Data Collection and Learner Privacy Principles
An increasingly wide range of personal information is collected about resident physicians during their training. RDoC recognizes that learner personal information is frequently collected in the effort to improve medical education and wellness initiatives in Canada. This personal information is frequently sensitive in nature, and it is critical it is appropriately stored and protected. While RDoC expects that most organizations will treat data with appropriate processes to ensure anonymity, RDoC is aware that this may not always be the case and has developed the following Principles to promote learner privacy.
Wherever learner personal information is collected, RDoC encourages:
- The development of clear and explicit purpose prior to any personal information being collected.
- That collected learner data be anonymized wherever possible. Where this is not possible RDoC encourages the appropriate protection of the identities of those individuals whose personal information was collected.
- That the learner be given an opportunity to consent to the collection, use or disclosure of their personal information.
- Transparency regarding the use, storage, disclosure and access to learner personal information.
- That industry-best security safeguards be implemented and used to protect against unauthorized access to learner data.
- The right of learners to maintain ownership of their personal data, including straightforward pathways to access that data, both during and after their training.
- That wherever personal information is collected, stored, or analyzed on a cloud-based service, such services should ideally be secured by service providers that house their servers in Canada. Wherever this is not possible, service providers should be selected that house their servers in countries with robust and rigorous privacy legislation
RDoC will not support and discourages:
- The disclosure of personal information to third parties, including provincial licensing bodies, without the expressed consent from the learner(s) in question.
- The collection of any learner personal information that could potentially be used for discriminatory or unfair profiling practices.
- The collection of learner personal information that lacks a clear, ethical, articulated and legitimate purpose. (i.e., mining,
phishing or profiling).
- The collection or sharing of learner personal information by institutions directly involved in learners’ career or learning paths where such sharing or collection is not linked to the institution’s core mission or mandate.
- The use of learner personal information for purposes other than the purpose that has been explicitly identified and articulated prior to its collection.
- The retention of learner personal information for any period of time other than the duration necessary to fulfill the purpose associated with its collection.
- The use of third-party services with servers in the United States, or other countries with legislation similar to the US Patriot Act unless no alternatives are available and the service is deemed necessary to meet the needs of learners. In these cases, the location of the servers should be disclosed.