This Chapter deals with:
Note: Under FIPPA, each Manitoba government department is a separate public body.
The head of a public body is responsible for all decisions and actions about access to information and protection of privacy made under FIPPA that relate to the public body.
The definition of "head" in subsection 1(1) of FIPPA sets out who is the "head" of a "public body".
1(1) "head", in relation to a public body, means
The head of a public body that is a government department is the Cabinet Minister who has been appointed to preside over it by an Order in Council under The Executive Government Organization Act. 2 (“Department” means a department, branch, or office of the executive government.) 3
The head of a public body that is an incorporated government agency is the agency's chief executive officer. An example of an incorporated government agency is Manitoba Hydro.
The head of a that is an unincorporated government agency is:
The Manitoba Labour Board is an example of an unincorporated government agency.
The head of a local public body is the person or group of persons designated as its head by a by-law or resolution of that body.
Designation of head by local public body
80 A local public body shall, by by-law or resolution, designate a person or group of persons as the head of the local public body for the purposes of this Act.
If the local public body does not designate a head, the government can designate a head for it by regulation.
The head of a public body may delegate any of his or her duties and powers under FIPPA to any
person. This person no longer has to be a member of the staff of the public body.
It is not necessary for a minister, as the head of a department, to formally delegate powers under FIPPA to his or her deputy minister, as the deputy has authority to act on behalf of the minister.
In general, delegation should be considered for all provisions in FIPPA where the head of a public
body must (shall) or may do something.
There is a practical difference between the delegation of powers and duties relating to access to
information and the delegation of powers and duties relating to protection of privacy under FIPPA.
In the case of access to information, the head's powers and duties relate mostly to decisions about
access requests. In the case of protection of privacy, duties centre on ensuring that the public
body complies with the requirements respecting collection, retention, correction, accuracy,
protection, use and disclosure of personal information in FIPPA.
The effect of a delegation is to authorize the identified official to make decisions and take
action. If authority to make a decision has been delegated to an official, but that official does
not actually make the decision, it has not been properly made.
A delegation under FIPPA should be in writing. A sample delegation document for departments is
included in the Public Body Roles and Responsibilities, on the FIPPA website at:
https://www.gov.mb.ca/chc/fippa/public_bodies/delegation_designation.html.
It is recommended that:
For example, the "Executive Director of Administration and Finance", not to "John Brown".
When delegation is to a position, rather than to an individual, a new delegation document is not required every time a new appointment is made or someone is acting in the position.
An Access and Privacy Officer is "any employee of a public body to whom the head has delegated a duty or power under section 81 of the Act".
A department or government agency may have more than one Access and Privacy Officer.
The Access and Privacy Officer is responsible for overall direction of access to information and protection of privacy matters within the department or government agency.
As noted above, there is a practical difference between powers and duties relating to access to information and those relating to protection of privacy. In the case of access to information, the powers and duties in FIPPA relate mostly to decisions about access requests. Duties relating to protection of privacy centre on ensuring compliance by the public body with the requirements in FIPPA respecting collection, correction, accuracy, retention, destruction, protection, use and disclosure of personal information - a very broad responsibility.
With respect to privacy matters, an Access and Privacy Officer will usually need to take a collaborative approach, involving individuals with expertise in program management, information technology, records and information management, and privacy (including legal counsel with expertise in privacy law).
It is strongly recommended that the Access and Privacy Officer for a government department be at the assistant deputy minister or executive director level, as he or she will be making access to information and privacy decisions on behalf of the minister.
While the specific responsibilities of Access and Privacy Officers will vary, the following are some of the usual responsibilities.
https://web2.gov.mb.ca/laws/regs/pdf/f175-064.98.pdf.
Each public body is required, by section 2 of the Access and Privacy Regulation under FIPPA, to appoint an employee as an Access and Privacy Coordinator. A public body may appoint more than one Access and Privacy Coordinator.
