Guidelines for the Use of Electoral Products

February 2019

This version of the Guidelines supersedes previously published versions.

Guidelines for the Use of Electoral Products

Section 1: Introduction

The Election Act requires the Chief Electoral Officer (CEO) to establish and maintain a Permanent Register of Electors for Ontario (permanent register or PREO) and a Register of Absentee Electors (absentee register), and to provide the information contained in these two registers to Political Entities (specifically registered political parties, candidates, members of the Legislative Assembly and municipal clerks). The permanent register contains the personal information of electors including names, residential and mailing addresses, dates of birth, and unique identifiers. The absentee register consists of the personal information of electors who temporarily reside outside of Ontario and have filed an application with Elections Ontario to be included in the absentee register.

The purpose of these Guidelines is to provide Political Entities with the requirements in the Election Act and the privacy requirements for the access to, and use of, the information they receive from Elections Ontario. Elections Ontario places high importance on ensuring the effective protection and management of electors’ personal information extracted from the permanent register and absentee register. As such, Political Entities are required to take appropriate measures, as described in these Guidelines and the Election Act, to maintain the privacy of electors’ personal information. In the event of a conflict, inconsistency or a discrepancy between the Election Act, and these Guidelines, the provisions in the Election Act shall be regarded as paramount and the governing law.

These Guidelines are applicable to the following electoral products:

  1. List Products refers to any list containing electors’ personal information, such as:
    1. The Annual Update: this is the yearly update to the permanent register and absentee register, and the subsequent lists of electors provided to Political Entities at the end of each calendar year; and
    2. Lists with Elector Information: refers to any list created from the permanent register and absentee register at the beginning of an electoral event. They are maintained during the event under the authority of the Chief Electoral Officer and the Returning Officers.
  2. Geographical Products refer to all maps and polling division information provided during an electoral event.

Section 2: Distribution of List Products

Where a Returning Officer or the Chief Electoral Officer is required to provide list products to Political Entities, only the following information will be provided (unless the Election Act specifically states otherwise):

  1. The names and unique identifiers of electors; and
  2. The residential and mailing addresses of electors.

Despite this requirement, the Chief Electoral Officer may, on the written request of an elector, redact from all lists provided to Political Entities, any information that the Chief Electoral Officer reasonably believes would, if made available, endanger the life, health or security of the elector.

In accordance with the Election Act, only registered political parties, independent candidates and independent members of the Assembly who file an acceptable policy (also referred to as a privacy policy) on the use of electors’ personal information are entitled to receive extracts from the permanent register and absentee register. The policy must detail how Political Entities will comply with the privacy requirements in the Election Act and these Guidelines. The privacy policy will be acceptable provided that it covers appropriate measures implemented to safeguard the use, management, and secure disposal of all list products containing electors’ personal information. Political Entities that do not file a privacy policy will only be entitled to receive Geographical Products during an electoral event (i.e. list of electoral districts, maps, polling divisions etc.). The Geographical Products will be distributed by the Returning Officer at the first candidates’ meeting during an electoral event.

Notwithstanding the requirement to provide list products to Political Entities, registered political parties and candidates are permitted to opt out of receiving list products and geographical products from Elections Ontario. Elections Ontario will continue to provide these products to Political Entities that have filed a privacy policy unless notified by the registered political party or candidate that they do not wish to receive the products.

Table 1 – Distribution of List Products provides an overview of types of list products that are distributed to Political Entities.

For additional information on these Guidelines, please contact Elections Ontario’s Privacy Office

Elections Ontario Contact Information
Privacy Officer
Elections Ontario
51 Rolark Drive
Toronto ON M1R 3B1		 Tel: 1-888-668-8683
TTY:TTY: 1-888-2922-2312
FAX: 1-866-714-2809
Email: priv@elections.on.ca

