DOCSLIB.ORG

In Data We Trust: Unlocking the Value of Data in Ontario | 2 GLOSSARY

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
In Data We Trust: Unlocking the Value of Data in Ontario | 2 GLOSSARY In Data We Trust Unlocking the Value of Data in Ontario Claudia Dessanti Senior Policy Analyst, Ontario Chamber of Commerce TABLE OF CONTENTS Glossary 3 Executive Summary 5 Chapter I: Ontario’s Data-Driven Economy 6 Chapter II: Privacy 12 Chapter III: Cybersecurity 23 Chapter IV: Data Sharing 33 Chapter V: Artificial Intelligence 41 Conclusion: A Call to Action 50 Summary of Recommendations 51 Ontario Chamber of Commerce In Data We Trust: Unlocking the Value of Data in Ontario | 2 GLOSSARY ALGORITHM: a procedure that a computer uses to DATA ECONOMY: the economic value created by ELECTRONIC MEDICAL RECORD (EMR): an solve a problem. organizations engaged in the retrieval, storage, and individual patient record created by a health care analysis of big data at high speeds using sophisticated provider following specific encounters with patients. APPLICATION PROGRAMMING INTERFACE 1 4 software and other tools. EMRs can serve as a data source for an EHR. (API): mechanisms that allow for the secure sharing of data across parties. DATA LOCALIZATION: a requirement that FREEDOM OF INFORMATION AND organizations store and process data within certain PROTECTION OF PRIVACY ACT (FIPPA): ARTIFICIAL INTELLIGENCE (AI): the ability of borders. legislation governing privacy and access to information a machine to perform tasks that normally require held by public institutions in Ontario. human intelligence, such as visual perception, speech DATA PHILANTHROPY: the act of sharing private recognition, and decision-making. data assets to serve the public good. GENERAL DATA PROTECTION REGULATION (GDPR): guidelines for the collection and processing BIG DATA: DATA PORTABILITY: large amounts of structured and allowing individuals to access of personal information of individuals who live in the unstructured data. Big data is often defined using the their personal information in machine-readable European Union. three Vs: volume, velocity at which it is collected, and formats and share that data with other organizations. variety of data points. HEALTH DATA: patient-, system-, and population- DATA SHARING: when an organization or part of an level information related to health care delivery, status, BIOMETRICS: (computer security) authentication organization makes its datasets available to researchers, and outcomes. techniques that rely on physiological or behavioural other organizations, or other groups within the same human characteristics, such as fingerprints, facial organization. HUMAN-IN-THE-LOOP: AI models that involve recognition, typing rhythm, and voice. human oversight and/or intervention. DATA SHARING AGREEMENT (DSA): contracts CIVIC DATA TRUST: an independent entity given that outline the terms and conditions associated with INDUSTRY STANDARDS: see ‘codes of practice.’ responsibility for controlling, managing, and making sharing of health data. publicly accessible data that could be considered a DIFFERENTIAL PRIVACY: public asset. a mathematical approach to data privacy that seeks to protect CLOUD SERVICES: facilities managed by third individual identities while preserving the ability to parties that store and process end-user data while perform statistical analysis on the larger dataset. This providing data management services over the internet. is typically done by adding randomness or noise to the data. 1 Digital Reality. 2018. The Data Economy Report 2018. CODE OF PRACTICE: https://www. specific guidance intended to digitalrealty.com/data-economy. ELECTRONIC HEALTH RECORD (EHR): 2 complement regulation or laws by providing details on eHealth Ontario. “What’s an EHR?” https://www.ehealthontario.on.ca/en/ how to comply. In this report, ‘code of practice’ is used a digital lifetime record of a patient’s health history ehrs-explained. 3 Office of the Auditor General of Canada. 2010. “Electronic interchangeably with ‘industry standard.’ and care, with information from a variety of sources Health Records in Canada—An Overview of Federal and Provincial Audit Reports.” CYBERSECURITY: (including hospitals, clinics, doctors, pharmacies, https://www.oag-bvg.gc.ca/internet/English/parl_ protection against unauthorized oag_201004_07_e_33720.html. and laboratories), designed to facilitate the sharing 4 access to information stored electronically. 2,3 Jamie L. Habib. 2010. “EHRs, Meaningful Use, and a Model EMR of health data across the continuum of care. Managed Care Matters.” Drug Benefit Trends. 22 (4): 99–101.https:// www.patientcareonline.com/drug-benefit-trends/ehrs-meaningful-use-and- model-emr. Ontario Chamber of Commerce In Data We Trust: Unlocking the Value of Data in Ontario | 3 GLOSSARY INFORMATION PRIVACY COMMISSIONER OPEN SOURCE: software for which the original OF ONTARIO (IPC): the agency that oversees source code is made freely available to developers and Ontario’s provincial privacy laws (PHIPA, FIPPA, and entrepreneurs. MFIPPA). PERSONAL HEALTH INFORMATION INTANGIBLES ECONOMY: an economy where PROTECTION ACT (PHIPA): legislation governing competitiveness is driven by intangible assets, such as the collection, use, and disclosure of personal health data and intellectual property, as opposed to physical information in Ontario by doctors, hospitals, and other or tangible assets such as labour and capital. data custodians involved in the delivery of health care services. INTELLECTUAL PROPERTY (IP): a form of creative effort that can be protected through a PERSONAL INFORMATION PROTECTION trademark, patent, copyright, industrial design, or AND ELECTRONIC DOCUMENTS ACT 5 integrated circuit topography. (PIPEDA): a federal privacy law that applies to the collection, use, and disclosure of personal information INTERNET OF THINGS (IOT): objects, devices, and for commercial activities. spaces connected to the internet. PRIVACY: protection against unwanted intrusion MACHINE LEARNING (ML): an advanced subset into people’s communications, opinions, beliefs, of AI that empowers computer systems to learn by and identities. Data privacy is concerned with how themselves using provided data to make predictions. information is collected, shared, and used. MUNICIPAL FREEDOM OF INFORMATION PRIVACY ACT: legislation that specifies individuals’ AND PROTECTION OF PRIVACY ACT privacy rights in their interactions with the (MFIPPA): legislation that governs how municipal Government of Canada. institutions must protect privacy when collecting personal information. PRIVACY BY DESIGN: an approach to data privacy that builds privacy protection into organizational OFFICE OF THE PRIVACY COMMISSIONER systems at all stages of system development and in OF CANADA (OPC): the agency that oversees daily use. 7 federal privacy laws (PIPEDA and the Privacy Act). OPEN CONTRACTING: the practice of publishing open, accessible, and timely information about the planning, decision making, scoring, and awarding of all 5 Canadian Intellectual Property Office. “Glossary of Intellectual Property government contracts. Terms.” https://www.ic.gc.ca/eic/site/cipointernet-internetopic.nsf/eng/ wr00837.html. 6 OPEN DATA: data that is machine-readable, freely Government of Canada. “Open Data 101.” https://open.canada.ca/en/ 6 open-data-principles#toc94. Accessed March 20, 2020. shared, used, and built on without restrictions. 7 Datatilsynet. 2018. Artificial Intelligence and Privacy.https://www. datatilsynet.no/globalassets/global/english/ai-and-privacy.pdf. Ontario Chamber of Commerce In Data We Trust: Unlocking the Value of Data in Ontario | 4 EXECUTIVE SUMMARY Data is rapidly becoming one of the most valuable resources in the modern economy and Ontario has the potential to benefit immensely from this transformation. However, along with its many social and economic benefits, the data revolution comes with certain risks, including the erosion of personal privacy, data security breaches, labour market disruption, ethical challenges, and increasing regional inequality. Governments, businesses, and other stakeholders will need to foster an environment that encourages data-driven innovation while protecting against these risks. In Data We Trust: Unlocking the