The Hearing Foundation of Canada is a national non-profit organization dedicated to eliminating the devastating effects of hearing loss on Canadians by promoting prevention, early diagnosis, leading edge medical research and successful intervention. Tiny Ears is a campaign created by The Hearing Foundation of Canada to bring awareness to infant hearing screening and intervention.
Tiny Ears operates in a manner that is consistent with all relevant legislation.
Tiny Ears is responsible for safeguarding all personal information in its possession or custody, including personal information that has been transferred to a third party for processing (e.g., to a consulting firm or individual who is acting on behalf of Tiny Ears). This includes situations where the actions undertaken on Tiny Ears behalf are carried out voluntarily or without charge.
Tiny Ears’ policy and practices for the protection of personal information follow the guidelines established by the Canadian Standards Association, Imagine Canada and other accepted industry standards.
Definition of Personal Information
Tiny Ears defines personal information as any information that can be used to distinguish, identify or contact a specific individual. Exceptions include business contact information and publicly available information such as name, address and telephone numbers as published in telephone directories. Where an individual uses his or her home contact information as business contact information, Tiny Ears considers such information not to be subject to protection as personal information.
This policy does not cover aggregated data from which the identity of an individual cannot be determined.
All personal information collected by Tiny Ears will be used only for purposes that are defined and explained in advance to the individual, and that use or disclosure for any other purposes will only be undertaken after the informed consent of the individual.
- Principle 1- Accountability
Tiny Ears Executive Director is responsible for the personal information under its control or custody even though other individuals within Tiny Ears may be responsible for the day-to-day collection and processing of personal information.
This includes the responsibility to:
Maintain adequate policies and practices;
Monitor compliance with the established policies and practices;
Respond to real or potential privacy breaches; and
Respond to questions and concerns, and to requests to access personal information.
- Principle 2 – Identifying the Purpose
Tiny Ears will identify the purposes for which personal information is collected at or before the time the information is collected.
- Principle 3 – Consent and Notice
Tiny Ears will obtain the informed consent of individuals before or when it collects, uses or discloses personal information, except where authorized by law.
Individuals can give consent in many ways and the form of the consent sought by Tiny Ears may vary, depending upon the circumstances and the type of information. In determining the form of consent to use the Foundation will take into account the sensitivity of the personal information.
Tiny Ears will not, as a condition of the supply of a product or service, require an individual to consent to the collection, use or disclosure of personal information beyond that required to fulfill the explicitly specified and legitimate purposes of Tiny Ears.
An individual may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Tiny Ears will inform the individual of the implications of such withdrawal of consent.
- Principle 4 – Limiting Collection
Tiny Ears will limit the collection of personal information necessary for the purposes identified by Tiny Ears. Information shall be collected by fair and lawful means.
- Principle 5 – Limiting Use, Disclosure and Retention
Tiny Ears will not use or disclose personal information for purposes other than those for which it was collected, except with the consent of the individual or as permitted by law. Personal information will be retained only as long as necessary for the fulfillment of those purposes.
- Principle 6 – Accuracy
Tiny Ears will keep personal information as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
- Principle 7 – Safeguards
Tiny Ears will protect personal information with safeguards appropriate to the sensitivity of the information. The methods of protection shall include:
Physical measures, such as locked filing cabinets and restricted access to offices;
Organizational measures, such as security clearances and limiting access to personal information on a “need-to-know” basis, and
Technological measures, such as the used of passwords, encryption and protection of data –integrity.
- Principle 8 – Openness
Tiny Ears will make readily available to individuals specific information about its policies and practices relating to the management of personal information in its custody and control.
- Principle 9 – Individual Access
Upon written request, and subject to exemptions stipulated by law Tiny Ears will inform an individual of the existence, use, and disclosure of his or her Personal Information and person will be given access to that information. An individual may challenge the accuracy and completeness of the information and have it amended as appropriate. Exceptions to the access requirement will be limited and specific, and include:
Contains references to other individuals;
Cannot be disclosed for legal, security, or commercial proprietary reasons; and
Subject to solicitor-client or litigation privilege.
Principle 10 – Response to Concerns and Suggestions
An individual shall be able to address a challenge concerning compliance with the above principles to a designated individual.
Tiny Ears will investigate all complaints and take appropriate measures, including, if necessary, amending its policies and practices.
Inquiries or concerns are to be sent to the Foundation’s, Mary Smirle, at firstname.lastname@example.org.