PRINCIPLE #1 — CAGS IS RESPONSIBLE FOR THE PERSONAL INFORMATION UNDER ITS CONTROL.
CAGS is accountable for all personal information in its possession or control, including any personal information collected about members, fellows, residents, students and non-member CPD delegates either collected directly by CAGS or from a CAGS stakeholder such as an academic institution.
CAGS has done the following to properly protect the personal information it collects:
– put in place policies and procedures aimed at protecting personal information;
– educated its staff and volunteers on the interpretation and implementation of those policies and procedures and
– appointed a Privacy Officer to oversee privacy issues.
PRINCIPLE #2 — CAGS IDENTIFIES, BEFORE OR AT THE TIME OF COLLECTION, THE PURPOSES FOR WHICH IT COLLECTS PERSONAL INFORMATION.
CAGS identifies the purposes for collecting Personal Information and obtains consent prior to such use.
The primary purposes for which we collect and use Personal Information include:
– to provide services to members;
– to respond to member and other stakeholder inquiries;
– to complete a transaction related to registration for a CAGS event;
– to provide certificates of attendance for MOC credits;
– to manage applications and communicate with applicants for research awards;
– to advise members and others of CAGS services that may be of interest;
– to send electronic communication that may interest stakeholders, or to which they subscribe, such as newsletters;
– to gather feedback and usage data in order to conduct research / analytics to better understand the needs of members and other stakeholders;
– to present non-CAGS content and advertising that is customized to member interests.
We may also use Personal Information as otherwise permitted or required by law.
PRINCIPLE #3 — CAGS ENSURES KNOWLEDGE AND CONSENT BEFORE COLLECTING, USING OR DISCLOSING PERSONAL INFORMATION.
CAGS explains options and obtains implicit or explicit consent at the time of or prior to collecting, using or disclosing Personal Information. We will always collect Personal Information by fair and lawful means (for example, when an application form is completed or when registering for an event). We may collect Personal Information from third parties, for an example from a university, to register resident members. We also collect Personal Information where we have obtained consent to do so or as otherwise permitted or required by law. Where is it reasonable to do so, or permitted by law, we may rely on implied consent.
Except as required to process a transaction, to maintain records or as required or permitted by applicable law, providing us with personal information is voluntary. Any member or other stakeholder may withdraw or modify their consent at any time, subject to legal and contractual restrictions, provided that reasonable notice is provided. Refusal or withdrawal of consent from use of personal information may result in CAGS being unable to provide certain services.
From time to time, CAGS will email information to members and other stakeholders. Members who do not wish to receive such mailings, may modify their communication preferences on the member’s use profile in the Member Portal.
Personal Information is any information that is identifiable to an individual. This information may include, but is not limited to, name, mailing address, phone numbers, email address, identification numbers, credit card numbers and banking information. Personal Information, however, generally does not include information gathered, used or disclosed solely for the purpose of communicating or facilitating communication with an individual in relation to their employment, business or profession such as the individual’s name, position name or title, work address, work telephone number, work fax number or work electronic address.
PRINCIPLE #4 — CAGS COLLECTS ONLY THE PERSONAL INFORMATION IT REQUIRES FOR PURPOSES OF PROVIDING SERVICES AND OTHER IDENTIFIED ACTIVITIES.
CAGS ensures it collects only the personal information it needs to provide services to members, non-member delegates and other stakeholders and to conduct is activities. No superfluous personal information will be requested.
CAGS may also collect information about website viewers’ online activities and their computer or other electronic device. This information may include the Internet Protocol (IP) address, domain name, browser type, date and time of the viewers request and information provided by tracking technologies, such as cookies. This information does not identify any individual.
This collection of information is a standard function of most software/websites that many of us access on a daily basis. CAGS does not use this data and would never attempt to identify or single-out a user.
PRINCIPLE #5 – CAGS USES AND DISCLOSES PERSONAL INFORMATION ONLY FOR PURPOSES FOR WHICH IT HAS CONSENT OR AS PERMITTED OR REQUIRED BY LAW AND RETAINS PERSONAL INFORMATION ONLY AS LONG AS NECESSARY TO SERVE THOSE PURPOSES.
CAGS identifies to whom, and for what purposes, it will disclose Personal Information, at the time of or prior to collecting such information and will obtain consent to such disclosure. For example, we may:
– transfer Personal Information to our volunteers, for the purposes of the volunteers performing volunteer functions;
– transfer Personal Information to third party service providers with whom we have a contracted agreement that includes appropriate privacy standards, such as service providers that provide communication services support or data storage or processing – for the purpose of, for example, providing member benefits, facilitating commercial transactions with us or offering educational programming;
– disclose Personal Information to such persons and for such purposes for which consent is provided or as otherwise permitted or required by law.
We may keep a record of Personal Information, correspondence or comments in a file specific to members. We will utilize, disclose or retain Personal Information only for as long as necessary to fulfil the purposes for which it was collected and as permitted or required by law.
PRINCIPLE #6 — CAGS ENDEAVOURS TO KEEP PERSONAL INFORMATION ACCURATE, COMPLETE AND UP-TO-DATE TO PROPERLY SATISFY THE PURPOSES FOR WHICH IT WAS COLLECTED.
CAGS ensures that Personal Information is kept as accurate, complete and up-to-date as possible based on information provided to us. We ask that members supply us with written updates of their Personal Information, when warranted. This can be done by revising the member’s user profile in the CAGS Member Portal.
PRINCIPLE #7 — CAGS PROTECTS THE PRIVACY OF PERSONAL INFORMATION THROUGH SECURITY APPROPRIATE TO THE SENSITIVITY OF THE INFORMATION.
We have implemented physical, organizational, contractual and technological security measures to protect Personal Information from loss or theft, unauthorized access, disclosure, copying, use or modification. The only employees who are granted access to Personal Information are those with a business ‘need-to-know’ or whose duties reasonably require such information.
Please note that it is each member’s responsibility to protect their user id and password information. If this information is disclosed the privacy of their personal information cannot be assured.
PRINCIPLE #8 — CAGS OPENLY SHARES INFORMATION ABOUTS ITS POLICIES AND PRACTICES ABOUT HOW IT MANAGES PERSONAL INFORMATION.
PRINCIPLE #9 — CAGS RESPONDS ON A TIMELY BASIS TO REQUESTS FROM MEMBERS AND OTHER STAKEHOLDERS ABOUT THEIR PERSONAL INFORMATION.
When requested, we will make available to members any Personal Information that we have collected about them, utilized or disclosed, to the extent permitted or required by law. Personal Information may be reviewed and updated through the CAGS Member Portal.
Members and other stakeholders may challenge the accuracy or completeness of their Personal Information at any time. When we validate a member’s identity and they demonstrate the inaccuracy or incompleteness of their Personal Information, we will amend the Personal Information as required. Where appropriate, we will transmit the amended information to third parties having access to Personal Information.
PRINCIPLE #10 — CAGS WELCOMES FEEDBACK REGARDING ITS COMPLIANCE WITH THE ABOVE PRINCIPLES.
Canadian Association of General Surgeons
505 March Road, Suite 210
Last Updated: March, 2021
Scheduled for Review: March, 2024