Welcome to our new website!

Welcome! We hope you find our new website helpful and easier to navigate. It's now as easy to use on your smartphone as your desktop. Take a tour and please tell us what you think.

Privacy Policy

Governance

1.1 In the course of meeting its statutory duties and responsibilities, the Durham District School Board (the “DDSB”) collects, uses, retains and discloses personal information as it pertains to student education, employees, and other individuals acting on behalf of the DDSB.

1.2 In respect of this personal information, the DDSB is committed to:

1.2.1 Protecting the privacy of individuals and the confidentiality of their personal information;
1.2.2 Recognizing and supporting the public’s right to access to information in the custody and 
control of the DDSB; and,
1.2.3 Complying with its obligations under applicable privacy law and other statutes with
privacy provisions, including but not limited to the Education Act, R.S.O. 1990, c. E.2 and 
its regulations, as amended (the “Education Act”), the Municipal Freedom of Information 
and Protection of Privacy Act, R.S.O. 1990, c. M.56 and its regulations, as amended 
(“MFIPPA”), the Personal Health Information Protection Act, 2004, S.O. 2004, c. 3 and its 
regulations, as amended (“PHIPA”), and the Anti-Racism Act, 2017 , S.O. 2017, c. 15 and 
its regulations, as amended (the “Anti-Racism Act”).

1.3 The DDSB meets this commitment through this Policy and supporting procedures and practices

2.1 To establish the framework for the DDSB’s compliance with all applicable provisions in the Education Act, MFIPPA, PHIPA, the Anti-Racism Act, and other application legislation.

2.2 To structure the framework around the Fair Information Principles of the Canadian Standards Association’s Model Code for the Protection of Personal Information. The CSA Model Code is recognized as a national standard for privacy protection and is used across Canada as the basis for privacy legislation.

2.3 This procedure is to be interpreted and applied in accordance with the DDSB’s commitment to promoting and upholding Indigenous rights and human rights in all of its learning and working environments. This includes anti-colonial, anti-discriminatory and anti-racist approaches and actions to provide services and employment that are safe, welcoming, respectful, inclusive, equitable, accessible and free from discrimination and harassment consistent with the DDSB’s Human Rights, Anti-Discrimination and Anti-Racism Policy, the Indigenous Education Policy, the Safe and Respectful Workplace and Harassment Prevention Policy.

 

3.1 This Policy applies to DDSB employees, service providers, volunteers, trustees, and other individuals acting on behalf of the DDSB

3.2 This Policy applies to all information in the Custody or under the Control of DDSB, including but not limited to the Personal Information of DDSB students, parents, and staff

In this Policy and supporting procedures,

4.1 “Collect” means to gather, acquire, receive, or obtain the information by any means from any source, and “Collection” and “Collected” has a corresponding meaning.

4.2 “Control” means the power or authority to make a decision about the creation, use or disclosure of a record.

4.3 “Custody” means the keeping, care, watch, preservation or security of a record for a legitimate business purpose. While physical possession of a record may not always be necessary to establish custody, physical possession may be an element of the evidence of custody.

4.4 “Disclose” means to make the information available or to release it to another person, but does not include to use the information, and “Disclosure” has a corresponding meaning.

4.5 “Personal Information” or “PI” means recorded information about an identifiable individual. As defined by MFIPPA, this may include, but is not limited to:

  • Information relating to the race, national or ethnic origin, colour, religion, age, sex, sexual orientation or marital or family status of the individual, Information relating to the education or the medical, psychiatric, psychological, criminal or employment history of the individual or information relating to financial transactions in which the individual has been involved;
  • Any identifying number, symbol or other particular assigned to the individual;
  • The address, telephone number, fingerprints or blood type of the individual;
  • The personal opinions or views of the individual except if they relate to another individual;
  • Correspondence sent to an institution by the individual that is implicitly or explicitly of a private or confidential nature, and replies to that correspondence that would reveal the contents of the original correspondence;
  • The views or opinions of another individual about the individual, and,
  • The individual’s name if it appears with other PI relating to the individual or where the disclosure of the name would reveal other personal information about the individual.

4.6 “Privacy” means the right or interest of an individual to control collection, use and disclosure of their Personal Information. Privacy is a legislated right and school boards are required to comply with applicable privacy laws.

4.7 “Use” means to view, handle or otherwise deal with the information, but does not include to disclose the information, and “Use”, as a noun, has a corresponding meaning.

5.1 Accountability
The principle of accountability means that an organization is responsible for PI under its Custody or Control and shall designate an individual or individuals who are accountable for the organization’s compliance with privacy principles.