Table 1–Distribution of List Products

List Products Authorized Recipients Distributed by Scope Electors’ Personal Information Format Date of Distribution Section(s) of Act
Annual Update of the Permanent Register and Absentee Register Members of the Legislative Assembly (upon request) Chief Electoral Officer Electoral District of the member 1. Names and unique identifiers 2. Residential and mailing addresses Electronic copy By December 31 of each calendar year 17.3(1)(c)
Registered political parties (upon request) For all of Ontario or for a specific electoral district, depending on the update By December 31 of each calendar year 17.3(1) (b)(i) & (ii)
Preliminary List of Electors Registered parties Chief Electoral Officer For all of Ontario for a general election or, for a specific electoral district for a by-election. Electronic copy As soon as possible after the Writ is issued 19(2.1)
Municipal Clerks Returning Officer A municipality will receive the List for each electoral district that the municipal jurisdiction covers (in whole or part) As soon as possible after the Returning Officer receives a copy from Chief Electoral Officer. 19(3)(b)
Candidates (upon request) Returning Officer Electoral district of the candidate One electronic copy (and, one paper copy if requested) 19(3)(c)
List of Electors Issued a Certificate to Vote Registered parties (upon request) Chief Electoral Officer For each electoral district 1. Names and unique identifiers 2. Residential and mailing addresses Electronic copy Issued with the Advance Poll List of Electors & Polling Day List of Electors. 21(9)
Candidates (upon request) Returning Officer Electoral district of the candidate 1 printed copy On request of a candidate throughout the writ period. 21(9)
Advance Poll List of Electors Registered parties (upon request) Chief Electoral Officer For each electoral district Electronic copy Approximately 2 days prior to opening of advance polls. n/a
Candidates Returning Officer Electoral district of the candidate One electronic copy (and, one paper copy if requested) Approximately 2 days prior to opening of advance polls. n/a
Record of Advance Poll Voters Registered political parties Chief Electoral Officer For a specific electoral district where the party has a candidate Electronic Final list of advance poll voters – 3 days before polling day 45(2)
Candidates Returning Officer Electoral district of the candidate 1 printed copy Final list of advance poll voters – 3 days before polling day 45(2)
List of Special Ballot Electors Registered parties (upon request) Chief Electoral Officer For each electoral district 1. Names and unique identifiers 2. Residential and mailing addresses Electronic copy On request of the party, the up-to-date list of special ballot electors will be provided. 45.3 (3)
Nominated Candidates (upon request) Returning Officer Electoral district of the candidate 1 printed copy On request of the candidate 45.3 (3)
List of Absentee Electors Registered political parties Chief Electoral Officer For each electoral district Electronic copy Final list of Absentee voters – 3 days prior to polling day 45.13 (9)
Polling Day List of Electors Registered political parties Chief Electoral Officer For the electoral districts where the party has nominated candidates 1. Names and unique identifiers 2. Residential and mailing addresses Electronic copy Approximately 3 days prior to polling day 25(3)
Candidates Returning Officer Electoral district of the candidate 1 electronic copy (and, if requested, 1 paper copy) Approximately 3 days prior to polling day 25(3)
List of Electors who have voted on poling day (bingo sheets) Registered political parties (upon request) Chief Electoral Officer For each electoral district Elector unique identifier and polling day sequence number Electronic copy Electronically refreshed on polling day 47(8)
Candidate or candidate’s representative (upon request) Poll Clerk Electoral district of the candidate Polling day sequence number Paper copy In intervals of no less than 30 minutes on polling day 47(8)
Post-election Record of Voters Registered political parties Chief Electoral Officer For each electoral district 1. Name and unique identifier of the electors 2. The residential and mailing addresses of the electors 3. Indication of whether or not each elector voted Electornic copy 3 – 6 months after a by-election and 6 – 9 months after a general election. 47(9)

Note:

  1. The above mentioned list products might be released in combination with other list products and geographical products for ease of access.

Section 3: Authorized and Prohibited Use of List Products

The Election Act requires all Political Entities to adhere to the restriction to use electors’ personal information for electoral purposes only. It is an offence under the Election Act to use electors’ personal information for commercial purposes (section17 (4)(1)). Unauthorized use is punishable by a fine of up to $5,000 (section 97).

The obligation to comply with the authorized use of electors’ personal information applies to any person or entitiy who receives and examines the lists of electors in printed or electronic format or on data storage devices and applications.

Table 2 – Authorized Use of List Products provides an overview of the authorized use of list products provided to each Political Entity. Relevant sections of the Election Act have been noted where applicable.

