Tag: privacy

Notes from our June Board meetings

In absolutely no particular order, here are some of the things we’ve been working on or talking about this month. As always, feel free to comment below or otherwise get in touch with a Board member to share your input.

  1. The library begins pickup service starting June 26!
  2. Major win: The Registrar’s Office (RO) will schedule synchronous course activities on request this fall (as usual). We also got confirmation that for the RO to not provide this service would require a decision at Senate. Thank you to everyone who helped advocate for this at Senate and through other channels. We’ve since released a statement to all members about the decision by three Faculties (Arts, Math, and Engineering) to not use RO scheduling services for fall term.
  3. There are new remote teaching guidelines regarding privacy and intellectual property—give them a read if you haven’t yet. We were not consulted about these guidelines and don’t have official opinions on them yet.
  4. HR has been prorating merit increases for faculty on paid sick leave. We believe this contravenes the Memorandum of Agreement (while there are provisions in the MoA for prorating merit, they are for unpaid leaves) and we are discussing this at Faculty Relations Committee.
  5. The end is in sight: The Policy 76 drafting committee has sent a draft to FRC. FRC is advising on next steps for consultation.
  6. We are sorting out what we will do in place of our usual new faculty social events in July and August. The University’s new faculty orientation (in which we play a supporting role) will be fully online.
  7. The Equity Office postponed its Pride celebrations in light of the Black Lives Matter protests and the vast increase in disclosures of racism from members of the UW community. The Gender and Sexual Diversity Working Group, on which FAUW is represented, has issued a statement in support of this decision.
Continue reading “Notes from our June Board meetings”

Digital Privacy Colloquium: A Summary and Follow-Up

Karen Jack, University Privacy Officer, UW Secretariat

The university held a privacy colloquium on December 4th 2013 in light of the potential adoption of Concur, a US-based online expense claim processing system. There were two speakers: Jim Turk, Executive Director of the Canadian Association of University Teachers, and Fred Carter, Senior Policy & Technology Advisor of the Ontario Privacy Commissioner’s Office.

Jim Turk’s presentation is available here (PDF), and Fred Carter’s is available here (PDF).

Following their presentations, attendees participated in a question and answer session with a panel that included Fred Carter, University of Waterloo professor Ian Goldberg, and Blair Campbell, Senior Privacy Manager of Scotiabank. During the lively panel discussion, several attendees expressed concerns about the proposal. They spoke of a desire to retain control over their personal information, expressed reservations about the security of information in the cloud, and described issues relating to “anonymisation” techniques. In turn, the panel spoke about: the need to ensure that robust contractual safeguards re: privacy and security are in place in any outsourced solution, no matter where the company is headquartered; insights into encryption possibilities and pitfalls; the benefits of data minimization and privacy by design. Members of the project’s steering committee spoke of the efficiencies of an outsourced solution and of the consultation undertaken to date. There was consensus in the room that privacy and security can’t be afterthoughts.

Near the closing of the panel discussion, the university’s privacy officer advised that she and the university’s information security services director are undertaking a privacy and security impact assessment (PSIA) on this project. This tool, new at UW, helps to identify potential privacy and security risks and mitigation strategies for projects being proposed at the university that use personal information. As of the date of this post, the PSIA is nearing completion and, save those aspects which could create security risks if disclosed, will be made available to the community so users will have the opportunity to understand what’s at issue.

When the PSIA documentation has been posted, an alert will be posted on this blog.

Have questions about the project? Contact Connie van Oostveen or Ann Williams-Gorrie with any questions or ideas you may have about the online expense claim project.

Privacy Colloquium

After a lengthy period of looking at various possibilities by a broad group on campus, the University is currently considering adoption of online processing of expense claims using Concur, a US-based company with a US-hosted system. As part of the consultation process, we are organizing an information session on the privacy aspects if we were to go ahead with Concur for this purpose. There will be two speakers, Jim Turk, Executive Director of the Canadian Association of University Teachers (CAUT), and Fred Carter, Senior Policy and Technology Advisor of the Ontario Privacy Commissioner’s Office. Following their presentations, there will be a question and answer session with a panel that includes the two speakers, together with other experts.

Prior to the Colloquium, Karen Jack, the University’s Privacy Officer, will send a list of questions to Fred Carter of the Ontario Privacy Commissioner’s Office, and Jim Turk of CAUT, asking that these be addressed as part of the presentations at the Colloquium. Your suggestions for questions of concern and interest would be much appreciated; please make them on the following web page by October 22.

https://uwaterloo.ca/online-expense-claims/privacy-colloquium-questions

The colloquium will be held on Wednesday, December 4th,  2 – 5 pm (followed by reception), in M3 1006. Please mark the date on your calendar for this important event.

Come back next week for a post breaking down what’s going on with the new scheduling system!