Value of Data in Ontario discusses how Ontario can achieve this with strong governance frameworks and stewardship from the organizations that collect, process, use, and share data. The report argues: Privacy frameworks should protect individual rights while Data sharing across silos is an opportunity to improve encouraging data-driven innovation. Ontario and Canada efficiencies and spur innovation across the economy. should retain their existing principles-based approach to privacy Organizations should collaborate on shared standards and while reinforcing it with strong industry standards. Businesses infrastructure to enable data sharing across all sectors, including and other organizations have an important role to play to ensure health care, without compromising privacy. Meanwhile, their own privacy practices enhance public trust. governments should improve the utility of their open data programs. Cybersecurity breaches are affecting organizations of all kinds. More can be done to build capacity and limit future attacks with Artificial intelligence (AI) is a competitive advantage that stronger adoption of industry standards, information sharing, Ontario should leverage deliberately. Going forward, the and best practices around risk assessments, staff training, province must translate its research expertise into widespread technology adoption, and insurance. adoption of the technology, prepare the workforce for an AI- driven economy, and mitigate
Load more

Recommended publications
  • Data Localization the Unintended Consequences of Privacy Litigation
    American University Law Review Volume 67 | Issue 3 Article 6 2018 Data Localization The ninU tended Consequences Of Privacy Litigation H Jacqueline Brehmer American University Washington College of Law Follow this and additional works at: http://digitalcommons.wcl.american.edu/aulr Part of the Computer Law Commons, and the Privacy Law Commons Recommended Citation Brehmer, H Jacqueline (2018) "Data Localization The ninU tended Consequences Of Privacy Litigation," American University Law Review: Vol. 67 : Iss. 3 , Article 6. Available at: http://digitalcommons.wcl.american.edu/aulr/vol67/iss3/6 This Comment is brought to you for free and open access by the Washington College of Law Journals & Law Reviews at Digital Commons @ American University Washington College of Law. It has been accepted for inclusion in American University Law Review by an authorized editor of Digital Commons @ American University Washington College of Law. For more information, please contact [email protected]. Data Localization The ninU tended Consequences Of Privacy Litigation Keywords cybersecurity threats, data localization, data privacy, Electronic Communications Privacy Act, Microsoft Ireland This comment is available in American University Law Review: http://digitalcommons.wcl.american.edu/aulr/vol67/iss3/6 NOTE DATA LOCALIZATION: THE UNINTENDED CONSEQUENCES OF PRIVACY LITIGATION H JACQUELINE BREHMER* This Note addresses a key unintended consequence of recent data privacy litigation before the European Court of Justice and the U.S. Supreme Court. Two cases—Data Protection Commissioner v. Schrems and United States v. Microsoft Corp.—contravene the principles upon which the internet was founded by removing legal and scalable mechanisms for cross-border data transfers. While these cases do not directly create data localization regimes, they highlight the irreconcilably different approaches to data privacy held by the United States and the European Union and eliminate valid options for transfer such that localization is the only remaining scalable solution.
    [Show full text]
  • Financial Reporting and Is Ultimately Responsible for Reviewing and Approving the Financial Statements