Table 2 – Authorized Use of List Products

Authorized Recipients List Types Authorized Use Section(s) of Act
Municipal Clerks
  • Preliminary List of Electors
 For electoral purposes only, including:
  • Displaying the list for public examination at the office of the municipality
 19(3)(b)
Registered political parties
  • Annual Update
  • Preliminary List of Electors
  • List of Electors issued a Certificate to Vote
  • Polling Day List of Electors
  • Record of Advance Poll Voters
  • List of Special Ballot Electors
  • List of Absentee Electors
  • Post-Election List of Electors
 For electoral purposes only which includes:
  • Communicating with electors;
  • Soliciting elector contributions or campaign support during a Writ period; and
  • Recruiting party members.
 17.4
Members of the Legislative Assembly
  • Annual update for the Member’s electoral district.
 For electoral purposes only which includes:
  • Communicating with electors;
  • Soliciting elector contributions or campaign support during a Writ period; and
  • Recruiting party members.
 17.3(1)(c)
Candidates
  • Preliminary List of Electors
  • List of Electors issued a Certificate to Vote
  • Polling Day List of Electors
  • Advance Poll List of Electors
  • Record of Advance Poll Voters
  • List of Special Ballot Electors
 For electoral purposes only which includes:
  • Communicating with electors; and
  • Soliciting elector contributions or campaign support during a Writ period.
 17.4

Section 4: Requirements for Access to List Products

In order to receive list products, the Election Act requires registered political parties to develop and implement a privacy policy to ensure that its candidates, members of the Legislative Assembly, employees and agents comply with the restrictions on the use of information extracted from the permanent register and absentee register under section 17.4(1) of the Election Act. Independent candidates and independent members of the Legislative Assembly must meet the same requirements for a privacy policy as registered political parties. The requirement for a privacy policy is for the purpose of ensuring that Political Entities securely maintain and protect the confidentiality of the information in list products they receive from Elections Ontario.

Filing Requirement for Privacy Policy

Under section 17.6(2) of the Election Act, the Chief Electoral Officer has the right to refuse disclosure of the annual release and lists products to Political Entities that do not submit a privacy policy or whose privacy policy does not comply with the requirements stated in these Guidelines and in the Election Act. Appendix A provides an outline of the minimum criteria that must be included in the privacy policy submitted by Political Entities to the Chief Electoral Officer or Returning Officer. Political Entities who wish to receive the annual release and lists of electors must comply with the filing and access requirements noted below:

Table 3 – Filing Requirements to Receive and Access the Annual Release

Entities Political Entities Filing Requirement/Deadline
Registered Entities Registered Political Parties November 30th of each calendar year.
Note: Submission deadline applies to updated privacy policy/signatories or confirmation of no changes to policy.
Independent member of the Legislative Assembly November 30th of each calendar year.
Note: Submission deadline applies to updated privacy policy/signatories or confirmation of no changes to policy.

Table 4 – Filing Requirements to Receive and Access Lists of Electors during an Electoral Event

Entities Political Entities Filing Requirement/Deadline
Registered Entities Registered Political Parties The privacy policy submitted on or before November 30th applies, otherwise a privacy policy must be filed on or before the close of nominations for a general election or by-election(s).
Independent member of the Legislative Assembly (running as an independent candidate in an electoral event) The privacy policy submitted on or before November 30th applies, otherwise a privacy policy must be filed on or before the close of nominations for a general election or by-election(s).
Independent Candidates A privacy policy must be filed with the Chief Electoral Officer or the Returning Officer on or before the close of nominations for a general election or by-election(s).

Note:

  1. A privacy policy submitted for the annual release is valid for a period of 12 months. The filed privacy policy will apply for any electoral event that falls within the 12 month period unless the party notifies Elections Ontario in writing of any changes made to the privacy policy and/or change in leadership.
  2. The privacy policy must be signed by a senior executive who has been appointed as the Chief Privacy Officer (CPO) and is responsibe for administering and overseeing privacy safeguards. The CPO along with a designate are permitted to act as the official signatory on all requests for list products with electors’personal information.
  3. The annual release will be available on a Secure File Transfer Portal (SFTP) in December of each calendar year. Only Political Entities with an approved privacy policy will be given access to the SFTP. The annual release will be available for download for a period of 14 days. After this period, the data will be removed.
  4. List products for electoral events will be made available either electronically or in printed format following the issuance of a writ for a by-election or general election.
  5. All submissions will be reviewed by Elections Ontario and Political Entities will be contacted if additional information or action is required.
  6. Political parties that register after the annual release are required to submit a privacy policy after they receive the Confirmation of Registration Notice and are eligible to receive the annual release within 30 days after Elections Ontario has approved their submitted privacy policy.

