Freedom of Information and Protection of Privacy - Teaching Regulations and Procedures for FASS and FPA

The university is responsible for the security of students’ personal information under the Freedom of Information and Protection of Privacy Act (FIPPA). It is important that our practices in dealing with students are in line with the requirements of the Act. Please see below for a summary of important points, as well as the FIPPA website for further information on the Act as well as on whom to contact should you have questions.

Privacy Protection: Best Practices for Faculty and Instructors

Under the Freedom of Information and Protection of Privacy Act (FIPPA), the University is responsible for the security of students’ personal information both on campus and off campus.

Below are some important practices that will help the University meet its privacy protection responsibilities:

Saving Files: Try to avoid saving student personal information to a local hard drive, memory stick or CD. Instead, get in the habit of using the University provided network drives. The network drives are more secure. Contact CCS for more information. If your memory stick has the ability to set a password, please use it.

Portable File Storage: Information that is saved on a laptop, cell phone or other portable device is vulnerable to loss or theft. Please take extra precautions when working or travelling off campus. Password protect your laptop, cell phone and other portable devices.

Working from Home: Do not copy files containing personal information to your home PC. Use network drives, such as OneDrive, and access them from home via a Virtual Private Network (VPN). For information on using VPN, click here.

Email Security: Only use your Carleton email account for University business. Communicate with students only using their cmail accounts. Avoid sending files to or from outside accounts that may not have as high a level of security for all work-related matters. Do not to use email to communicate highly sensitive personal information.

Returning Student Work: Use the secure interface of Brightspace for students to submit work, and for returning graded assignments and tests. Avoid writing a student’s grade on the outside of a test or assignment. Do not leave hard copy assignments or tests unattended outside an office door.

Posting Grades: Do not post grades with student numbers in public areas, including classrooms or online. Use Brightspace tools such as the grade book or assignment drop boxes to communicate grades to students confidentially. For more information on Brightspace tools, consult the TLS Brightspace support webpage.

Retention of Student Assignments and Records: The University requires instructors to keep all course related student records, including unclaimed assignments and examinations, for one year academic calendar year. This also includes electronic records, such as in Brightspace. Please consult Carleton University Retention Schedule website for detailed information on teaching related records, including course syllabi, tests, examinations, and student records.

Information Forms: Whenever information is collected from students, the University is required to provide an official “notice of collection”. If your department is asking students to provide personal information for a field trip or other activity, please have them sign a consent form located on the University’s Privacy Website. Alternatively, the department may wish to include these uses in a notice of collection managed by the department.

Reference Requests: It is recommended that any requests for references (academic and employment) be accompanied by a signed Third-Party Authorization Form found on the Forms page of the Carleton University Privacy Office website.

Questions or comments about these recommended practices may be addressed to:

University Privacy Office
607 Pigiarvik (ᐱᒋᐊᕐᕕᒃ)
1125 Colonel By Drive
Ottawa, ON Canada K1S 5B6
Tel: 1 613 520 2600 ext. 2047
E-mail: University_Privacy_Office@carleton.ca

Was this page helpful?

Yes No

no one has found this useful yet.