    Treasury Board Secretariat ANNUAL REPORT OF ONTARIO Financial Statements of Government Organizations VOLUME 2B | 2015-2016 7$%/( 2)&217(176 9ROXPH% 3DJH *HQHUDO 5HVSRQVLEOH0LQLVWU\IRU*RYHUQPHQW$JHQFLHV LL $*XLGHWRWKHAnnual Report .. LY ),1$1&,$/ 67$7(0(176 6HFWLRQ ņ*RYHUQPHQW 2UJDQL]DWLRQV± &RQW¶G 1LDJDUD3DUNV&RPPLVVLRQ 0DUFK 1RUWKHUQ2QWDULR+HULWDJH)XQG&RUSRUDWLRQ 0DUFK 2QWDULR$JHQF\IRU+HDOWK 3URWHFWLRQDQG 3URPRWLRQ 3XEOLF+HDOWK2QWDULR 0DUFK 2QWDULR&DSLWDO*URZWK&RUSRUDWLRQ 0DUFK 2QWDULR&OHDQ :DWHU$JHQF\ 'HFHPEHU 2QWDULR(GXFDWLRQDO&RPPXQLFDWLRQV$XWKRULW\ 79 2QWDULR 0DUFK 2QWDULR(OHFWULFLW\)LQDQFLDO&RUSRUDWLRQ 0DUFK 2QWDULR(QHUJ\%RDUG 0DUFK 2QWDULR)LQDQFLQJ$XWKRULW\ 0DUFK 2QWDULR)UHQFK/DQJXDJH(GXFDWLRQDO&RPPXQLFDWLRQV$XWKRULW\ 0DUFK 2QWDULR,PPLJUDQW,QYHVWRU&RUSRUDWLRQ 0DUFK 2QWDULR,QIUDVWUXFWXUH DQG/DQGV&RUSRUDWLRQ ,QIUDVWUXFWXUH 2QWDULR 0DUFK 2QWDULR0RUWJDJH DQG+RXVLQJ&RUSRUDWLRQ 0DUFK 2QWDULR1RUWKODQG7UDQVSRUWDWLRQ&RPPLVVLRQ 0DUFK 2QWDULR3ODFH&RUSRUDWLRQ 'HFHPEHU 2QWDULR5DFLQJ&RPPLVVLRQ 0DUFK 2QWDULR6HFXULWLHV&RPPLVVLRQ 0DUFK 2QWDULR7RXULVP0DUNHWLQJ3DUWQHUVKLS&RUSRUDWLRQ 0DUFK 2QWDULR7ULOOLXP)RXQGDWLRQ 0DUFK 2UQJH 0DUFK 2WWDZD&RQYHQWLRQ&HQWUH &RUSRUDWLRQ 0DUFK 3URYLQFH RI2QWDULR&RXQFLOIRUWKH$UWV 2QWDULR$UWV&RXQFLO 0DUFK 7KH 5R\DO2QWDULR0XVHXP 0DUFK 7RURQWR 2UJDQL]LQJ&RPPLWWHHIRUWKH 3DQ $PHULFDQ DQG3DUDSDQ$PHULFDQ*DPHV 7RURQWR 0DUFK 7RURQWR :DWHUIURQW5HYLWDOL]DWLRQ&RUSRUDWLRQ :DWHUIURQW7RURQWR 0DUFK L ANNUAL REPORT 5(63216,%/(0,1,675<)25*29(510(17%86,1(66(17(535,6(6 25*$1,=$7,216758676 0,6&(//$1(286),1$1&,$/67$7(0(176
    [Show full text]
  • Freedom Liberty
    2013 ACCESS AND PRIVACY Office of the Information and Privacy Commissioner Ontario, Canada FREEDOM & LIBERTY 2013 STATISTICS In free and open societies, governments must be accessible and transparent to their citizens. TABLE OF CONTENTS Requests by the Public ...................................... 1 Provincial Compliance ..................................... 3 Municipal Compliance ................................... 12 Appeals .............................................................. 26 Privacy Complaints .......................................... 38 Personal Health Information Protection Act (PHIPA) .................................. 41 As I look back on the past years of the IPC, I feel that Ontarians can be assured that this office has grown into a first-class agency, known around the world for demonstrating innovation and leadership, in the fields of both access and privacy. STATISTICS 4 1 REQUESTS BY THE PUBLIC UNDER FIPPA/MFIPPA There were 55,760 freedom of information (FOI) requests filed across Ontario in 2013, nearly a 6% increase over 2012 where 52,831 were filed TOTAL FOI REQUESTS FILED BY JURISDICTION AND RECORDS TYPE Personal Information General Records Total Municipal 16,995 17,334 34,329 Provincial 7,029 14,402 21,431 Total 24,024 31,736 55,760 TOTAL FOI REQUESTS COMPLETED BY JURISDICTION AND RECORDS TYPE Personal Information General Records Total Municipal 16,726 17,304 34,030 Provincial 6,825 13,996 20,821 Total 23,551 31,300 54,851 TOTAL FOI REQUESTS COMPLETED BY SOURCE AND JURISDICTION Municipal Provincial Total
    [Show full text]
  • Making the Cut? | SPECIAL REPORT | Sept
    DATA PRIVACY & SECURITY SPECIAL REPORT SEPT. 24, 2020 After EU judges struck down the Privacy Shield data-transfer agreement, what’s next for US tech Making giants, thousands of other companies and regulatory the Cut? regimes around the world? INSIGHT | COMMENTARY | ANALYSIS Editor’s Letter Lewis Crofts MLex Editor-in-Chief We have arranged it in three thematic sections to reflect the multiple moving parts of the topic: 1) the EU court’s decision and immediate effects on Facebook and other companies; 2) the scramble by the US and EU to work out what to do about replacing the binned agreement and making SCCs more robust; and headache. A bombshell. A seismic shift. 3) the concerns and responses by other affected However dramatic you might like your countries around the world — including the UK, A metaphors, there is little doubt that EU Japan and Australia. judges delivered an extraordinarily significant We trust you enjoy reading this report and ruling on July 16. In striking down Privacy Shield, find it a useful guide to a complex, evolving issue. the EU-US data-transfer framework, they instantly The reporting here is a brief example of the threw into doubt the operations of more than insight and predictive analysis that MLex brings 5,000 US companies that relied on it. subscribers to our data privacy and security The ruling — essentially based on the failure service every day. of the mechanism to protect EU citizens’ data The stories included were all published from US government snooping — doesn’t as events unfolded, bringing our subscribers prevent companies transferring data between unrivalled insight into the significance of the EU and other foreign countries under developments and the likely next steps in an issue “standard contractual clauses.” But these can’t that will affect the operations of many thousands protect data in countries, including the US, that of businesses around the world.
