Acadia is guided by its own privacy and security policies and by government legislation.
Acadia is a public institution as defined under Nova Scotia’s Freedom of Information and Protection of Privacy Act (FOIPOP).
With FOIPOP, the university has two main obligations:
- Protect the privacy of individuals it employs, does business with, accepts as students and considers alumni.
- To review requests for Release of Information that is accessible according to sections of the Act and its accompanying regulations.
Acadia is also subject to several other pieces of legislation:
- The Personal Information International Disclosure Act that governs the storage and access to information outside of Canada, and
- The Canadian Personal Information Protection and Electronic Documents Act that governs privacy and data security at a federal level, and
- The EU General Data Protection Regulation that applies to data associated with European citizens and impacts international university partnerships.
Employing Best Practices
Like every organization and business, Acadia collects and stores vast amounts of information. To ensure this information is protected Acadia follows these general guidelines that are considered best practices:
- Collect personal information only to fulfill operational requirements.
- Use personal information for the purpose it was collected.
- Share personal information within Acadia on a need-to-know basis.
- Do not share personal information outside Acadia without required approval.