Section 5: Requirements for the Use of List Products

Under section 17.4 of the Election Act, Political Entities are permitted to use list products containing electors’ personal information only for electoral purposes and not for commercial purposes. In using the list products for electoral purposes, Political Entities can distribute the lists to other authorized persons only after they have received written acknowledgement from the recipient. The written acknowledgement must indicate that the receipient understands that they are required to comply with the restrictions on the use of list products, these Guidelines and the Political Entity’s privacy policy. To ensure that this requirement is properly administered and adhered to, a written acknowledgement must be signed by each recipient prior to receiving access to list products. The written acknowledgement must indicte that each individual:

  • understands that the list products can only be used for electoral purposes and not for commercial purposes;
  • understands the importance of protecting electors’ personal information on the lists;
  • undertakes precautionary measures to protect the confidentiality of electors’ personal information (i.e properly handling and transporting list products); and
  • will return the lists on completion of the task for which the lists were provided to recipient.

A sample Written Acknowledgement is provided in Appendix B.

In addition to obtaining the written acknowledgement, Political Entities that receive list products must implement and maintain a distribution tracking record to monitor who has been given access to electors’ personal information, whether in its entirety or portions/copies of list products. The distribution tracking system must capture the following information:

  • date of distribution;
  • the format in which the document was distributed (i.e. electronic or paper copy);
  • who the information was provided to;
  • the type of lists products (e.g. annual update, preliminary list of electors, or advance poll lists of electors, etc.);
  • confirmation that the written acknowledgment has been signed; and
  • confirmation of the date the copy was returned to the Political Entity or a certificate of destruction.

A distribution tracking record must be maintained and completed for all list products distributed during an electoral event and for the annual update. A sample Distribution Tracking Form for List Products can be found in Appendix C, and must include all persons who have received extracts from the list products during an electoral event. For the annual update, the distribution tracking record must include persons who received extracts of the annual update from December of the previous year up to the filing deadline of the distribution tracking form (November 30th of each calendar year). A sample Distribution Tracking Form for the Annual Update can found in Appendix D.

Filing of Distribution Tracking Forms

The distribution tracking form must be filed with the Chief Electoral Officer or Returning Officer as appropriate in the following manner:

Table 5 – Filing Requirements for the Distribution Tracking Forms

List Products Recipients Filing Deadline
Annual Release
  • Registered Political Parties
  • Members of the Legislative Assembly
 November 30th of each calendar year
Lists of Electors for Electoral Events
  • Registered Political Parties
  • Candidates
 Within 30 days after polling day to the Chief Electoral Officer or Returning Officer
Reproduction Restrictions

Under section 17.4(3) of the Election Act, no person may reproduce, store, or transmit any part of the information obtained electronically from the permanent register (including the lists of electors) for any purpose except as follows:

  • registered political parties and Members of the Legislative Assembly who have received an update of the permanent register for the whole of Ontario as a result of an annual update (section 17.1(3)(1)(i) or (ii)) or have received an update with respect to a specific electoral district under section 17.1(3)(2)); and
  • an individual or entity who has received the information from the registered political party or member of the Assembly, so long as that person or entity signs a written acknowledgment that they are bound by the restrictions in the Election Act on use of the information for electoral purposes only and not for commercial purposes (s. 17.4(4)(b)).

Section 6: Requirements for the Return or Secure Destruction of List Products

Elections Ontario distributes list products electronically and/or in paper format. Political Entities who receive electronic copies are required to securely destroy these copies immediately after intergrating them into the party’s or candidate’s database. All paper copies are required to be securely disposed of or returned to Elections Ontario at the end of the electoral event. The secure destruction or return requirement applies to all electronic or paper copies of list products outlined in Section 2 and any additional lists distributed by Political Entities to employees, volunteers and agents. A secure shredding service provider may be procured to securely destroy lists containing electors’ personal information; however, Political Entities are responsible for specifying how the destruction is to be accomplished, under what conditions and by whom. All Political Entities must create or obtain from the service provider a certificate of destruction that documents the following information:

  • the records and/or list products that are being destroyed;
  • the date, time and location of destruction;
  • the method of destruction; and
  • the name and signature of the individual responsible for destruction or the operator.

A sample secure destruction form for electoral products and annual release can be found in Appendix E.