    [Show full text]
  • Redesigning Care Through Digital Health Implementation
    Redesigning Care through Digital Health Implementation Lessons Learned from Ontario Hospitals Acknowledgements The Ontario Hospital Association (OHA) would like to thank all the member hospitals and provincial partners who contributed to this resource. Individual contributing authors are noted at the end of each story. The OHA also acknowledges the ongoing and valuable work of all health care professionals who embrace change as hospitals innovate to improve care delivery and patient experiences. Disclaimer This publication is a collection of hospital submissions The Ontario Hospital Association (OHA) assumes no showcasing digital health implementation initiatives responsibility or liability for any harm, damage or other across the province. It has been created for general losses, direct or indirect, resulting from any reliance on information purposes only and implementation the use or the misuse of any information contained in suggestions should be adapted to the circumstances of this resource. Facts, figures and resources mentioned each hospital. Hospitals should seek their own legal and/ throughout the document have not been validated by or professional advice and opinion when developing the OHA. For details on sources of information, readers their organization’s approach and plans for digital health are encouraged to contact the hospital directly using the implementation. contact information cited in each submission. I Introduction Digital technologies have, and will continue to, These factors point to what may be the key ingredient
    [Show full text]
  • ITAC Health PHIPA Modernization Feedback to ONTARIO MOHLTC FEBRUARY 21, 2020 Summary 2
    ITAC Health PHIPA Modernization Feedback TO ONTARIO MOHLTC FEBRUARY 21, 2020 Summary 2 At the conclusion of November 20, 2019 meeting hosted by the MOHLTC privacy policy team that included representatives from ITAC Health Board and members, an action opportunity was requested and permission received to share the Ministry’s PHIPA Modernization document with select privacy subject matter experts within the ITAC Health membership. ITAC Health members, including SME members, have provided input that has been collected and summarized in this document. Our goal is to provide timely and in-depth feedback beyond the November meeting’s initial reflections on the PHIPA Modernization policies. We appreciate the opportunity to contribute to the Ministry our summary that includes five sections in companion to this executive summary: thematic topics related to PHIPA Modernization; beyond PHIPA, privacy (and security) contextual discussion; and general comments, recommendations and questions on PHIPA Modernization; direct references to slide content in Ministry’s PHIPHA Modernization deck; bibliography of external documents relevant to PHIPA Modernization effort 1. PHIPA Privacy Themes 3 Roles and responsibilities under the new PHIPA Penalties Under the New PHIPA Consent – aligned with GDPR Patient access to information De-identification and secondary use Right to portability Right to be forgotten Breach notification Research Ethic Boards harmonization Governance operating model Levers for change to enable data sharing Roles and responsibilities under the 4 new PHIPA Patient - a natural person whose personal data is processed by a controller or processor Health information custodian (HIC) - a person who determines the purposes for which and the manner in which any personal data are, or are to be, processed.
