UI - FOIPPA Collection Notice

mbertucci commented 4 weeks ago

User Story:
As a Team Lead responsible for regulatory compliance,
I want to display the FOIPPA collection notice prominently on the first page or in the footer of the application,
So that users are informed about the purpose and legal authority of personal information collection, ensuring transparency and compliance with FOIPPA.

Context:
To comply with the Freedom of Information and Protection of Privacy Act (FOIPPA), it is essential to inform users of the collection of their personal information. This notice needs to be visible on the first page of the application or in the footer of every page, ensuring that users are aware of the purpose and authority for the collection of their data. TBH I'm not sure where it should go and I'll leave it up to the designers to talk to other teams to figure out where it goes

Andy please find out how other projects are handling the FOIPPA notice

UX/UI Design:
Design in Figma

Business Rules:

[ ] The FOIPPA collection notice must be visible on the first page of the application
[ ] The user will view the message but no need to acknowledge it (i.e., no need to click a checkbox or store this info in the DB)
[ ] The notice must include the following text and STRAA will be in italic

Any personal information required is collected to support the administration and enforcement of the Short-Term Rental Accommodations Act, under the authority of section 33(1) of that Act. Any questions about the collection of any information can be directed to the Executive Director of the Short-Term Rental Branch, at strbranch@gov.bc.ca.

Scenarios

Scenario 1: Viewing the FOIPPA notice on the first page of the application

Given the user accesses the first page of the application,
When the page loads,
Then the FOIPPA collection notice should be prominently displayed,
And it should include all required information about data collection and legal authority.

Scenario 2: Contacting support regarding the FOIPPA notice

Given the user has questions about the collection of their personal information,
When they view the FOIPPA collection notice,
Then they should see clear contact information provided within the notice,
And they should be able to reach out for further clarification or support.

mbertucci commented 4 weeks ago

Sample Collection Notice:

We are collecting your personal information to [purpose]. If you have questions about our collection of your information, please contact us at [contact information].

We are collecting your personal information under section [e.g. 26(c)] of the Freedom of Information and Protection of Privacy Act.

mbertucci commented 4 weeks ago

This is a requirement of the PIA https://www2.gov.bc.ca/gov/content?id=650377D1931545499C09A855830530C3#q-6

mbertucci commented 4 weeks ago

See PIA https://bcgov.sharepoint.com/:w:/r/teams/09399/Shared%20Documents/PIA%20and%20STRA/Short%20Term%20Rental%20Registry%20PIA.docx?d=wb3cea5832fee402eb6d0d779350196fc&csf=1&web=1&e=BDf51J

mbertucci commented 3 weeks ago

@fionazhou-jsb does the blurb work?

mbertucci commented 3 weeks ago

I sent an email to Pia Dewar to confirm we can just use the sample. I think we can but wanted to confirm. @fionazhou-jsb we need a contact email. And a

mbertucci commented 3 weeks ago

Conversation with Pia Dewar regarding FOIPPA

Hey there. I hope you're doing well.

The FOIPPA collection notice. Does it need to be visible at all times? In the footer for example?

Is it a check box stating the user acknowledges the FOIPPA consideration.

Do you know what other teams have done?

Pia Dewar: hi, it tends to go in two places - right before someone logs in through a portal (thereby giving someone the chance to decide if they'll even log in), and on the first page with instructions

such as, when they're registering their rental. I would put it at the top of that page

Ok I'm wondering if it is already a part of SBC Connect.

I'm going to put it on the first page of the application

Pia Dewar: ok, sounds good. it just needs to be somewhere someone can see it Before commiting any PI

before they hit a submit button on a form, let's say

mbertucci commented 1 week ago

from PIA

Hi,

A pretty standard collection notice runs as follows:

Any personal information required is collected to support the administration of [purpose], under the authority of FOIPPA, sec [legislative cite]. Any questions about the collection of any information can be directed to [position title], at [phone number].

That’s usually the format.

Thank you,

Pia

fionazhou-jsb commented 1 week ago

@kris-daxiom this one is good for your review

kris-daxiom commented 1 week ago

Looks good to me

jdyck-fw commented 20 hours ago

Hey team! Please add your planning poker estimate with Zenhub @dimak1 @kris-daxiom @rstens @shaangill025

bcgov / entity