The Access and Privacy Coordinator is "responsible for receiving applications for access to records and for the day-to-day administration of the Act".
More specifically, the Access and Privacy Coordinator will be responsible for:
The Coordinator is the focal point of access to information and protection of privacy expertise within the public body.
In large public bodies that receive many freedom of information requests or that maintain large amounts of personal information, the Access and Privacy Coordinator position will be a full-time one.
As the Coordinator will work closely with the Access and Privacy Officer, it is recommended that there be a direct reporting relationship between these two positions.
In some organizations, it may be appropriate to combine the functions of Access and Privacy Coordinator with that of records Officer.
While the responsibilities of Access and Privacy Coordinators will vary somewhat, depending on the degree of centralization of the access to information and protection of privacy responsibilities within a public body, the following are some of the basic duties of this position.
The Access and Privacy Coordinator's access to information duties may include:
The Access and Privacy Coordinator will usually have the following duties:
For example, a public body may not be able to collect personal information from an organization that falls under the Personal Information Protection and Electronic Documents Act (Canada), if that organization is not authorized to disclose the personal information by the federal Act.
Each government department and government agency requires a recordsOfficer to ensure that records and information held by it are managed efficiently, effectively and in accordance with statutory requirements and policies.
The records Officer must keep abreast of all records-related issues in the department or government agency, including those involving electronic information systems.
The records Officer is the central administrator of the recordsmanagement program of the department or government agency; he or she functions as a point of accountability for record keeping and information-handling practices and provides assistance to program areas.
Where there is a request for access to recordsunder Part 2 of FIPPA - Access to Information - the records Officer will be required to assist the Access and Privacy Coordinator to identify and locate the requested records. To do this, the records Officer should be familiar with the records management practices throughout the department or government agency and must maintain a full set of approved recordsschedules as required under The Archives and recordkeeping Act and of records Transfer Box Lists for the department or government agency.
A description of the typical duties of a records Officer is available from the Government records Office, Manitoba Sport, Culture and Heritage.
Normally, a program director or manager will be responsible for the following:
The Lieutenant Governor in Council designates the government Minister responsible for the administration of FIPPA. This is done in an Order in Council made under The Executive Government Organization Act that sets out the statutory responsibilities of the various government Ministers.
The Responsible Minister is accountable for the province-wide administration of FIPPA, including the overall performance of public bodies in responding to requests for access and in protecting personal information.
The Responsible Minister for FIPPA is the Minister of Sport, Culture and Heritage. The Department of Sport, Culture and Heritage and specifically the Information and Privacy Policy Secretariat of the department, is responsible for central administration and coordination of FIPPA.
The Responsible Minister is required to submit an annual report to the Legislative Assembly about the activities of public bodies in both access to information and protection of privacy that includes:
The Responsible Minister must undertake a comprehensive review of the operation of FIPPA, which includes public representations, within five years after an Information and Privacy Adjudicator is first appointed under FIPPA. The Responsible Minister must submit a report on the review to the Legislative Assembly within one year after the review is undertaken, or within such further time as the Assembly may allow.
Note: The head of a public body, not the Responsible Minister, is accountable for the handling of access requests and personal information by that public body.
The Information and Privacy Policy Secretariat of the Department of Sport, Culture and Heritage provides leadership and expertise to the Manitoba Government on access to information, confidentiality and privacy policy matters under FIPPA, as well as support services to public bodies that fall under FIPPA.
The Secretariat provides:
The Information and Privacy Policy Secretariat works closely with the Manitoba Archives and the Government records Office.
The functions of the Manitoba Archives respecting FIPPA are directly related to its responsibility to administer the records management program of the Manitoba Government under The Archives and record keeping Act. The Archivist of Manitoba establishes policies, standards and guidelines for government record keeping and approves departmental and agency records schedules'. (A `records schedule' is the formal, written plan that identifies government records, establishes their retention periods and provides for their disposition.)
