The United Church of Canada follows ten principles for handling of personal information outlined in schedule 1 of PIPEDA which include accountability, identifying purpose, consent, limiting collection, limiting use, disclosure, and retention, accuracy, safeguards, openness, individual access, challenging compliance.
Questions regarding privacy legislation and policies can be addressed to the General Council Archivist.
What is personal information?
Personal information includes any factual or subjective information, recorded or not, about an identifiable individual – that is, it is information which can, directly or indirectly, identify the individual. This information can be in paper or electronic form and can include:
- Home address
- Home phone number
- Personal email address
- National or ethnic origin
- Sexual orientation
- Marital status
- Mental or physical disability
- Family members’ names
- Employee files
- Identification numbers
- Disciplinary actions
- Existence of disputes
- Social status
- Credit and bank records
- Donation information
- Loan records
- Medical records
The following are some examples of personal information collected by the United Church:
- Personal information of ministry personnel, employees, elected and appointed members, volunteers, donors and retail customers are collected and maintained by The United Church of Canada.
- Employees and pensioners of the Church have confidential and secure personnel, pension, benefits and payroll files
- Personal information is often required to accommodate event attendance and programs.
- All personal information is the property of the church and all individual have controlled access to their personal information
Levels of Privacy
Personal information will be inventoried and assigned one of the three levels of privacy.
Level 1 – Highly Restricted Personal Information
Information is very sensitive and if shared or published inappropriately or harvested electronically for fraudulent activities such as identity theft, has the potential of damaging people’s lives and/or their well-being and would likely bring about legal action against the church. The information issued for internal judicial decisions, identifies donor designations, career development, compensation determination and legal action.
Level 2 – Confidential Personal information
Information is somewhat sensitive and if inappropriately shared, published, or harvested electronically could contribute to fraudulent activity such as identify thefts, and bring about hardship or embarrassment to an individual and/or the church, or may bring about legal action against the church. The information is used for career development and legislative compliance. This information is considered private, but more individuals have controlled access to it than the information in Level 1.
Level 3 – General Information
Information is not sensitive and can be shared. This information is no restricted and many can have access to it. It is collected to assist the department in the accomplishment of their tasks. There is no confidential or restricted personal information included in this level.
There are some actions that employees can undertake to ensure the privacy of records and information:
- Personal information can only be used for the purposes in which it was collected.
- Personal information should be stored under lock and key or securely on a server and only certain authorized individual should have access to it.
- Personal information that is no longer required should be destroyed expect in cases where federal and/or provincial retention rules apply.
Privacy and Registers
Information held in baptismal, marriage and burial registers is considered personal information collected for a specific purpose and is held in sacred trust. Information held in the registers have specific retention period governed by applicable legislation.
Information held in these registers cannot be transferred to any other organization, be microfilmed, or copied.
Individuals will have access to their personal individual information. Requests for this information must be made in writing. Individuals may also give permission to someone else to view their information. A certified transcript of the original record can be generated by the Conference Archives for those that need a copy of their personal information. A fee may apply for the creation of the certified copy. A reproduction, (scan, photocopy or digital camera image), of the register is only permitted for legal purposes.
The Conference Archives has also developed a handout on privacy and records for congregations.