Student Records Retention and Disposal Policy

1. Purpose
This Policy outlines the guidelines for the retention and disposal of MNM Maple College’s Records, encompassing various forms of documents, both physical and electronic. It aims to ensure compliance with legal standards, optimize storage resources, preserve institutional history, and facilitate the responsible disposal of outdated Records.

2. Definitions
Records: Any record generated or received in the course of College business, including but not limited to paper documents, emails, electronic files, photographs, audio/video recordings, etc.

Active Record: A Record currently in active use by a College office or function.

Archival Record: An Inactive Record with permanent or historic value, stored in the College Archives.

Electronic Record: A Record stored in electronic format, including word processing documents, spreadsheets, databases, scanned or imaged documents, etc.

Inactive Record: A Record no longer in active use but retained according to the Records Retention Schedule.

Record with Personal Information: A Record containing sensitive personal data, such as social security numbers, financial account details, etc.

3. Responsibilities
Every office or department managing College Records is responsible for:

• Implementing records management practices consistent with this Policy.
• Educating staff in Records management practices.
• Preserving Records as required by this Policy.
• Properly disposing of Inactive Records at the end of their retention period.
• Protecting Records against misuse, damage, or theft.
• Monitoring compliance with this Policy.

4. Ownership of Records
All College Records are considered the property of the MNM Maple College and not of the individuals who create or manage them.

5. Records Retention and Disposal Committee
The MNM Maple College will establish a Records Retention and Disposal Committee to oversee the implementation, monitoring, and periodic review of this Policy. The Committee will include a designated Chair, serving as the College’s Records Retention and Disposal Officer, and representatives from relevant offices and departments.

6. Retention of Records
Refer to the attached Records Retention Schedule for specific periods. For documents not covered in the Schedule, consult the Office of Legal Counsel for guidance. Records related to ongoing or pending audits or lawsuits should not be destroyed until advised in writing by the Committee or the Office of Legal Counsel.

7. Disposal of Records
Expired Records not suitable for the College Archives should be recycled or destroyed. Personal Information-containing Records require special disposal in accordance with Provincial and Federal regulations, including shredding, destroying, or rendering the information unreadable.

8. Storage and Disposal Resources
Archives: The Department of Archives and Special Collections serves as the repository for significant College Records.
Electronic Media and Equipment: For inquiries regarding electronic Records, contact the legal counsel or the Department of Information Technology.
Recycling: Adherence to the rules and regulations of the City of Red Deer Department of Sanitation.
Shredding: Departments use external vendors for Records disposal through designated pick-up schedules.
Storage Facilities: Departments exercise discretion in determining where to maintain their Records, including on-site and off-site locations.

9. Additional Information
This Policy and Records Retention Schedule serve as guiding documents, subject to updates in response to evolving best practices and legal requirements.

Freedom of Information and Personal Information Protection Policy
1. Introduction
MNM Maple College is committed to upholding the principles outlined in the Personal Information Protection Act (PIPA) under Alberta Private Sector Privacy Law. This policy outlines how the College handles personal information, ensures access to information, and addresses privacy concerns.

2. Purpose
This Policy aims to:

a) Provide access to information.
b) Protect personal information and privacy.
c) Establish processes for handling access requests and privacy complaints.

3. Scope
This Policy applies to:

a) All requests for access to information maintained by the College.
b) All members of the College community with access to information maintained by the College.

4. Effective Date
This Policy is effective from Sep 1, 2024. It applies to all information created by the College after this date. Requests for information prior to this date will be processed according to the policies in effect at that time.

5. Access to Information
The College routinely provides certain institutional and other information on its website to the public. This practice will continue.

6. Privacy
The College is dedicated to safeguarding personal and confidential information. Individuals who believe their privacy rights have been breached may file a privacy complaint in accordance with this Policy.

7. Office of the Privacy Officer
The Privacy Office manages access requests and privacy complaints. It also fulfills other associated responsibilities, including educating staff, assisting in searches, addressing complaints, reporting on requests and complaints, and representing the College in interactions following such requests or complaints.

8. Process for Handling Access Requests
Basic Steps:

a) An access request must be submitted in writing, addressed to the College’s Privacy Officer, providing sufficient detail to identify the record(s) sought. The requester must also complete the Access Request Form and pay the initial fee.
b) The Privacy Officer assesses the access request and determines if a search for responsive records is appropriate.
c) If necessary, the Privacy Office contacts the relevant faculty, administrative office, or service to conduct the search.
d) Located records are sent to the Privacy Office, where the Privacy Officer reviews them for applicable exemptions and exclusions.
e) The Privacy Officer notifies the requester of the decision to release records, in part or in full, and provides an estimate of associated fees.
f) Upon payment of fees, the Privacy Office sends copies of responsive records to the requester.

Exemptions and Exceptions:
Certain records are exempt from disclosure to protect institutional interests, privacy, confidentiality, and other vital College concerns. This includes, but is not limited to, information that may invade privacy, harm College interests, affect relationships, compromise safety, or pertain to ongoing investigations.

9. Fees
The College charges a fee for processing access requests. The initial non-refundable fee must be paid before processing begins. Records will not be released until all associated fees are paid. Costs are based on request size and complexity.

10. Process for Handling Privacy Complaints
Complaint:
A privacy breach occurs when there is unauthorized disclosure or access to personal information. Individuals who believe their privacy rights have been breached may file a privacy complaint in writing, addressed to the Privacy Officer.

Basic Steps:

a) Receipt of the privacy complaint.
b) Communication with relevant parties and individuals involved.
c) Consultation with appropriate authorities, if necessary.
d) Notification to the complainant regarding the outcome and steps taken to address the complaint.

11. Protection of Personal Information
Personal information collected by the College is used for legitimate purposes such as program administration, service delivery, and College operations. Disclosure is typically limited to situations where consent is given, disclosure is required by law, or it aligns with the purpose for which the information was collected.

12. Correction
Individuals have the right to request access to their personal information and request corrections. Requests should be directed to the faculty, administrative office, or service holding the information.

13. Reconsideration
If an individual disagrees with a decision made by the Privacy Officer, they may submit a written request for reconsideration to the College’s director (Operations) within thirty (30) days. The decision of the director is final.

14. Responsibilities
The development and maintenance of this Policy is the responsibility of the College President. The administration of this Policy falls under the purview of the Privacy Office.