Privacy Policy

Preamble

The College of Dietitians of Manitoba was established on January 1, 2005 under The Registered Dietitians Act of Manitoba. The College has the duty to serve and protect the public interest.

The College has the authority under the Act to:

  1. Regulate the practice of the profession and to govern the members in accordance with the Act, Regulations, Bylaws and Code of Ethics.
  2. Develop, establish and maintain standards of qualification for members to be issued a certificate of registration.
  3. Defining education programs and standards of practice to assure the quality of the profession.
  4. Define and develop programs to assist with the requirements under the Act, such as Continued Competence programs.

In the course of fulfilling its mandate, the College may collect, use and disclose personal information regarding applicants for membership, members, persons employed (retained, elected or appointed) for the purpose of College administration.

All individuals, who are employed, retained, volunteer or appointed by the College are required to preserve secrecy with respect to all information that comes to their knowledge. All personal information obtained by the College is subject to the provisions of this Privacy Code.

Definition of Terms

The following terms used in this Privacy Code are stated below:

Bylaws
Means the bylaws of the College passed under the authority of section 51(1) of the Registered Dietitians Act.
College
Means College of Dietitians of Manitoba.
Legislation
Means Registered Dietitians Act (2002) of Manitoba, Regulations (2004) and Bylaws.
Member
Means a member of the College.
Organization
Includes an individual, a corporation, an association, a partnership, and a trade union.
Personal Information
Means information about an identifiable individual but does not include the name, title, or business address or telephone number of an individual.
Regulations
Means the Regulations under the Registered Dietitians Act.

Principles

Principle 1 – Accountability

The Registrar has been designated the official privacy officer for the College and is responsible for the organization’s compliance to the legislation policy.

All volunteers of the college and employees shall receive an orientation and training, if necessary, of their obligations pursuant to this legislation. All individuals who, on behalf of the college, have access to personal information on college members shall be required to sign confidentially agreements (CDM Confidentiality Form) and uphold the confidentiality policies of the college [Policy 3.3.3].

All College confidentially policies can be obtained by the public during regular office hours. Once available, they shall be posted on our website.

Principle 2 – Identifying Purposes

Information related to Members of the College

CDM may collect, hold and use the personal information in a member’s file for the administration and enforcement of the Registered Dietitians Act. Those purposes within the Act are as follows:

  1. Identifying and ensuring the accuracy of the information contained within the member’s file;
  2. To assess whether a potential member meets or a member continues to meet the standards of qualification for registration;
  3. To investigate complaints regarding the conduct or actions of a member;
  4. To investigate whether a member has committed an act of professional misconduct or is incompetent;
  5. To hold a hearing of allegations of a member’s professional misconduct or incompetent or of allegations that a member is incapacitated;
  6. To carry out the obligations of the Continued Competence program of the college;
  7. To assess whether a former member’s certificate of registration should be reinstated;
  8. Meeting all legal and regulatory requirements of the Act.

The College may collect personal information regarding a member for registration pursuant to section 7(2) of the Act.

The College may collect personal information regarding a member of the college or an employer as permitted within the Act Section 20(4).

Personal information disclosed to the College by a third party is used only for the purpose for which the disclosure was made or to enable the College

Information related to Employees or Volunteers of the College

CDM may collect, hold and use the personal information of an individual who is retained, elected or appointed for the purpose of administering the Registered Dietitians Act. Those purposes within the Act are as follows:

  1. To communicate with the person on college business;
  2. The purpose of making payroll and providing benefits as required by law;
  3. To review prospective candidates and appoint persons as required by the Act.

Principle 3 – Consent

The College collects personal information for the administration and enforcement of the legislation of the Registered Dietitians Act.

The College abides by the following principles in limiting use of information:

  1. The individual shall be informed in a meaningful way of the purposes for the collection, use or disclosure of their personal data;
  2. Personal information is used only for the purpose for which it was obtained or for a use consistent with that purpose under the privacy act;
  3. Consent is obtained from the individual before using personal information for a purpose not consistent with the purpose for which it was collected or for a purpose not directly related to the purpose for which it was collected;
  4. Policy 3.3.5 states the employee (s) who have access or use of the personal information and maintain a disclosure log or audit trail;
  5. Access is limited to other individuals as a “need to know” basis and used with the highest degree of anonymity to meet the stated purpose;
  6. If disclosure is not obtained, the disclosure is authorized according to a specific provision of Section 44 (1) of FIPPA or Section (22) of PHIA;
  7. Consent can be obtained in a variety of ways, as outlined within Policy 3.3.5.
  8. Once obtained, the record of consent shall be recorded as per Policy 3.3.5.
  9. Training for staff is conducted to ensure that those employees collecting personal information are able to answer an individual’s questions about the purpose (s) of the collection.

Principle 4 – Limiting Collection

The College will collect only the personal information that is required for the purposes outlined in Principle 2 of this Privacy Code.

