An investigation by the Office of the Information and Privacy Commissioner has determined that employees of the Calgary Police Service accessed personal information of another employee without that individual’s authorization.
The complainant had made a Freedom of Information and Protection of Privacy (FOIP) request for access to information to determine if their name had ever been accessed on the CPS Police Management System. The request showed that the individual’s name had been accessed seven times.
The employees who had accessed the information gave various reasons for running the queries. The investigation by the Office of the Information and Privacy Commissioner determined that certain employees had accessed the complainant’s personal information inappropriately.
The investigation found that Calgary Police have taken measures to protect personal information from unauthorized access but made a number of recommendations, which include:
- Regular spot audits of the information system.
- A requirement that employees be required to enter a reason for queries.
- Ensuring that employees who have access to the information system log off if they leave their workstations.
- Further training to remind employees of their obligations.