NOEES Privacy Policy

NOEES believes in the protection of personal information which it collects and maintains. Personal information related to clients, employees, members of the Board, volunteers, or visitors to NOEES is privileged and confidential. Personal client information and specific employee information is protected by the Personal Information Protection Act (PIPA).  NOEES has a Privacy Officer who oversees the protection of personal information in accordance with this Act. If you have any concerns or questions about our policy, please ask for an appointment to speak with our Privacy Officer.

The 10 Principles for the Protection of Privacy, set out by PIPA, are adhered to by NOEES.

Principle 1 - Be accountable

A Privacy Officer is responsible for ensuring compliance with the ten principles for the protection of privacy. Policies and procedures, including a complaint process, are in place.

Principle 2 - Identify the purpose

Clients and employees are informed about the purpose(s) for which personal information is collected and how it will be used and disclosed. The collection of information is limited to that which is necessary to fulfill the purposes of the program or service.

Principle 3 - Obtain consent

Consent is obtained from individuals for the collection and use of personal information. Consent may be oral, written, or implied; is never obtained fraudulently; and may be withdrawn by the individual at any time.

Principle 4 - Limit collection

The collection of personal information is limited to that which is necessary in order to fulfill the identified purposes.

Principle 5 - Limit use, disclosure and retention

Personal information is not disclosed unless there is consent from the person whose personal information is to be disclosed. Only information authorized by the person for disclosure is disclosed and only for the period of time for which the consent is in effect. Personal information is maintained only as long as necessary to fulfill the purpose(s) for which it was collected. As soon as practical personal information is destroyed, erased, or rendered anonymous.

Principle 6 - Be accurate

Every effort is made to ensure personal information is accurate and complete.

Principle 7 - Use appropriate safeguards

Personal information is safeguarded from unauthorized access, collection, use, disclosure, copying, modification, or disposal by both individuals outside the organization as well as within. Files containing personal information are in locked file cabinets, computers have lock-out systems and authorized access codes, and employees sign an Oath of Confidentiality.

Principle 8 - Be open

Upon request, NOEES will provide clients with additional information concerning its personal information protection practices. NOEES will also provide the name and contact information of the organization’s Privacy Officer as well as information on how an individual can gain access to his or her personal information or file a complaint with respect to the collection or protection of his or her personal information.

Principle 9 - Give individuals access

Within 30 business days of a request, individuals will have access to their personal information, will be told how it has been used, and with whom it has been disclosed. A written explanation will be provided in cases where access is denied under exceptions set out in Personal Information Protection Act.  Upon request and verification, personal information will be corrected and/or a notation will be made as to why the information has not been modified.

Principle 10 - Provide recourse

A complaint handling process is in place for individuals wishing to appeal and/or have a complaint investigated. The first step is to contact the Privacy Officer. Further recourse can be sought through the Information and Privacy Commissioner.