  • 5.1.1 The Director of Education is ultimately accountable for compliance with privacy legislation and holds primary responsibility for the implementation of and compliance with this Policy. Pursuant to ss. 49(1) of MFIPPA, the Board of Trustees acting in its role as head of the institution under MFIPPA, delegates its powers and duties under MFIPPA to the Director of Education, including but not limited to its powers under s.49 of MFIPPA to further sub-delegate any such powers or duties in writing to another officer or officers of the Board.
  • 5.1.2 The Director of Education is authorized to provide the administrative procedures necessary to implement this Policy.
  • 5.1.3 The DDSB is and remains responsible for the protection of PI that is Collected, Used, Disclosed, and retained by individuals who are permitted to handle PI on the DDSB’s behalf. The DDSB will use contractual or other means to ensure that a comparable level of protection is applied when PI is handled by Service Providers

5.2 Identifying Purpose(s)

Personal information is Collected for a purpose identified by the DDSB, and individuals will be notified of the purposes and any other information required by law, at or before the time personal information is collected unless otherwise permitted by law.

5.3 Knowledge and Consent

The knowledge and, in some cases, the consent of an individual is required for the Collection, Use, Retention and Disclosure of personal information, except where otherwise permitted by law.

5.4 Limiting Collection

The Collection of PI shall be limited to that which is necessary for its purposes identified by the DDSB, in accordance with DDSB statutory duties and responsibilities. PI will be collected by lawful means.

5.5 Limiting Use, Retention and Disclosure

PI will not be Used, Retained, or Disclosed for purposes other than those for which it was collected, except with the consent of the individual or as authorized or required by law. PI will be retained in accordance with the specific purpose of the original consent.

5.6 Accuracy

The DDSB shall take reasonable steps to ensure that personal information is accurate, complete, and up to date in order to fulfill the specified purposes for its collection, use, disclosure, and retention. Employees shall keep the DDSB notified of changes to Personal Information.

5.7 Safeguards

Personal information will be secured and protected from unauthorized access, Use, Disclosure, and inadvertent loss or destruction by adhering to safeguards appropriate to the sensitivity of the information.

5.8 Openness and Transparency

The Director of Education or designate will make available to the public specific information about its policies and procedures relating to the management of Personal Information.

5.9 Access and Correction

Procedures adopted under this Policy shall allow an individual to access their Personal Information and give them access to that information in accordance with privacy legislation, subject to any mandatory or discretionary exceptions.

An individual has the right to challenge the accuracy and completeness of the information and request that it be amended as appropriate or to have a letter/statement of disagreement retained on file.

Any individual to whom the Access of their Personal Information has been granted has the right to request that any person/body who has received the Personal Information in the year preceding the correction/statement be notified of the correction/statement.

Upon request, an individual will be advised of any third-party service provider requests for his/her personal information in accordance with privacy legislation.

5.10 Compliance

Procedures adopted under this Policy shall provide for the ability to address or challenge compliance with this Policy to the Director of Education or designate

6.1 Compliance with this Policy and supporting procedures in its entirety is mandatory unless an exception to a specific section is approved by the Privacy Officer, Director of Education, or delegate in writing.

6.2 Failure to comply with the requirements of this Policy and supporting procedures, without a written exception, may result in disciplinary action up to and including termination of employment or termination of contract without notice or compensation.

6.3 At the first reasonable opportunity upon identifying or becoming aware of a breach of this Policy, individuals governed by this Policy must follow the notice requirements and other protocols stipulated in procedures under this Policy.

7.1 This Policy may be reviewed as may be deemed necessary or appropriate, but it shall be 
reviewed at least every 5 years.

8.1 Policies

Human Rights, Anti-Discrimination and Anti-Racism Policy
Indigenous Education Policy
Safe and Respectful Workplace and Harassment Prevention Policy

8.2 Supporting Procedures

Privacy (Personnel)
Privacy Breach Protocol
Acceptable and Safe Use Procedure for Computing Technology Safety
Electronic Monitoring
Guidelines for E-Mail
Staff Mobile Phones
Video Surveillance System
Technology Approval Process
Technology Approval Process (Cloud Services): Privacy and Security Assessment Guide

8.3 Legislation

Education Act, R.S.O. 1990, c. E.2
Municipal Freedom of Information and Protection of Privacy Act, R.S.O. 1990, c. M.56
Personal Health Information Protection Act, S.O. 2004, c. 3, Sched. A
Anti-Racism Act, 2017, S.O. 2017, c. 1

Appendix
None

Effective Date:
2012-02-21

Reviewed and Amended:
2023-10-16

Contact Us

Durham District School Board
400 Taunton Road East, Whitby, ON
L1R 2K6 Canada 

Email Us

Phone: 905-666-5500
Fax: 905-666-6474
Toll Free: 1-800-265-3968