Individuals, who are subject to the college requiring any personal information, shall be informed of the reasons and purpose of collecting their information.

Principle 5 – Limiting use, Disclosure and Retention

The College abides by the following principles concerning the use, disclosure or retention of individual’s personal information:

  1. The use or disclosure of personal information is obtained only for the purposes outlined in Principle 2 of this Privacy policy;
  2. The use or disclosure of personal information is released only for the purpose for which it was collected, unless the individual consents, or the use or disclosure is authorized by the Registered Dietitians Act;
  3. Personal information will be kept on file according to Policy 3.3.7.
  4. Personal information which is no longer required will be destroyed as per Policy 3.3.7.
  5. Any new purpose for the use of personal information shall be documented to those individuals effected by the release of the information;
  6. Reviews, which determine whether personal information is still required to be retained, shall be conducted as per Policy 3.3.7.

Principle 6 – Ensure Accuracy

The College shall ensure to the best of its ability that the information collected used and disclosed shall be accurate.

To ensure this accuracy, members are required to provide the College with current name contact information and employment information annually with the college renewal form.

Members are also asked to advise the College of any changes to the stated information within Thirty (30) days of the change [Policy ________]

Principle 7 – Safeguards

The responsibilities of the College are to ensure all personal information is protected in the following ways:

  1. Protect personal information against loss or theft;
  2. Safeguard the information from unauthorized access, disclosure, copying, use or modification;
  3. Protect all formats of personal information.

The College ensures that personal information is stored in electronic and physical files are secure. Security measures that are in place to safeguard this information are outlined in Policy 3.3.7. This policy is reviewed on an annual basis.

Employees of the College will receive orientation training regarding the safeguarding for personal information.

The College ensures that all personal information that is no longer required is disposed of in a confidential and secure manner. Policy 3.3.7.

Principle 8 – Openness

The policies in regards to confidentiality for all forms of personal information are available to the public and all college members by contacting the college.

Inquiry may be directed to the Registrar at the College office in a variety of ways:

College of Dietitians of Manitoba
208-584 Pembina Highway
Winnipeg, MB
R3M 3X7
Phone: 1-204-694-0532
Fax: 1-204-889-1755
Email: office@collegeofdietitiansmb.ca

Principle 9 – Individual Access

The College has the responsibilities to provide an individual access to their personal information in the following ways:

  1. When requested in writing to the Registrar, an individual may receive access to the personal information the College has on file;
  2. Once access is obtained, the College can provide information on how this information has been used or is being used, and provide a list of any organizations to which this information has been disclosed;
  3. Allow the individual to correct or amend any personal information if its accuracy and completeness is challenged and found to be deficient;
  4. Provide a copy of the information requested, or reasons for not providing access, subject to the exceptions as set out in Section 9 of the Act (stated below);
  5. The College must note any disagreements on the file and advise third parties where appropriate.

Exceptions to access in Section 9 of the Act

The College must refuse an individual access to personal information:

  1. If it would reveal personal information about another individual unless there is consent or a life-threatening situation;
  2. If the organization has disclosed information to a government institution for law enforcement or national security reasons.

The College may refuse access to personal information if the information falls under one of the following:

  1. Solicitor-client privilege
  2. Confidential commercial information
  3. Disclosure could harm an individual’s knowledge or consent to ensure its availability and accuracy, and the collection was required to investigate a breach of an agreement or contravention of a federal or provincial law (the Privacy Commissioner of Canada must be notified).
  4. It was generated in the course of a formal dispute resolution process.

In order to provide access to individuals to personal information, the College shall:

  1. Provide any help the individual needs to prepare a request for access to personal information.
  2. Request from the individual to supply any information to enable it to account for the existence, use and disclosure of personal information.
  3. Respond to the request as quickly as possible and not later than 30 days after receipt of the request. Should the College by unable to respond within the 30 day time limit, the Act [Subsection 8(4)] allows an extension for a minimum of 30 additional days after notification to the individual.
  4. Provide access at typically no cost or minimal cost to the individual, depending on the nature of the request and the amount of information involved. The College reserves the right to impose a cost recovery fee. In these circumstances, the College will inform the individual of the approximate cost to provide the response and proceed upon payment by the individual of the cost.
  5. Ensure that the requested information is understandable, with an explanation of acronyms, abbreviations and codes, if necessary.
  6. Provide the individual with reasons why, in writing, it is refusing to give access, setting out the reasons and any recourse available.
  7. Maintain all personal information on members within their personal file, so the information is located in one place.

Principle 10 – Recourse

All individuals have the right to recourse on a decision of the College on access to their personal information. Complaints, questions or concerns regarding the College’s compliance with this Privacy Code can be directed to the Registrar of the College. If the Registrar cannot satisfactorily resolve a complaint, the individual can register a formal complaint with the Council of the College consist with Policy 3.3.6.