The following provides the requirements for Political Entities on how to dispose of electors’ personal information in a safe and secure manner:

  1. Methods used must ensure that personal records cannot be reconstructed. Printed copies of documents must be properly shredded and electronic data must be permanently erased using methods that prevent the restoration of such data.
  2. For printed copies, destruction means cross-cut shredding, not continuous (single strip) shredding, which can be reconstructed.
  3. For data stored on an electronic device, destruction means employing data erasure software provided by various software companies to erase every bit of data on a device. Data erasure software must conform to the standard set by the Communication Security Establishment Canada (CSEC)–CSEC ITSG-06 wiping method.
  4. All decommissioned electronic media that was used to store elector data must be permanently erased and physically damaged to render them unusable.

Political Entities may return electoral products to Elections Ontario if they are unable to destroy the products. For additional questions on the secure destruction or return of electoral products, contact Elections Ontario.

Note: The secure destruction requirements do not require political entities to dispose of elector information that has been integrated into databases that have been created for electoral purposes provided that political entities comply with the restriction on the use of elector information under section 17.4 (1) of the Election Act. The database or servers used to store electors’ personal information must not be hosted outside of Canada.

Filing of the Certificate of Destruction

The certificate of destruction must be filed with the Chief Electoral Officer or the Returning Officer as appropriate in the following manner:

Table 6 – Filing Requirements for the Certificate of Destruction

List Products Recipients Filing Deadline
Annual Release
  • Registered Political Parties
  • Members of the Legislative Assembly
 November 30th of the calendar year
Lists of Electors for Electoral Events
  • Registered Political Parties
  • Candidates
 Within 30 days after polling day to the Chief Electoral Officer or the Returning Officer

Note: If a member of the Legislative Assembly resigns or has forfeited the office to which they were elected or ceases to be a member of a party and becomes an independent member of provincial parliament, the member must return all documents containing electors’ personal information and election-related information to the Chief Electoral Officer within 30 days of their resignation or removal.

Section 7: Requirements for Breach Management

All political entitites are responsible for preventing unauthorized parties from accessing elector information, including taking reasonable steps to protect the security and confidentiality of elector information during its storage, transportation, handling and destruction. To effectively prevent unauthorized use and access to elector information, Political Entities must:

  • Appoint a person to be responsible for safeguarding electoral products. This person would be responsible for communicating these Guidelines to persons who are given access to electors’ personal information, for developing and implementing privacy policies and answering questions about the Political Entity’s use of list products. This person must hold the title of chief privacy officer. Elections Ontario must be notified once the person no longer holds the title and an updated privacy policy must be submiited.
  • Provide clear direction to its candidates, members, employees and agents regarding the proper use of the information obtained from the permanent register, absentee register and other electoral products.
  • Provide electoral products only to people who need access to electoral products to communicate with electors and constituents on behalf of the Political Entity or to do work for electoral purposes on behalf of the Political Entity.
  • Limit the number of people who have access to reduce the chances of a privacy breach.
  • Ensure that the electoral products are kept secure when not in use by storing the electronic copy on a secure, password-protected computer and keeping paper copies in locked filing cabinets. Passwords and keys should be strictly controlled by the person responsible for privacy safeguards.
  • Ensure that all individuals who are given access to electors’ personal information understand the importance of protecting the privacy of electors’ information.
  • Obtain from each individual a written acknowledgement that the individual will abide by the restrictions on the use of electors’ personal information (see sample in Appendix B).

The actual or suspected unauthorized access, loss or theft of documents containining elector information is a privacy breach, and should be dealt with quickly and effectively. While each incident will require a unique approach, it is recommended that the chief privacy officer follow these general steps:

  • notify Elections Ontario of the breach and steps being taken to contain/mitigate the breach;
  • contain the breach and identify its source;
  • mitigate the harm resulting from the breach;
  • retrieve any documents that were lost or stolen;
  • document the circumstances that led to the incident and/or contact the police; and
  • review and update your internal policies, processes and procedures to prevent future incident.

Section 8: Privacy Best Practices

The employees, volunteers or agents of Political Entities may be required to deal with electors’ personal information in a mobile environment. As part of their efforts to protect the privacy of electors’ personal information, Political Entities must implement the following best practices in order to enhance the security and confidentiality of electors’ personal information while working within a mobile environment.

Removing records from the office

  • List products must only be removed from the office when it is absolutely necessary to do so.
  • Employees, volunteers or agents of the Political Entity must obtain any approvals required, and where possible, original documents should remain in the office and only copies be removed.
  • A record of the information being removed must be kept in a safe location.

