Use of Personal Information for Academic or Statistical Research Policy

Use of Personal Information for Academic or Statistical Research Policy

1.0 PURPOSE

This procedure sets out the process for access to personal information by researchers for
academic or statistical research purposes.

2.0 SCOPE

This procedure applies to academic researchers who seek to use personal information that
is in the custody or under the control of Alberta College (“College”) for
academic or statistical research purposes.

3.0 DEFINITIONS

3.1 “academic research” means an academic inquiry or investigation that is
undertaken by an academic researcher with the intention of peer dissemination;

3.2 “academic researcher” means:

(i) an employee of the College who is bound by the Alberta College InstructorsAgreement;

(ii) an employee of the College who holds an academic employment but is not bound by the Alberta College Instructors Agreement
Agreement;

(ii) an academic who is an employee of a post-secondary institution and
member of a faculty association of that post-secondary institution; or

(iii) a student of the College who conducts a research as part of a course of
study;

3.3 “personal information” means recorded information about an identifiable
individual, including:

(i) the individual’s name, home or business address or home or business
telephone number;

(ii) the individual’s race, national or ethnic origin, colour or religious or
political beliefs or associations;

(iii) the individual’s age, sex, marital status or family status;

(iv) an identifying number, symbol or other particular assigned to the
individual;

(v) the individual’s fingerprints, other biometric information, blood type,
genetic information or inheritable characteristics;

(vi) information about the individual’s health and health care history, including
information about a physical or mental disability;

(vii) information about the individual’s educational, financial, employment or
criminal history, including criminal records where a pardon has been
given;

(viii) anyone else’s opinion about the individual; and

(ix) the individual’s personal views or opinions, except if they are about
someone else.

3.4 “privacy department” means the Privacy and Information Management
Department;

3.5 “record” means a record of information in any form and includes notes, images,
audio-visual recordings, x-rays, books, documents, maps, drawings, photographs,
letters, vouchers and papers and any other information that is written,
photographed, recorded or stored in any manner, but does not include software or
any mechanism that produces records.

4.0 REGULATIONS

4.1 An academic researcher who wishes to use personal information that is in the
custody or under the control of the College for academic or statistical research
purposes must, prior to the commencement of the research, submit an application
for ethics review to the Research Ethics Board of the College.

4.2 Upon receipt of an application for ethics review from an academic researcher
whose research involves the use of personal information that is in the custody of
the College, the Research Ethics Board will request the academic researcher to
submit an application to access personal information to the privacy department.

4.3 An academic researcher’s application to use personal information for research
must outline the following:

(i) a general description of the research project, including the objectives of
the project and the proposed methods(s) of analysis;

(ii) an explanation of why the research project cannot be accomplished
without access to personal information about identifiable individuals;

(iii) a detailed explanation of how the personal information will be used,
including a description of any proposed linkages to be made between
personal information in the records requested and any other personal
information;

(iv) the expected period of time during which access to these records may be
required and the records used;

(v) a description of the security measures and access control to be put in place
to safeguard the personal information from dissemination outside the
scope of the research; and

(vi) if the personal information obtained from the College will be stored on
a server or file storage system that is outside the control of the College,
a statement of the security measures employed by the owner of the
external server or file storage system.

4.4 If the privacy department is satisfied with the controls regarding security and
confidentiality of the personal information to be used for research purposes, it
may approve the academic researcher’s application to access the personal
information that is in the custody of the College and request the academic
researcher to sign a document that obligates the academic researcher to:

(i) maintain the security and confidentiality of the personal information to
which he/she has been granted access by the College;

(ii) remove or destroy personal identifiers at the earliest possible time;

(iii) only use the personal information for this research and are prohibited from
any subsequent use or disclosure of the personal information without the
express authorization of the privacy department; and

(iv) comply with these conditions, the Freedom of Information and protection
of Privacy Act the privacy policy and this procedure.

4.5 An academic researcher who has been granted access to personal information by
the College is prohibited from subsequently using or disclosing the information
in an individually identifiable form.