considered an unreasonable invasion of privacy, which includes personal
information, or information that may cause harm or identification of a 3rd party,
harm to the individuals or the publics safety, or is related to some testing
procedures, tests, and audits. This unreasonability would be determined by the
head of the public body. Information that is provided in confidence may not be
disclosed either, but that decision is also determined by the head of the public body.
An applicant for information can appeal a denied decision to an Ombudsman.
Under FIPPA, any individual can request access to information. Once the
request is received, the FIPPA designate of the school division must disclose the
information unless it falls under one of FIPPAs exceptions. The designate does have
the ability to deny disclosure of materials to an individual or party if it falls under
one of these exceptions:
FIPPA has three mandatory exceptions regarding school divisions.
Privacy of a third Party (Section 17)
Business Interests of Third Parties; and
Information provided in confidence by another government to a local
public body (section 20).

There are also twelve discretionary exceptions (Sections 21-32)

Information affecting intergovernmental relations;

Local public body confidences (Section 22);
Advice to a local public body;
Individual health or safety or public safety (Section 24)
Law enforcement matters (Section 25)
Security of property;
Solicitor-client privilege;
Economic and other interests of a local public body;
Testing procedures, tests and audits;
Confidential evaluations;
Preservation of heritage resources and life forms; and
THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT 4

Information that is or will be available to the public.

If disclosure of this material would expose damage to the party, either physical or
emotional, or if it was obtained in confidence, then the information cannot be
shared. (Seven Oaks School Division, 2003, p. 5)

2. Collection, Correction and Retention of Personal Information

(section 36)
Information can only be collected and retained if the information relates directly
to and is necessary for an existing program or activity, to accomplish the purpose
for which it is collected, or for the purpose of determining suitability for an honour
or award. In all cases, individuals must be informed of the purpose for the
information to be collected and provided contact information in case of questions.

3. Restrictions on Use and Disclosure of Personal Information

Personal and collected information can only be used for the reason it was
collected in the first place, if the individual consents to its use, and if that
information is pertinent to performing duties, delivering a program or activity,
determining eligibility for a program or service, for the purpose of evaluating,
monitoring, or maintaining a service, or when it is necessary to protect the mental
or physical health or safety of any individual or group of individuals. Use or
disclosure of personal information must be limited to the minimum necessary to
accomplish a purpose and to those who need to know to carry out the intended
purpose (section 42).
An information manager can have access to personal information for processing,
storing, or destroying it. This person must enter a written agreement to provide for
the protection of the personal information against unauthorized access, use,
disclosure, destruction or alteration.
Fun Fact:
In Section 48 of FIPPA, the head of a public body or archive may disclose
personal information in a record that is more than 100 years old.

4. The Ombudsman, Adjudicator, and Complaints

If an individual has a complaint about access, use, or disclosure of information,
that individual may make a complaint to the Ombudsman, who has the authority to
consider and investigate the complaint. The Ombudsman may take any steps he or
she considers necessary to resolve the issue but may also decide not to further
investigate a complaint deemed trivial or if no investigation is required. The
Ombudsman will contact the head of the public body and when a response is given,
will also contact the complainant. Recommendations will be made by the
Ombudsman on how the matter should be resolved. These recommendations must
be made public (i.e. published on a website).
An adjudicator may be asked to review the case by the Ombudsman if the public
body does not agree or comply with the recommendations. In this review of a
decision, the burden of proof falls on the head of the public body to prove that the
applicant has no right of access to the record or part. (p. 71). The adjudicator will
THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT 5

public the orders to the head of the public body after the review is complete. If the
head appeals for judicial review, the adjudicator's order remains until the court
deals with the application.
In the case of the judicial review, the burden of proof remains of the head of the
public body, but depending on the case, it may fall to the applicant or a 3rd party.
The decision of the court is final and binding and there is no appeal from it. (p.
78).

Part 2: Critical Analysis

1. Exclusion of Teaching Materials
Manitoba school divisions, schools, and individual classrooms must comply with the
provisions and regulations set out in FIPPA. It is clear that FIPPA applies to all
records and personal information collected and under the control of the school
division and school but Section 4(g) indicates FIPPA does not apply to teaching
materials or questions used on an exam or test. This amendment was created to
protect the intellectual property of those responsible for developing and teaching
courses, (Western University, 2006, para. 21) however, in a public school, when
teaching materials are created during the school day, using school facilities
(including a computer or network), those teaching materials are the property of the
school division. As such, individuals cannot control the use or disclosure of these
materials like personal information.

2. Use or Disclosure of Information

The Act determines that information can be used and disclosed as it relates
to programming or services. Schools and teachers are required, by law, to provide
appropriate programming to all students. When testing reveals physical or
psychological impediments, that information must be disclosed as it relates to
educational programming. There is some information, however, that should not be
disclosed to teachers or support staff if it doesnt relate to appropriate
programming. This may be somewhat subjective as the amount and type of
information to relate to teachers as appropriate has to be a decision made by an
individual or a group of individuals speaking on behalf of the student.
Administration and student services teams must be careful about the type and
amount of information that is appropriate to reveal to teachers in order to provide
appropriate programming without compromising the protection of the students
personal information. This act is superseded by the Personal Health Information Act
and the Mental Health Act so information that may be disclosed under this act may
be restricted under those acts.
FIPPA legislation applies to all Manitoba school divisions, schools, and
individual classrooms. It is the right of the individual to access personal records and
school divisions must comply with the provisions and regulations set out in FIPPA
and adhere to any reasonable requests made by the individual. Parents and
students have access to the personal information that is managed and maintained
at a school or school division. Parents and guardians can request access until their
child reaches the age of majority, at that time, the consent of the student is
THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT 6

required. They may ask to access grades, student work, exams or tests, or files that
pertain to the student. According to FIPPAs purpose, that access is allowed, but can
also extend to emails or anecdotal records that teachers, administrators, or other
employees may make about students. This includes any records stored in any form;
including electronic. Within a classroom, all personal information about individual
students must remain confidential including grades, assessments, student needs,
programming, and attendance.
A students personal information including contact information provided for
the purpose of field trips or extracurricular activities may be shared only with other
individuals as needed for the purpose of the activity. This may include an
information manager at the school, school division office, and bus driver. Parents
must be informed if the information is provided to more than one party for the
purpose of the activity.
Employee personal information is confidential but can be accessed by the
employee. That includes personal files but may not include information that was
provided in confidence about the employee.