Paper records

  • While in transit, paper records must be securely packaged and locked and must remain in the possession of the employees, volunteers or agents of the Political Entity.
  • If being used at home, records must be accessible only to the employees, volunteers or agents of the Political Entity and must be kept locked away when not in use.

Public Transit

  • Electors’ personal information, whether in printed or electronic format, must never be accessed by employees, volunteers or agents of the Political Entity while travelling on public transportation.

Electronic records

  • Electronic records containing electors’ personal information must be stored and encrypted on password-protected data storage devices and applications, or removable drives rather than on the hard drive of a laptop or home computer.
  • Removable drives must always remain within the possession of the employees, volunteers or agents of the Political Entity or be kept in a secure location that is not accessible to others.

Laptops and home computers

  • Access to laptop, home computers, must be password-controlled, and any data on the hard drive must be encrypted. Other reasonable safeguards, such as anti-virus software and personal firewalls, could also be installed.
  • List products containing electors’ personal information must not be stored on shared computers and laptops.
  • Laptops must always be stored in a secure location.

Wireless technology

  • Political Entities must protect the privacy and confidentiality of personal information stored on wireless devices such as cell phones. Access to such devices should be password-controlled, and any stored data should be encrypted.
  • When working at locations outside the office, employees, volunteers or agents of the Political Entity must maintain constant control of wireless devices and care must be taken to prevent loss or theft.

Email, fax and photocopy

  • When working at home or at other locations outside the office, employees must avoid sending electors’ personal information by e-mail or fax.
  • When photocopies of list products are required, employees of Political Entities must conduct the task and photocopy machines must not be left unattended

Appendix A – Privacy Policy Acceptance Criteria

Section 17.6 of the Election Act requires Political Entities who wish to access electors’ personal information held by Elections Ontario to develop and implement a privacy policy. This privacy policy must be submitted to Elections Ontario in advance of requesting access to list products. Only after the privacy policy is approved and accepted by Elections Ontario will access be granted to list products containing electors’ personal information.

The requirements noted below outline the minimum acceptance criteria for a privacy policy submitted to Elections Ontario. All privacy policies submitted to, and accepted by, Elections Ontario must also be published on the Political Entities’ public website within 30 days of receiving an acceptance confirmation from Elections Ontario. Elections Ontario will make all submitted and accepted privacy policies publically available on its website (www.elections.on.ca).

Elections Ontario reserves the right to audit the privacy practices of Political Entities who have submitted an accepted privacy policy to Elections Ontario, in order to ensure that Political Entities are adhering to the terms of their privacy policies. Section 17.6, subsection (3) permits Elections Ontario to publish online any discrepancies between a Political Entity’s privacy practices and their policy.

Section 1: Scope of Policy

This section must contain information regarding:

  1. To whom this privacy policy applies (i.e. name of political party, candidates, members of the Legislative Assembly, and any person or entity representing or working for the Political Entity on a paid or unpaid basis); and
  2. To what the policy applies (i.e. all list products received from Elections Ontario).
Section 2: Restrictions on Use

This section must contain information on how Political Entities ensure their employees, volunteers and agents comply with the following restrictions on the use of list products under section 17.4 of the Election Act:

  • only use the information for electoral purposes; and
  • not to use the information for commercial purposes.

This section must contain information on the following:

  1. Identify the authorized use of elector information (i.e. communicating with voters, soliciting campaign support, recruiting party members etc.); and
  2. Identify measures implemented to track the distribution of list products and administer the written acknowledgement forms as mandated by section 17.4 of the Election Act. More information on written acknowledgements can be found in the Section 5 of these Guidelines – Requirement for the Use of List Products.
Section 3: Privacy Requirements

This section must address the following privacy principles:

