The firm provides the following services:
- Advice on health law and administrative law issues;
- Privacy and access to information compliance services;
- Drafting and negotiating supplier and other business contracts, and creating contract templates for recurring contractual relationships;
- Advice on information ownership and governance; and
- Drafting and negotiating supplier contracts in the area of medical research.
Please see below for further detail regarding privacy and access to information compliance services.
Privacy and Access to Information Compliance Services
- Privacy and Access to Information Risk Management [more]
- Privacy/ Access to Information Audits and Privacy Impact Assesments [more]
- Privacy Officer Advising [more]
- Legal Investigations and Hearings [more]
- Workshops and Seminars [more]
PRIVACY AND ACCESS TO INFORMATION COMPLIANCE SERVICES
Privacy and Access to Information Risk
Failure to implement an adequate privacy program places an organization at risk of legal liability as well as at risk of significant negative customer relations, brand, public relations, corporate governance, and human resources effects.
Streamline Counsel provides organizations with the solution to addressing and managing this risk. We will set out the specific steps to compliance for the organization, and will advise with respect to all aspects of the design and implementation of an organization-wide privacy program.
For government authorities and other public bodies we advise with respect to compliance with the British Columbia Freedom of Information and Protection of Privacy Act, including in the establishment of standard operating procedures for the handling of access requests and the protection of client and employee records.
Privacy breaches such as the theft of portable devices containing client or employee personal information carries high risk of significant cost for an organization. How a privacy breach is investigated and managed is critical to reducing costs, restoring an organisation's reputation, and repairing relations with the breach victims. We advise organizations with respect to all aspects of managing privacy breaches, from investigating breach causes and responding to media and client questions, to implementing policies to prevent breach recurrence.
Privacy Audits and Privacy Impact Assessments
Information Inventory / Privacy Audit- The First Step in Compliance
Streamline Counsel supports organizations in conducting an in-depth assessment of their existing privacy environment. A review of the organization's practices will reveal the manner in which personal information is collected, used, disclosed and stored. This type of audit is a critical first step towards compliance with privacy laws and regulations.
Streamline Counsel supports public sector clients in conducting an in-depth assessment of their existing privacy and access to information environment. A review of the organization's practices will reveal the manner in which personal information is collected, used, disclosed and stored, and the manner in which public access to the organization's records is provided. This type of audit is a critical first step towards compliance with access to information and privacy laws and regulations.
Diagnostic Audit of Current Privacy Program
/ Access to Information Compliance Program
For private sector organizations which have already developed some privacy procedures, this diagnostic assessment will review and analyze what further steps are required to meet privacy compliance. An analysis of personal information collection, use, disclosure, and storage will be undertaken, and all privacy policies and procedures will be reviewed and assessed.
For government authorities and other public bodies we also conduct diagnostic assessments where we review and analyze what further steps are required to meet compliance with the British Columbia Freedom of Information and Protection of Privacy Act. Privacy and access to information policies and procedures will be reviewed and assessed.
Privacy Impact Assessments
Streamline Counsel will assess any new programs or services an organization wishes to offer, or assess a new records management system, in order to determine the privacy impact and to assist the organization in avoiding legal penalties, negative media coverage, costly data theft or data breach incidents, and other risks. This assessment will clearly set out options for the organization to manage the compliance and other risks identified and recommend any policy amendments and additional steps the organization should undertake prior to the implementation of the new initiative.
Recent changes to the British Columbia Freedom of Information and Protection of Privacy Act require all public sector organizations to conduct an in depth assessment of compliance with all privacy requirements set out in the Act prior to implementing any "new system, program, or activity" which involves personal information. This in depth assessment is called a Privacy Impact Assessment (PIA) and will be required, for example, whenever a new electronic system containing any personal information is implemented, in most cases where there will be a new use of personal information previously collected, and with most outsourcing activities. In some cases the PIA must be submitted to the enforcement authority for review. Streamline Counsel will advise the organization in conducting the Privacy Impact Assessment and will set out a compliance risk mitigation plan as part of the assessment.
Having organization-wide privacy policies to protect personal information collected, used, and disclosed is a legal requirement.
Streamline Counsel has the legal expertise required to draft an organization's privacy policies so that they comply with the applicable privacy legislation. In addition to ensuring legal compliance, our experts draft policies so that they benefit an organization from a corporate governance, client relations, investor relations and human resources perspective.
In addition to drafting legally compliant privacy policies, Streamline Counsel offers practical "on the ground" advice on how to implement the policies and how to train staff in meeting all policy requirements.
Our privacy lawyers and
experts can advise any Privacy Officer:
- With respect to the investigation and determination of specific privacy complaints;
- In how to meet legal as well as business requirements in implementing an internal process for handling privacy inquiries and complaints;
- In how to meet legal as well as business requirements in implementing an internal process for handling requests for access to personal information;
- In how to meet legal as well as business requirements in setting up a privacy breach management program;
- With respect to the legal exceptions to consent, and whether an organization is permitted to disclose personal information to a government authority or investigative body which requests it; and
- With respect to any other privacy issues the organization may face.
We also prepare data access and information sharing agreements for public and private sector organizations.
Legal Investigations and Hearings
Our privacy lawyers and experts have the experience to advise organizations dealing with the Office of the Privacy Commissioner or other privacy law enforcement authorities.
We advise organizations which are the subject of enforcement audits. We also advise organizations which are parties to enforcement authority privacy complaint or access request investigations and hearings. We advise not only with respect to privacy legal requirements, but also with respect to customer and employee relations, media coverage issues, and "best practices".
Workshops and Seminars
Privacy training for staff is legally required. Streamline Counsel offers workshops and seminars to enable organizations to meet this legal requirement and to realize the benefits of privacy compliance from a customer relations, marketing, public relations, and human resources perspective. All Streamline Counsel workshop leaders have legal as well as extensive teaching and training experience. We offer seminars and workshops "in-house".
Contact us for information about our