Purpose

The Freedom of Information and Protection of Privacy Manual is a general guide to the Freedom of Information and Protection of Privacy Act (FIPPA) and the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) and administration of these Acts.

The manual combines policy and operational guidance to help Freedom of Information and Privacy Coordinators and their staff:

  • Understand the general framework of the legislation;
  • Interpret the legislation and regulations;
  • Meet administrative and operational requirements; and
  • Be aware of best practices for institutions.

The manual also provides information to the general public on how the legislation is administered within institutions.

This manual does not provide guidance on the application of the Personal Health Information Protection Act.

Audience

The primary audience for the manual is provincial and municipal Freedom of Information and Privacy Coordinators and their staff.

The manual is also intended to be an information resource for the general public.

Use of the manual

Coordinators should use the manual with an up-to-date version of the applicable legislation and regulations available through e-laws. There may be sections of the legislation and regulations that are not covered in the manual.

The manual is not meant to provide legal advice. For legal advice, Coordinators should work with Legal Counsel.

Whom to contact

Coordinators and the general public may contact staff in the Information, Privacy and Archives Division of the Ministry of Public and Business Service Delivery and Procurement (MPBSDP) about the manual and more information regarding access to information and protection of privacy in Ontario.

Coordinators and the general public may contact the Information, Privacy and Archives Division staff by telephone at 416-327-1600 or Toll-free: 1-800-668-9933 (toll-free in Ontario only). You may also send inquires by email to access.privacy@ontario.ca.

Related resources

Related resources from the Office of the Information and Privacy Commissioner of Ontario (IPC) are listed at the end of each chapter.

The appendices to this manual include forms, templates, and letters that may be used and adapted by Coordinators for use in their offices.

The manual includes hyperlinks to the relevant sections of the legislation, IPC documents, other resources, other parts of the manual, and its appendices.

Glossary

In this manual:

“Case law” means decisions issued by the Courts;

“Coordinator” means any provincial or municipal freedom of information and protection of privacy coordinator or equivalent or that person normally performing the role of the freedom of information and protection of privacy coordinator;

“Exception” means types of records or information that do not qualify for an exclusion or exemption under FIPPA or MFIPPA;

“Exclusion” means a provision under FIPPA or MFIPPA which excludes records or parts of records from the application of the legislation;

“Exemption” means a provision under FIPPA or MFIPPA which exempts records or information from the general right of access;

“Head” means the head of an institution as defined by FIPPA and MFIPPA;

“Institution” means an institution as defined by FIPPA and MFIPPA;

IPC” means the Office of the Information and Privacy Commissioner of Ontario;

“Legal Counsel” means Legal Counsel assigned to support an institution;

“Legislation” means both FIPPA and MFIPPA and their regulations in instances where the laws are similar; FIPPA and MFIPPA are referred to individually where the laws are different;

“Manual” means the Freedom of Information and Protection of Privacy Manual;

MPBSDP staff” means staff in the Enterprise Recordkeeping, Access and Privacy Branch; Information, Privacy and Archives Division of the Ministry of Public and Business Service Delivery and Procurement;

MPBSDP Legal Counsel” means Legal Counsel in the Access and Privacy Law Group, Ministry of Public and Business Service Delivery and Procurement;

“Privacy breach” means an incident where personal information is collected, retained, used, disclosed or disposed of in ways that do not comply with personal information protection requirements in statute and regulation;

“Privacy Impact Assessment” means a process that reviews a new or existing information system or program to determine whether measures are necessary to ensure compliance with personal information protection requirements in statute and regulation and to address the broader privacy implications of the system or program;

“Program area” means related activities or services within an institution for which the institution has authority and responsibility;

“Record” (as defined by FIPPA and MFIPPA) means any record of information however recorded, whether in printed form, on film, by electronic means or otherwise;

“Request” means a Freedom of Information (FOI) access request, including both request for general records and requests for one’s own personal information;

“Responsible Minister” means the Minister of Public and Business Service Delivery; and

“Senior management” means all levels of managers accountable and responsible for decision-making and approvals.

Contact us

You can contact us by email or by phone at: