Access to Information

Departmental Procedures To Process Access To Information Requests

When a department receives a request for access to information, they need to determine if the requested information contains any confidential or personal information as defined by the Act, and then proceed depending on the contents of the documents. By following these steps, you can determine if a routine disclosure can be made, or if the records first need to be reviewed and severed.

Definitions:

routine disclosure – releasing records where there are no confidentiality or privacy concerns as defined by the Act.

sever – the blacking out of confidential or personal information prior to records being released.

Receiving a Request

1. Determine which records contain the information the applicant wants and where these records are located.


2. Determine whether or not any of the records contain information to which FOI/POP Act exceptions apply.

3. If you determine that no exceptions under the Act apply to the information because:

  • the records contain no personal information about third parties (ie. someone other than the applicant); or
  • the records contain no general information that the department believes is confidential,

then the request can be handled informally; routinely disclose this information to the applicant, either verbally or by producing for the applicant a copy of the relevant records.

4. If you determine that the records have at a previous time been sent to or received from the applicant -- either directly or by cc -- then the request can be handled informally; routinely disclose this information to the applicant, either verbally or by producing for the applicant a copy of the relevant records. Note that:

  • the evidence for this should be contained in the records themselves (eg. "To [Applicant]," "From [Applicant]," or "Cc. [Applicant]");
  • the evidence may be found in University Policies and Procedures (eg. University Policy stipulates that a Harassment Investigative Report be sent to both parties to the complaint);
  • it is not sufficient merely to think that the applicant at some time previously might have seen the records;
  • it is not sufficient that the applicant at some time previously saw or received the records inappropriately.

If in doubt, contact the Information and Privacy Officer for advice on how to proceed.

5. Deadline: If you determine that the information can be routinely disclosed, it is the law that you must disclose the records to the applicant within 30 working days of receiving the request.

6. If you determine that exceptions to this information may apply under the Act because the records contain:

  • personal information about third parties; or
  • general information that the department believes is confidential; and
  • the records were not previously sent to or received from the applicant,

then the request must be treated formally.

7. If you determine that the information cannot be routinely disclosed:

  • tell the applicant that he or she will have to make a formal, written request for access under the Act, if their request was originally made verbally;
  • the request should be addressed to the head of the department;
  • if the request was originally submitted in writing, this will be taken as the formal, written request.

8. Upon receiving the formal, written request, notify the Information and Privacy Officer.

9. Send the written access request to the Archives and Records Management Department, either by hand-delivery or inter-office mail. The Archives and Records Management Department is the office of record for formal access requests and maintains the original on file.

  • if a copy is sent by fax or email, make sure the original letter of request follows by hand-delivery or inter-office mail;
  • if it is sent by inter-office mail, first place the letter of request in a sealed envelope, then place that envelope in the inter-office mail envelope; mark and seal it "Confidential";
  • retain a copy of the request in your own files -- you may wish to maintain a separate file for each access request involving your department, or (because these are likely to be few in number) one file for all correspondence relating to access requests received in a given calendar year.

10. Upon receipt of a formal, written request for access to information, the Archives and Records Management Department will:

  • assign an Access Request Number to the case -- refer to this number in all your correspondence with both Archives and the applicant;
  • co-ordinate the search for records responsive to the applicant's request, if records are held by different departments - you may be contacted even though your department did not itself receive the original request.

Processing a request

11. Department staff are required to search for, locate and retrieve all records responsive to the applicant's request.


12. Make a photocopy the records:

  • make all copies single-sided;
  • if a document is double-sided, convert it to single-sided;
  • do not staple, paper clip or use other fasteners to attach photocopied records together;
  • when photocopying is completed, return the original records to the appropriate file folders and storage location.

13. Organize the photocopied records in chronological sequence from oldest to most recent dates.


14. Review the photocopied records and sort them into two categories:

First category (routine disclosure):

  • FOI/POP exceptions do not apply because the records contain no third party personal information or no general information that the department believes is confidential or the records were previously sent to or received from the applicant -- the Department is responsible for routinely releasing this information directly to the applicant

Second category (formal review):

  • FOI/POP exceptions do apply -- the Archives and Records Management Department is responsible for reviewing, severing, preparing, and disclosing these records to the applicant, for communications with the applicant regarding these records, and for documenting the review.

15. Disclose to the applicant the photocopied records in the first category where routine disclosure is appropriate; include a covering letter cc'd to the Archives and Records Management Department. (See the sample form letter entitled "Routine Release of Information Letter ".)


16. Send the photocopied records in the second category where formal review is required to the Archives and Records Management Department by hand-delivery or inter-office mail:

  • if you send them by inter-office mail, first place the documents in a sealed envelope, then place that envelope in the inter-office mail envelope; mark and seal it "Confidential."

17. Upon receiving the records, the Information and Privacy Officer will quickly scan them; if you have included records which appear to be subject to no exceptions under the Act, we will consult with you and, if necessary, return these records to you for further consideration.


18. If we have returned records for you to reconsider, please re-examine them closely:

  • if you determine that FOI/POP exceptions do not apply to them, routinely release this information to the applicant.
  • if you still consider that FOI/POP exceptions do apply to the records, forward them again to the Archives and Records Management Department, together with an explanation of which exceptions you believe are applicable and why.

19. When the University has completed processing the access request, all departments involved will be cc'd the University's final decision letter to the applicant:

  • file your copy of this letter with your copy of the original request and any other correspondence relating to this request.