  1. Implementation and Enforcement of Privacy Controls
    • Indicate all security measures implemented to ensure that all representatives of the Political Entity remain in compliance with the privacy requirements in the Election Act, these Guidelines and the Political Entities` privacy policy. Security measures include safeguards implemented to protect electors’ personal information received in printed format and electronically. Security measures must cover the following categories:
      1. Administrative controls: procedures to protect the privacy and security of electors’ personal information, limiting access to information strictly to a “need to know” basis and the reliability of individuals having access to the electors’ personal information, and designating a person who will be responsible for implementing privacy safeguards.
      2. Technical controls: passwords, audit trails, encryption, firewalls and other technical security safeguards to minimize the risk of unauthorized individuals accessing electors’ personal information.
      3. Physical controls: procedures that restrict access to areas where electors’ personal information is stored.
  2. Disposition Protocol for List Products
    • Provide information on the protocols implemented to ensure compliance with the secure destruction of list products when no longer required for electoral purposes. Disposition protocols must comply with Section 6 of these Guidelines – Requirements for the Return and Destruction of List Products; and
    • Provide information on how the Destruction Certificates are tracked and submitted by the applicable deadline.
  3. Training on Privacy Controls
    • Provide information on the training provided to representatives of the Political Entity to ensure awareness and compliance with privacy safeguards and controls.
  4. Breach Management
    • Provide details on internal processes implemented to mitigate and address accidential or unathourized access, disclosure, use, modification and disposal of electors’ personal information; and
    • Outline breach management processes, including contacting the Chief Electoral Officer in the case of loss or theft of, or unauthorized access to, electors’ personal information.
Section 4: Roles and Responsibilities

This section must contain information regarding:

  1. The responsibilities of the chief privacy officer as they relate to safeguarding electors’ personal information against accidential or unathourized access, disclosure, use, modification and disposal. Responsibilities must include complying with all filing requirements under these Guidelines. Note: this person will be responsible for the overall implementation and enforcement of the privacy policy. The person must be the signatory on the privacy policy; and
  2. Identify the privacy responsibilities of all representatives of the Political Entities, including political parties, candidates, and members of the Legislative Assembly, employees, volunteers and agents.
Section 5: Approval

This section must contain the following information:

  1. The effective date of the privacy policy;
  2. The name and signature of the Political Entity’s chief privacy officer; and
  3. The date the chief privacy officer signed the privacy policy.

Appendix B – Sample Written Acknowledgement

Person Making Acknowledgement
Surname (Family Name): Given Name(s): Telephone:
Residential Address: Position Title:

In accordance with section 17.4 of the Election Act, as amended, I acknowledge the following regarding the information I obtain directly or indirectly from the List of Electors or the Permanent Register of Electors for Ontario, whether the information obtained is in printed or electronic format or examined in either format without obtaining a copy:

  1. I will only use such information for electoral purposes;
  2. I will not use such information for commercial purposes;
  3. I will comply with the privacy policy provided to me;
  4. I will comply with the Elections Ontario Guidelines for the Use of Electoral Products; and
  5. I will only disclose such information to any other person after obtaining their written Acknowledgement that he or she is bound by these restrictions.
Print the Name of Electoral District
Signature of Person making aknowledgement
Print Date

Appendix C – Sample Distribution Tracking Form for Lists of Electors

Distribution Tracking Form for Lists of Electors
Date of Distribution Distributed To Electronic copy Printed copy & quantity List Type Written Acknowledgement Completed Date Returned
Preliminary (P) Advance Poll (AP) Polling Day (PD)
                 
                 
                 
                 
Electoral District Name
Candidate Name
Candidate Signature
Date

Appendix D – Sample Distribution Tracking Form for the Annual Update

Sample Distribution Tracking Form–Annual Update
Date of Distribution Distributed To Format Written Acknowledgement Completed Date Returned
Electronic copy Printed copy & quantity
           
           
           
           
  1. Independent Member of the Legislative Assembly
  2. Registered Political Party
  3. Member of the Legislative Assembly of a Registered Political Party
 Electoral District Name (if applicable)
Registered Party Name (if applicable)
Name (Please print)
Signature
Date

Appendix E – Secure Destruction Form

Secure Destruction Form
Name of Individual or Company who securely destroyed electronic or paper copies    
Date of secure destruction  
Time of secure destruction  
Location of secure destruction  
Types of documents securely destroyed (Preliminary, Advance Poll, or Polling Day List of Electors) Paper type: How many copies were destroyed?
Electronic: How many copies were destroyed?
Method of secure destruction Paper:
Electronic
Signature of Individual or Company who destroyed electronic files or paper copies  
If applicable, Certificate of Destruction provided by shredding company Yes unchecked box No unchecked box
Electoral District Name
Candidate Name
Candidate Signature
Date

If applicable, attach a copy of the Certificate of Destruction provided by the Shredding Company and submit to ElectionsOntario.

(152-G180E)