About the District » Privacy Management Program

Privacy Management Program

A Privacy Management Program is an evolving set of policies, procedures and tools developed by a public body to enable systematic privacy protection throughout the personal information lifecycle. 
Section 36.2 of the Freedom of Information and Protection of Privacy Act (FIPPA) requires each public body to develop a Privacy Management Program (PMP). 
The components each public body is expected to include in their privacy management program are:
As required under section 76.1 of the Freedom of Information and Protection of Privacy Act, the Board designates the Superintendent as the official head for the purposes of the Act. 
As permitted under section 76.1(b) of the Act, the Board authorizes the Secretary-Treasurer to administer the Act and make operational decisions. 
For any privacy related matters, please contact the District Privacy Officer [email protected] or call (250) 770-7700. 
When might you need to contact the Privacy Officer?
  • Questions or concern regarding the accuracy and/or correction of personal information
  • Permitting individuals to access their own personal information (held by the school district)
  • Consent
  • Collection notices
  • Records Retention and disposal schedules
  • Reasonable security for the personal information in the public body's custody or under its control
  • Completing or obtaining Privacy Impact Assessments (PIA)
The District maintains Information Sharing Agreements (ISAs) with various organizations such as Interior Health and private contractors used for school photos or yearbooks. The School District does not provide student or employee personal information with third parties unless otherwise specified through a multi-step approval process for the use of software or applications needed for learning or business purposes.
If you have a privacy concern, please contact the District Privacy Officer at [email protected] or call (250) 770-7700. 
When service providers handle personal information related to the provisions of services for a public body, the public body must inform them of their privacy obligations. Contracts are one way to demonstrate privacy obligations for service providers. 
PIAs are another useful tool to demonstrate how public bodies and service providers can meet their privacy obligations. By completing a PIA, a public body can assess the services, confirm compliance for such things as collection, use and disclosure of personal information under FIPPA, and identify privacy risks. 
Privacy training, policies, and procedures will also support a service provider in complying with their privacy obligations when providing services for a public body. 
The School District will continue to review its PMP and ensure its relevancy on an annual basis. New or updated information from the Province of British Columbia or the Office of the Privacy Commissioner will be added as it becomes available.