The university is responsible for the security of students’ personal information under the Freedom of Information and Protection of Privacy Act (FIPPA). It is important that our practices in dealing with students are in line with the requirements of the Act. Please see below for a summary of important points, as well as the FIPPA website for further information on the Act as well as on whom to contact should you have questions. 

Privacy Protection: Best Practices for Faculty and Instructors

Under the Freedom of Information and Protection of Privacy Act (FIPPA), the University is responsible for the security of students’ personal information both on campus and off campus.

Here are some best practices that will help the University meet its privacy protection responsibilities:

Saving Files: Try to avoid saving student personal information to a local hard drive, memory stick or CD. Instead, get in the habit of using the University provided network drives. The network drives are more secure. Contact CCS for more information. If your memory stick has the ability to set a password, please use it.

Travel Security: Information that is saved on a laptop, cell phone or other portable device is vulnerable to loss or theft. Please take extra precautions when working or travelling off campus. Password protect your laptop, cell phone and other portable devices.

Working at Home: Try not to copy files containing personal information to your home PC. It is better to store documents on your network drives, and access them from home via a Virtual Private Network (VPN). For information on using VPN, click here.

Email Security: Please use your Carleton email account for University business. Try to avoid sending files to or from outside accounts that may not have as high a level of security for all work-related matters. Email users may sometimes forward messages to unintended recipients by accident. To avoid the possibility of this type of privacy breach, it is best not to use email to communicate highly sensitive personal information.

Returning Student Work: Avoid writing a student’s grade on the outside of a test or assignment. Instead write the grade on an inside page. Do not leave assignments or tests unattended outside an office door.

Posting of Grades: The University strongly discourages the practice of posting grades with student numbers in public areas. Use Brightspace to communicate grades to students confidentially. Please contact the EDC for more information, ext. 4433.

Retention of Exams and Assignments: The University requires departments to keep unclaimed marked assignments and examinations for one year.

Information Forms: Whenever information is collected from students, the University is required to provide an official “notice of collection”. If your department is asking students to provide personal information for a field trip or other activity, please have them sign a consent form located on the University’s Privacy Website.  Alternatively, the department may wish to include these uses in a notice of collection managed by the department.

Reference Requests: It is recommended that any requests for references (academic and employment) be accompanied by a signed Third-Party Release for Information. This can be found on the University’s Privacy Website.

Questions and Concerns: Questions or comments about these recommended practices may be addressed to:

University Privacy Office
607 Robertson Hall
1125 Colonel By Drive Ottawa, ON Canada
K1S 5B6
Tel: 1 613 520 2600 ext. 2047
Fax: 1 613 520-2391
Email: University_Privacy_Office@carleton.

Was this page helpful?

no one has found this useful yet.