3. Information Management
Section 41 of FIPPA requires that the information manager, which may be a
secretary at the school or Secretary Treasurer or Superintendent of the school
division, take measures of security to ensure the protection of student information.
Files and records about students or employees must be protected against
unauthorized access, use, disclosure, or destruction. Individuals who are in charge
of managing this information must clearly understand this security and protection.

4. Student Information
The Public School Act dictates that every Manitoba school division have a pupil file
that contain attendance, academic achievement and other related matters in the
possession or control of a school board (Seven Oaks School Division, 2003, p. 1). A
student record may contain up to three sections: cumulative file, pupil support data,
and potentially, young offender information. All the information on the student that
is documented is in care of the school division. This information now falls under the
authority of FIPPA.

Part 3: Implications
1. Teaching Materials
FIPPA does apply to all records in the control of the school board but does not apply
to teaching materials, research information, or questions on tests/ examinations.
However, when teaching materials are created during the workday, using school
infrastructure, those teaching materials now become property of the school division.
Therefore, educators cannot control the materials like personal information. The
complication occurs when teachers who wish to publish their teaching material on
an open marketplace for the purpose of monetary gain. Teachers who may publish
their teaching materials for sale or distribution may need authorization from the
school division to do so or face disciplinary action.
THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT 7

Another concern is that teachers may not want to share or collaborate to create
resources at school; a large part of a schools professional learning community, if
they wish to sell their materials. Teachers now may not want to share their
expertise and resources if they risk not being able to share it on an open
marketplace. Instead of the culture of sharing that defines the teaching profession,
teachers may now be driven by potential profits. While this does relates to FIPPA, it
may be a larger issue school divisions and educators face in the future.

2. Use and Disclosure of Information

Administration and student services teams must disclose only the information
that is pertinent to offer appropriate programming and support in a classroom, but
they must be sure to include enough information so teachers may understand the
full breadth of the concern. In turn, teachers must keep that information
confidential (including paper and electronic records) to ensure the integrity and
privacy of the students. Student evaluations must be held confidentially including
during report card distribution.
During report card distribution, parental consent must be given for someone
else to pick up (or obtain a copy) of the report card. Emails or other
correspondence that use student names, must remain confidential at all times,
whether they are password protected or stored in locked files. Additionally, no
student grades or evaluations can be posted, read out, or disclosed publically.
Educators need to be cognizant of how they grade work and how they distribute
graded work. No longer is it acceptable for students to grade each others work in
which students trade their assignments and go over it while the teachers calls out
answers. It is also not acceptable to have students hand out one anothers work or
have a pile of students work where they could pick up their assignments as this
would be in breach of FIPPA. Teachers should also be careful about indicating if
class groupings are the product of evaluation so as to not identify student
achievement or lack thereof. Lastly, educators need to be aware of their comments
or feedback provided on students work. It is advised that educators provide
feedback to students not on the front of assignments, but instead on the inside
cover. This way, students privacy would not be hindered and confidentiality will be
maintained. (Seven Oaks School Division, 2003, pp. 2-7).

3. Information Management
Sometimes information is in an office or on a desk where an unauthorized
user may view or have access to it. It is important that all individuals in a school
understand the legal implications of unsecured information and work to maintain
the protection of these records together. School divisions often have employees sign
contracts that they will adhere to the policies of the division and in those policies
are specific sections relating to the access, use, disclosure, and destruction of
personal information records.

4. Student Information
The collection and protection of student information is of the upmost importance
for school divisions. The students record may contain up to three sections:
cumulative file, pupil support data, and potentially, young offender information.
Regarding Student Information, FIPPA has jurisdiction because the file
contains personal information defined as any recorded information about an
THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT 8

identifiable individual (Seven Oaks School Division, 2003, p. 2), but PHIA also has
authority over the health information of the file.
Regarding the Pupil Support File, it is covered by both FIPPA and PHIA. This
information may be stored in more than one location. This information should be
kept separate from both the cumulative and young offender files. (Seven Oaks
School Division, 2003, p. 3)
The Young Offender File is only needed when transferred by the courts or by a
worker. This file is covered by the Young Offenders Act and not FIPPA, and must be
kept separate from other files. The principal should be responsible for this file. If
the student is transferred, this file is destroyed as the courts or the worker is
responsible for communicating any information to the new school. (Seven Oaks
School Division, 2003, p. 5)
All recorded information regarding students is the responsibility of the
division. All personal information falls under the jurisdiction of FIPPA. Any health
information or Young Offender file comes under PHIA or the YOA.
THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT 9

References
Western University. June, 2006. University Secretariat. Retrieved March 10, 2016
from http://www.uwo.ca/univsec/privacy/fippa_basics.html
Seven Oaks School Division. June, 2003. Student Records Policy. Retrieved March
12, 2016 from
https://www.7oaks.org/Governanceleadership/boardoftrustees/Policies/Policies
%20Section%20J/jr.pdf