Affichage de 15 sur 546 résultats
| Order Numbers | Type | Collection | Adjudicators | Date Published | |
|---|---|---|---|---|---|
| MO-4548 | Order | Access to Information Orders | Alec Fadel | En savoir plusExpand | |
The municipality received a request under the Act for records relating to its mandatory vaccination policy. This appeal deals with part 3 of the request for access to meeting dates and documents of closed door meetings of its Council that discussed the mandatory vaccination policy. Ultimately, the municipality claimed the responsive record was excluded from the Act by section 52(3)3 (labour relations and employment-related information) and, in the alternative, it claimed the record was exempt by section 6(1)(b) (closed meeting). At mediation, the appellant also raised the issue of scope and the municipality’s search for responsive records. In this order, the adjudicator finds that the record is not excluded from the Act by section 52(3)3 but finds that the exemption at section 6(1)(b) applies to the information. He also finds that the municipality’s search for responsive records was reasonable and dismisses the appeal. |
|||||
| PHIPA DECISION 257 | Decision | Health Information and Privacy | Anna Kalinichenko | En savoir plusExpand | |
The complainant made a request under the Act for access to her and her child’s charts. The custodian charged the complainant $30 for each chart. The complainant’s request to the custodian to waive the fees was denied. As a result, the complainant filed a complaint under the Act with respect to the amount of the fee and the custodian’s decision not to waive the fee. |
|||||
| PO-4529 | Order | Access to Information Orders | Lan An | En savoir plusExpand | |
An individual made two requests to the ministry. One request was for access to a named company’s application to receive funding from the ministry’s Skills Development Fund (SDF) to operate a training program for Home Support Workers and the other request was for a related agreement between the named company and the ministry. The ministry issued a decision on each request granting access, in part, to the SDF application and the agreement, relying on section 17(1) (third party information) to withhold some information. The named company appealed the decision on the basis that section 17(1) applies to the information the ministry is prepared to disclose. In this order, the adjudicator finds that the information remaining at issue is not exempt under section 17(1). She orders the ministry to disclose the information in accordance with its revised decisions and dismisses the appeal. |
|||||
| MO-4546 | Order | Access to Information Orders | Chris Anzenberger | En savoir plusExpand | |
The appellant was the victim of fraud, losing a large amount of money when he transferred Bitcoin to another individual under false pretences. The police conducted an investigation but did not have enough information to proceed with criminal charges. The appellant received an occurrence report under the Act with an individual’s information withheld under section 14(1) (personal privacy). He appealed the police’s access decision, stating that he required this information to recover the lost money. |
|||||
| MO-4547 | Order | Access to Information Orders | Jessica Kowalski | En savoir plusExpand | |
The appellant asked the City of Ottawa for information about amendments to a by-law. The city granted access to some information. The appellant asked for more information at mediation that the city says went beyond the scope of the original request. The adjudicator finds that the new details are outside the scope of the original request and that the city was not required to search for additional records based on the new information. She dismisses the appeal. |
|||||
| PO-4528 | Order | Access to Information Orders | Marian Sami | En savoir plusExpand | |
Toronto Metropolitan University (which was previously called Ryerson University) received a request under the Act for briefs or communications made to it during a public engagement period relating to Egerton Ryerson. After the appellant received disclosure of the responsive emails (without identifying details), she raised the issue of reasonable search. In this order, the adjudicator upholds the reasonableness of the university’s search and dismisses the appeal. |
|||||
| MO-4544 | Order | Access to Information Orders | Anna Kalinichenko | En savoir plusExpand | |
The township received a request under the Act, in part, for a report that was discussed at a closed session of the township council. The township relied on section 6(1)(b) of the Act to deny access to the report on the basis that it revealed the substance of deliberations of the closed session. In this order, the adjudicator upholds the township’s decision. |
|||||
| MO-4545 | Order | Access to Information Orders | Katherine Ball | En savoir plusExpand | |
The Toronto Transit Commission (the TTC) received a multi-part request under the Act for records relating to its investigation into the requester’s complaint and to information about transit fare enforcement and revenue. The TTC granted partial access to responsive records, withholding portions on the basis of the exemptions in sections 14(1) (personal privacy) and 38(b) (discretion to refuse requester’s own information) of the Act. The TTC denied access to the investigation file claiming the exclusion in section 52(3)3 (employment or labour relations). In addition, the TTC stated that other requested records did not exist. The requester appealed the TTC’s decision to pursue access to the withheld information and records and stated that additional records ought to exist. |
|||||
| MO-4543 | Order | Access to Information Orders | Marian Sami | En savoir plusExpand | |
The City of Kawartha Lakes (the city) received a request under the Act for all city expenses over $1,000 over three and a half years. The city determined that it had reasonable grounds to consider the request as frivolous or vexatious under section 4(1)(b) of the Act. In this order, the adjudicator upholds the city’s decision, and dismisses the appeal. |
