The exchange of personal data can involve the Canadian Charter of Rights and Freedoms. The fact that a disclosure is expressly authorized by the Privacy Act or any other act of Parliament does not automatically guarantee compliance with the Canadian Charter of Rights and Freedoms. Consideration of these laws, the Canadian Charter of Rights and Freedoms and the ancillary rights regime create the legal framework that should be reviewed to determine whether there are legal restrictions on the proposed activity for data exchange. It is recognized that the interactions between these legal areas are quite complex and will often require technical legal advice. As a general rule, only the information necessary to achieve the research objective should be provided. It is therefore very important that the researcher`s request be concrete on the information requested and on the timetable. If such a notification is made to a federal government agency under the Data Protection Act, the law requires the institution to correct or rate a copy of the information it controls. Although the law requires an institution of the federal government to notify other recipients of the correction or rating, the law does not require recipients who are not subject to the Data Protection Act to correct or modify the information contained in their records. Below, you`ll find a list of items that are usually included in a data sharing agreement. While this list may cover the databases, additional concerns may be relevant to a data set or supplier agency.
Another alternative is the depersonalization of information; However, if this is used, it should not be possible to re-link the information to identifiable individuals. Institutions should also be assured, as far as possible, that the receiving party will not attempt to reintegrate persons. When an institution regularly exchanges personal data under this provision, it is recommended that a written agreement be reached. Even within the institution, there must be a legal authority (usually legislation) to allow the exchange of personal data between its programmes. Although information exchange agreements are sometimes used when personal data is exchanged between programmes of the same institution, there is no need for written agreements. However, the exchange of this information must be in accordance with the Data Protection Act and be taken into account in the information banks of the institution`s staff in the publication of TBS Info Source. It is not a binding treaty per se, but rather a structured framework for the exchange of information. Other statutes, such as the Canada Pension Plan Act, the Old Age Security Act and the DNA Identification Act, to name a few, also contain restrictions or prohibitions on the disclosure of personal data. In accordance with Sections 10 and 11 of the Data Protection Act, public institutions must describe all personal data under their control in a personal data bank (GDP) or a class of personal data. All bank descriptions of personal information must also contain a statement on the purposes for which the information is used. The Data Protection Act does not limit the use and disclosure of certain types of personal data. These exceptions are described in section 3, paragraphs (j) at m), and contain some information on corporate positions, functions and contact information in the public service; Certain information about people who provide services under a contract with a public body; Information on discretionary financial benefits and information on people who have been dead for more than 20 years.