For the Protection of Personal Information
It is the policy of the Royal Canadian Mounted Police Veterans’ Association (RCMPVA) to respect and safeguard the privacy of our members. While the RCMPVA does not engage in activities of a commercial character, we are committed to protecting the privacy and confidentiality of personal information in a manner consistent with the following Principles.
PRINCIPLE 1 – ACCOUNTABILITY
An Association is responsible for personal information under its control and shall designate a Director or Directors as Privacy Compliance Officers who are accountable for the Association’s compliance with the following principles.
PRINCIPLE 2 – IDENTIFYING PURPOSES
The purposes for which personal information is collected shall be identified by the Association at or before the time the information is collected.
PRINCIPLE 3 – CONSENT
The knowledge and consent of the member are required for the collection, use, or disclosure of personal information, except where inappropriate.
PRINCIPLE 4 – LIMITING COLLECTION
The collection of personal information shall be limited to that which is necessary for the purposes identified by the Association. Information shall be collected by fair and lawful means.
PRINCIPLE 5 – LIMITING USE, DISCLOSURE, AND RETENTION
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfillment of those purposes.
PRINCIPLE 6 – ACCURACY
Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
PRINCIPLE 7 – SAFEGUARDS
Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
PRINCIPLE 8 – OPENNESS
An Association shall make readily available to members specific information about its policies and practices relating to the management of personal information.
PRINCIPLE 9 – INDIVIDUAL ACCESS
Upon request, a member shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information. A member shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
PRINCIPLE 10 – CHALLENGING COMPLIANCE
A member shall be able to address a challenge concerning compliance with the above principles to the Privacy Compliance Officer.
These Principles apply to the Royal Canadian Mounted Police Veterans’ Association not only as an organization but also to each individual member, prospective, or past member as a condition of membership or association with the Royal Canadian Mounted Police Veterans’ Association, with respect to the Personal Information of other members.
Policy for the Collection, Use and Disclosure of Personal Information
1. The Royal Canadian Mounted Police Veteran’s Association (RCMPVA) – PRIVACY CODE
· The Royal Canadian Mounted Police Veterans’ Association (RCMPVA) adheres to and abides by the principles set out in the RCMPVA – Privacy Code. All members and volunteers associated with this Association must sign an acknowledgement that they will comply with the requirements of the Code.
· Other persons, Associations or organizations who act for, or on behalf of, the RCMPVA are also required to comply with the principles and the Policy and will be given restricted access to personal information solely to perform the services provided for the RCMPVA.
2. The Policy Statement
· It is the policy of the Royal Canadian Mounted Police Veterans’ Association (RCMPVA) to respect and safeguard the privacy of all members. While the RCMPVA does not engage in activities of a commercial character, we are committed to protecting the privacy and confidentiality of personal information in a manner that meets or exceeds the requirements of Federal and Provincial privacy laws.
· This Policy Statement applies to the RCMPVA not only as an organization but also to each individual member, prospective, or past member as a condition of membership or association with the RCMPVA, with respect to the Personal Information of other members.
· The RCMPVA only collects personal information about members necessary to process membership, collect dues, enforce its By-laws and generally effectively provide services to the Association.
3. The Privacy Compliance Officer
The Royal Canadian Mounted Police Veteran’s Association (RCMPVA) has appointed the serving elected Executive Officer as the person/position responsible for privacy compliance in this Association. His/her name shall be made available to members. The responsibilities of the privacy compliance officer shall include:
· Establish and update information protection policies.
· Ensure policies are implemented by other Associations and/or third parties to which Information is exchanged.
· Establish criteria for classification of information.
· Evaluate the accessibility of sensitive information and take corrective action where necessary.
· Provide education to members on the importance of information protection.
· Attempt to resolve member privacy complaints to the satisfaction of the member.
4. The Collection, Use and Disclosure of Personal Information
· No personal information shall be collected from a member without first obtaining consent to the collection, use and dissemination of that information.
· Expressed consent (oral or written) must always be obtained except in the following situation.
· Consent may be implied where the information is not sensitive and where it can be reasonably assumed that the individual would expect the information to be disclosed in this fashion.
· Once information is collected, it will be used and disclosed only for the purposes disclosed to the individual.
· Application forms prepared by the Association for use by members shall contain the clauses approved by the directors by which the member authorizes the collection, use and disclosure of personal information.
5. Disclosure for New Purpose
· Anyone using personal information for some new purpose that extends beyond the consent already provided must obtain the express consent of the member for that use.
· Requests for information by law enforcement officials, lawyers, private investigators or other agents or subpoenas for documents issued by the court must be referred to the Board of Directors.
6. Protecting Information
· Information must be protected in a manner commensurate with its sensitivity, value and criticality. This policy applies regardless of the media on which information is stored, the locations where the information is stored, the systems used to process the information, or the processes by which information is handled.
· Mail, email and faxes must be routed directly to the intended recipient.
· Information should be available to other persons in the Association only on a need-to-know basis.
· Filing cabinets designated by the Association to contain personal, including sensitive, information is to be kept secured at all times.
· All Board Directors, Volunteers and Members will keep all Association files secure.
7. Accuracy of Information
To ensure the quality of the information collected:
· Insofar as possible, personal information about members should be collected directly from the member.
· Disclaimers of accuracy should always be attached to any disclosure of information and on all Association data.
8. Access to Personal Information
· The Privacy Compliance Officer is responsible for responding to access requests and all such requests will be referred to him or her.
· All members will co-operate fully with the privacy compliance officer in responding to requests.
· On written request and appropriate identification satisfactory to the Association, an individual will be advised of personal information about him/her retained in the Association’s records.
· Where information cannot be disclosed (for example the information contains reference to other individuals or is subject to solicitor-client privilege) the individual will be given reasons for non-disclosure.
· An individual may have appended to a record any alternative information where the office is of the view that the appended information is, in fact, correct.
· Any complaints from an individual concerning the collection, use or disclosure of their personal information or concerning the individual’s ability to access their personal information must be referred to the privacy compliance officer, who will attempt to resolve the complaint to the individual’s satisfaction.
· In the event the complaint cannot be resolved internally to the member’s satisfaction, he or she will be advised of where to direct the complaint.
For further Information contact the Privacy Compliance Officer(s) at:
RCMPVA Executive Officer