Clause 3(a) of FIPPA states that FIPPA is "in addition to" and "does not replace" existing procedures for access to records or information normally available to the public - including any requirement to pay fees. In other words, not all requests for information or records need to be made under FIPPA, and FIPPA should not be applied to prevent or reduce access to information (other than personal information) that is available by custom or practice.
Government departments and government agencies have always provided public access to certain information and records in their custody or control by 'proactive disclosure' or by 'routine disclosure'. Proactive disclosure and routine disclosure of information can satisfy many of the information needs of members of the public.
Proactive disclosure of information occurs when information or records are periodically released, without any request, under a communications plan or practice. It often occurs when there is an anticipated demand for information by the public. It can take many forms - for example, publishing information on a departmental website, etc.
Specific examples of 'proactive disclosure' of information include:
Links to these and to other examples of proactive disclosure are found at: https://www.gov.mb.ca/chc/fippa/disclosure.html.
Routine disclosure occurs when access to a record is given without a formal request under Part 2 of FIPPA. For example:
Personal information requires special consideration when making decisions about proactive disclosure or routine disclosure. For example,
In some instances, records may have to be written and prepared in a different way to allow for release by way of proactive disclosure or routine disclosure. For example, in some Canadian jurisdictions, quasi-judicial tribunals are exploring ways to release their decisions widely through the Internet, while protecting the privacy of the individuals who appear before them. Restructuring decisions so that personal information and personal health information can more easily be located and severed out may be one way to achieve the desired balance between openness and privacy.
A variety of notices and documents are required to be given under FIPPA - for example:
Section 78 of FIPPA provides that when notice or a document is to be given to a person under FIPPA, it is to be given in one of the following ways:
Except where substitutional service or an appeal or application to court is involved, the choice of how to give notice or send a document under FIPPA is usually up to the public body and will depend on the circumstances. Normally, notices or documents will be sent by mail or by fax. A public body should assess the circumstances and choose the most effective and economical means of giving notice or providing a document, while keeping in mind its obligation to take reasonable steps to protect personal information from unauthorized access and disclosure under Part 3 of FIPPA.
See Manitoba Ombudsman Practice Note Privacy Considerations for Faxing Personal and Personal Health Information
Also see Manitoba Ombudsman Practice Note Privacy Considerations for Emailing Personal and Personal Health Information.
Section 79 of FIPPA states that any right or power that an individual has under FIPPA may be exercised on his or her behalf by another person, under specific circumstances.
Exercising rights of another person
79 Any right or power conferred on an individual by this Act may be exercised
The rights or powers under FIPPA that may be exercised by another on behalf of an individual include:
It is important to ensure that a person claiming authority to act on behalf of another is legally entitled to do so, particularly if personal information or privacy is involved. Where there are any questions or doubts about the existence, or the extent, of such authority, legal counsel should be contacted.
1 Clause 79(a) - Written authorization from the individual
An 'authorization' under clause 79(a) of FIPPA is a document in which an individual authorizes someone else to do certain things in his or her name and on his or her behalf. The authorization must be in writing and signed, should be dated and should clearly set out what the other person is being authorized to do.
Before disclosing personal information on the basis of a written authorization, a public body may, in some circumstances, want to contact the individual who has granted the authority to confirm that he or she is aware of the amount and type of personal information that will be disclosed.
A written authorization provides the recipient with the authority to act. A public body needs to examine such a document carefully to ensure that the right being exercised under FIPPA is within the scope of the authorization. If there are any questions about the validity or scope of an authorization, legal counsel should be contacted.
2 Clause 79(b) - Committee or substitute decision maker
A committee appointed for an individual under The Mental Health Act can only exercise a right or power on behalf of the individual under FIPPA if it relates to the powers and duties given to the committee by the court order appointing him or her, or by The Mental Health Act.
Similarly, a substitute decision maker appointed under The Vulnerable Persons Living with a Mental Disability Act can only exercise a right or power under FIPPA if it relates to the powers and duties given to the substitute decision maker by the order of the Vulnerable Persons Commissioner that appoints him or her.
