Privacy and Remote Meetings

Guidelines on videoconference and teleconference Meetings

Care must be exercised to manage and protect privacy during meetings held remotely through the use of technology. In the context of this guidance a “meeting” could include things such as, but not limited to: departmental meeting, faculty council meeting, committee meeting, meeting with a colleague or one’s supervisor or director.  In addition, this could include things such as work events, services, or gatherings, as well as presentations, talks, or training sessions. For “meetings” held in the context of Teaching and Learning within the academic environment, please see Keep Learning.   

Whether you are the host or a participant, take note of these tips for enhancing privacy.

• Ensure that you are familiar with the platform being used, including guidance on how to enable security and privacy safeguards. Assistance and resources for this can be accessed through Staying Connected while Working Remotely or the IST Service Desk ext. 44357.
• Find a quiet space without interruptions and limited background noise. Be particularly aware of who can listen to or view your meeting and ensure that confidential conversations are not inadvertently overheard or seen. Using earphones or a headset will reduce what is overheard (and will also help avoid feedback and echoes).
• When your video camera is enabled, be aware of what is in your background - have a plain background as much as possible or blur your background.  If your surroundings can be seen, then have a “clean” work area so that personal objects (e.g., family photographs, etc.) are minimized.
• Be cognizant of “screen sharing” or “sharing options” to ensure that only what you want visible is actually visible to others. An alternative is to specifically upload to the meeting any material that you wish to be shared.

Recording

Recording a meeting puts everyone in the position of potentially having their information recorded in a number of ways, either with their direct participation (e.g., video, audio, chat) or through indirect means (i.e., online identifier, such as name or telephone number). These conditions raise privacy concerns that should be taken into account. In the limited number of cases where recording is warranted under established University procedures (e.g., online admissions interviews, interviews of position candidates, recordings used by committee secretaries to create meeting minutes), the following must be considered:

Notice of recording: 

• If recording a meeting is necessary, give participants as much advanced notice as possible –indicating the purpose of the recording and who intends to record. Notice to participants should also be repeated at the beginning of the meeting, before recording has started. Some tools such as Microsoft Teams automatically notify participants when a meeting is being recorded. Providing notice to participants about recording activity is not new. Some examples are the University’s existing notice of photography and image release forms.
• Participants should be provided the contact information for someone who can assist with any questions or concerns about recording, such as not wishing to be recorded, being in a significantly different time zone, not having the technological means to participate, or being disadvantaged in any way by video/audio recording.

Policies and guidelines:

• Recordings are subject to the Freedom of Information and Protection of Privacy Act (FIPPA), as well as University policies and guidelines.
• Committee chairs and secretaries planning to record their committee meetings should review the Recordkeeping guidelines for University committees.

Storage and disposal:

• Always store recordings in a University system – SharePoint or a University file server, for example. Recordings should not be stored long-term on any personal device, even if that device has been safeguarded through encryption and password protection. Over time, recordings that are being stored on personal devices may be forgotten which then can pose a risk for inadvertent access or disclosure of personal information.
• With few exceptions, recordings are transitory University records which should be securely disposed of at the earliest opportunity.   
• The disposal/destruction of recordings which include personal information of students or other individuals should be documented using the University records destruction form or equivalent documentation. Documenting the disposal of records containing personal information is a requirement of FIPPA and of Policy 46 – Information Management.
• If you are unsure whether your recordings are transitory records, or believe they should be retained for an extended period of time, contact the University Records Manager for advice.

Limitation and Risk:

• Recording is not without limitation and risk which may include: (1) limitations to ensuring privacy security of information despite reasonable efforts; (2) unauthorized copying and disclosure, disclosure as required by law, access to information requests; and (3) introduction of malware into computer system, which could potentially damage or disrupt computer, networks, and security settings.  The University is not responsible for connectivity/technical difficulties or loss of data that is associated with participants’ own hardware, software, or Internet connection.

Questions or Concerns

If you have questions about the above guidance, or if you have additional questions about protecting University records containing personal information or about our responsibilities under Freedom of Information and Protection of Privacy legislation, please contact the Privacy Team, Assistant University Secretary and Privacy Officer.

For questions specific to videoconferencing or teleconferencing, individuals should contact their departments or access resources which are available through Staying Connected while Working Remotely, or the IST Service Desk  ext. 44357.