- East Metro Youth Services (EMYS) views protecting client/participant privacy as critical.
- All inquiries for information are documented in the data information system called the Client Record (CR). If at any time the Agency receives a request for information, the client/participant will be contacted and advised of the request. Where appropriate consent to disclose this information will be sought.
- East Metro Youth Services (EMYS) is committed to protecting the privacy of clients/participants in accordance with the Canadian Centre for Accreditation (CAA) Standards and the law.
- At the intake phase, all clients/participants are given information on EMYS commitment to privacy and data collection. This information includes:
- Only information necessary for the assessment, planning and delivery of efficient services is collected.
- Information is shared only with consent unless mandated or in order to reduce or eliminate risk.
- Information used in teaching and research is used on an anonymous basis. Identifying information is removed or disguised.
- Storage, retention and destruction of personal information complies with existing legislation and privacy protection protocols;
- Information may be accessed by regulatory authorities under the terms of the Ministry of Children and Youth Services contract for the purpose of EMYS fulfilling its mandate and for the defence of a legal issue.
- A client/participant may withdraw consent for use or disclosure of personal information at any time and will be provided with information on the potential implications of the decision and the process.
- The EMYS privacy officer is the Human Resources Administrator.
EMYS adheres to the following principles:
- Identifying Purposes
- EMYS informs individuals of the purpose of collecting personal information at or before the time the information is collected, and does not use the information for any other purpose, without obtaining consent.
- Whenever possible and reasonable, EMYS makes an effort to ensure that the individual is advised of the purposes for which the information will be used and agrees to its use. Consent can be withdrawn at a later date.
> Limiting Collection
- EMYS only collects personal information relating to the specified purpose and only collects what is needed for that purpose.
> Limiting Use, Disclosure and Retention
- Personal information is not used or disclosed for purposes other than those for which it is collected, except with the consent of the individual or as required by law. Personal information is not retained longer than needed for the specified purposes.
- EMYS strives to ensure that information is sufficiently accurate, complete and up-to- date so as to minimize the possibility that decisions are based upon incorrect information.
- EMYS protects personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. The level of security is appropriate to the sensitivity of the information.
> Individual access
- Wherever reasonable, EMYS ensures that individuals know what personal information about them has been collected, how it is being used, to whom it has been disclosed, and how to challenge its accuracy and completeness and how to have it corrected if necessary.
> Challenging Compliance
- EMYS ensures that individuals may address a challenge concerning compliance with the above principles through the Privacy Information Officer.