The order appointing the committee or substitute decision maker provides him or her with the authority to act. A public body needs to examine the order carefully to ensure that the right being exercised under FIPPA is within the scope of the powers and duties set out in it. If there are any questions about the validity or scope of an order appointing a committee or a substitute decision maker, legal counsel should be contacted.
3 Clause 79(c) - Attorney under a power of attorney
A power of attorney is a document in which authority is given to one person (called the attorney) to do certain things in the name of the person granting the power (called the donor).
A power of attorney can authorize the 'attorney' to perform specific acts on behalf of the donor, or it can be a general power of attorney. The power of attorney document will set the limits on the authority that has been granted. The attorney may only exercise a right or power under FIPPA if it relates to the powers and duties that have been given to him or her by the power of attorney document.
A public body needs to examine a power of attorney carefully to ensure that the right being exercised under FIPPA is within the scope of the powers given by it. If there are any questions about the validity or scope of a power of attorney, legal counsel should be contacted.
4 Clause 79(d) - Parent or guardian of a minor
A parent or legal guardian of a "minor" (an individual under 18 years of age) does not automatically have authority to exercise rights or powers on behalf of his or her minor child or ward under FIPPA.
The head of the public body concerned must be satisfied that the exercise of the right or power by the parent or guardian would not constitute an unreasonable invasion of the minor's privacy. This leaves discretion in the hands of the public body to ensure the minor's privacy rights are protected in appropriate circumstances.
If there is any question as to whether an individual is the 'legal guardian' of a minor, legal counsel should be contacted.
5 Clause 79(e) - Personal representative of a deceased individual
The personal representative referred to in clause 79(e) of FIPPA is the executor named in the will of the deceased individual or, where there is no will, the administrator appointed by a court to administer the estate of the deceased individual.
The right or power being exercised under FIPPA must relate to the administration of the deceased individual's estate.
If there are any questions as to whether a person is a "personal representative" authorized to act on behalf of a deceased person under FIPPA, contact legal counsel.
Section 84 of FIPPA states that no action or proceeding may be brought against the Government of Manitoba, a public body, the head of a public body, an elected official of a local public body or any person acting for or under the direction of the head of a public body for damages resulting from:
"Damages" means civil liability to pay compensation or make reparation to someone who has suffered harm or a loss.
"Good faith" includes honest belief and absence of malice.
"Reasonable care" in this context means taking steps that are suitable in the circumstances.
Public bodies and their officers and employees have a duty under FIPPA to co-operate with the Ombudsman, and with the Information and Privacy Adjudicator.
Subsection 86(1) of FIPPA states that no person is guilty of an offence under any other statute or regulation when he or she complies with a request or requirement under FIPPA to produce a record or provide information or evidence to the Ombudsman or the Information and Privacy Adjudicator, or a person acting for or under the direction of the Ombudsman or the Adjudicator.
Subsection 86(2) states that no adverse employment action shall be taken by a public body against an employee because the employee has complied with a request or requirement under FIPPA to produce a record or provide information or evidence to the Ombudsman or the Information and Privacy Adjudicator, or a person acting for or under the direction of the Ombudsman or the Adjudicator.
Subsection 85(1) sets out the offences under FIPPA and the penalty that a criminal court can impose if the court finds a person to be guilty of an offence.
It is an offence under FIPPA to "wilfully":
"Wilfully" means intentionally or deliberately.
Where a criminal court finds a person to be guilty of an offence listed above, the court may impose a fine of not more than $50,000.
Subsection 85(2) of FIPPA states that a prosecution under FIPPA may be commenced not later than two years after the commission of the alleged offence.
The offences set out in subsection 85(1) of FIPPA are 'regulatory offences' that are prosecuted in the criminal courts under The Summary Convictions Act of Manitoba. The court, not the Ombudsman or the Information and Privacy Adjudicator, determines whether the offence has been committed and what fine to impose.