|||||
| PHIPA DECISION 256 | Decision - PHIPA | Health Information and Privacy | Justine Wai | En savoir plusExpand | |
An individual asked the appointed guardian of her late doctor’s medical records (the custodian) for access to her complete medical records. While the custodian originally claimed he found the individual’s medical records, he later said he did not find any. In this interim decision, the adjudicator finds the custodian did not conduct a reasonable search for the individual’s medical records and orders him to conduct another search. |
|||||
| PO-4527 | Order | Access to Information Orders | Jessica Kowalski | En savoir plusExpand | |
The appellant sought access from the WSIB to records relating to his claims. The WSIB granted partial access, withholding information from one of 17 responsive records because it contains another individual’s personal information. The appellant challenges the WSIB’s claim that the withheld information is exempt and claims that the WSIB narrowed the scope of his request, resulting in a restricted search for responsive records. The adjudicator finds that the WSIB’s clarification of the request and its search for responsive records were reasonable and that the withheld information at issue is exempt under the discretionary personal privacy exemption in section 49(b). She dismisses the appeal. |
|||||
| MO-4541 | Order | Access to Information Orders | Meganne Cameron | En savoir plusExpand | |
The appellant sought access to records related to investigations conducted by the Thunder Bay Police Services Board (the board). The board withheld some of the responsive records pursuant to the law enforcement and personal privacy exemptions, and the labour relations exclusion, in the Municipal Freedom of Information and Protection of Privacy Act (the Act). The appellant appealed the access decision to this office, and also challenged the reasonableness of the board’s search. |
|||||
| MO-4542 | Order | Access to Information Orders | Steven Faughnan | En savoir plusExpand | |
The appellant made a request under the Act to the Halton Regional Police Services Board (the police) for records revealing inquiries made about him by all police services across Canada on several identified law enforcement databases. The police took the position that they do not have custody or control over the information sought by the appellant. In this order, the adjudicator finds that while the police do not have custody or control over records relating to whether officers or employees of other police services made inquiries about the appellant on the identified databases, they have custody or control over records, if they exist, regarding whether their own officers or employees accessed those databases in relation to the appellant. The adjudicator orders the police to conduct a search for records relating to inquiries made about the appellant on the identified databases by their own officers or employees and to issue a decision on access to the appellant. |
|||||
| CYFSA Decision 19 | Decision | Child, Youth, and Family Information and Privacy | Jenny Ryu | En savoir plusExpand | |
In February 2022, the respondent Halton Children’s Aid Society (CAS) was the subject of a ransomware attack. While the CAS’s investigation did not find any evidence that the threat actor had accessed or exfiltrated any data stored in the CAS’s environment, it found that the threat actor had encrypted several CAS servers, including those containing personal information. The IPC initiated a review of the matter under Part X of the Child, Youth and Family Services Act, 2017 (CYFSA). Section 308(2) of the CYFSA sets out a duty on service providers like the CAS to notify individuals at the first reasonable opportunity if their personal information is stolen, lost, or used or disclosed without authority. The CAS asserts that because the ransomware attack targeted its servers at the external or “container” level, the attack did not “individually impact” file folders and files of personal information held inside the encrypted containers. The CAS takes the position that the encryption event did not result in a theft, loss, or unauthorized use or disclosure of personal information within the meaning of section 308(2), and that the duty to notify does not apply. In this decision, the adjudicator finds that the threat actor’s encryption of CAS servers at the container level affected the personal information in those servers, by making that personal information unavailable and inaccessible to authorized users. The ransomware attack resulted in both an unauthorized use and a loss of personal information within the meaning of section 308(2). As a result, the CAS had a duty to notify affected individuals “at the first reasonable opportunity” of the incident. After taking into account relevant circumstances, including the evidence of diligent efforts by the CAS to contain and to mitigate the risks of the privacy breach, the adjudicator finds that the notice requirement can be met in this case through the posting of a general notice on the CAS’s website, or another form of indirect public notice. The adjudicator orders the CAS to provide this notice within 30 days of the date of this decision. |
|||||
| PHIPA DECISION 255 | Decision - PHIPA | Health Information and Privacy | Jenny Ryu | En savoir plusExpand | |
In July 2022, the respondent Simcoe Muskoka District Health Unit (SMDHU) was the subject of an email phishing attack. As a result of the attack, a threat actor gained access to one SMDHU email account containing approximately 20,000 emails, including about 1,000 emails containing personal health information. SMDHU reports that the threat actor’s access to the compromised email account was limited to one hour, and that its forensic analysis found no evidence that the threat actor viewed, downloaded, copied, sent, forwarded, or removed any emails while in the compromised account. |
|||||