    [Show full text]
  • Canadian Cross-Border Data: Your Data May Be Heading South Even When You Are Not
    Canada Institute | May 2019 Canadian Cross-Border Data: Your Data May Be Heading South Even When You Are Not By Jacqueline Orr Canadian data: what goes where? Canada is fast becoming a technology powerhouse with cities across the country such as Waterloo, Calgary, Toronto, Montreal, and Edmonton transforming into tech hubs. They promise that their research centers and internet companies are going to light the way for Canada’s innovation economy. But the state of Canada’s internet is increasingly becoming an oxymoron. While Canada’s internet economy might be self-sustaining, the Canadian internet itself is not. Issues of territoriality are fluid and unbound. This is because Canada’s network infrastructure relies on American networks to transfer and store data. But, when Canadian data enters the United States, it becomes foreign data and is not protected by the same privacy rights as those accorded to U.S. domestic data and its owners. CIRA, the Canadian Internet Registration Authority, states that three-quarters of the Canadian population spends three to four hours a day online.1 CIRA also reports 64 percent of Canadians are concerned about the security of their personal information when it is routed through the United States. Are these concerns justified? This Canada Institute briefing explores key questions about cross-border data travel to better understand the risks and opportunities facing Canadians in an increasingly inter-connected world. There is a glossary at the end of the document. Is it legal for the U.S. government to collect data from Canadians? Yes. U.S. government agencies may collect any foreign data that crosses into U.S.
    [Show full text]
  • Copy of Data Inventory
    Copy of Data Inventory # Public Title Short Description Long Description (Body) Other Title Data Custodian Data Custodian Tags Date Range ‐ Start Date Range ‐ End Date Created Date Contains Geographic Publisher Update Access Level Exemption Rationale not to Dataset URL License Type File Types Additional Comments Email Branch published Markers Frequency Release (extensions) 1 Consent and Capacity This dataset contains case‐related The case management system CaseLoad Consent and 2014‐03‐15 TRUE Consent and Daily Restricted Confidentiality The case management Other Licence DBF Board (CCB) Case data and information for CCB provides case‐related data such as Capacity Board Capacity Board system contains Management System applications from March 15 2014 contact information of the parties that private contact onward. come before the CCB, information information, about the hearing scheduling process, reference to personal file status, hearing information and health information case disposition. and sensitive, confidential party/case information. 2 Consent and Capacity This dataset contains case‐related The scheduling database provides Consent and 2006‐04‐01 2014‐03‐14 TRUE Consent and Other Restricted Confidentiality The scheduling Other Licence ACCDB This dataset is no longer updated. Board (CCB) Scheduling data and information for CCB case‐related data such as contact Capacity Board Capacity Board database contains Data not used for day‐to‐day Database applications from April 1 2006 to information of the parties that come private contact business. Occasional use for March 14 2014. before the CCB, information about the information, reference only. hearing scheduling process, file status, reference to personal hearing information and case health information disposition. and sensitive, confidential party/case information.
    [Show full text]
  • A/74/130 General Assembly
    United Nations A/74/130 General Assembly Distr.: General 30 July 2019 Original: English Seventy-fourth session Item 109 of the provisional agenda* Countering the use of information and communications technologies for criminal purposes Countering the use of information and communications technologies for criminal purposes Report of the Secretary-General Summary The present report has been prepared pursuant to General Assembly resolution 73/187, entitled “Countering the use of information and communications technologies for criminal purposes”. In that resolution, the General Assembly requested the Secretary-General to seek the views of Member States on the challenges that they faced in countering the use of information and communications technologies for criminal purposes and to present a report based on those views for consideration by the General Assembly at its seventy-fourth session. The report contains information on the views of Member States submitted pursuant to the aforementioned resolution. __________________ * A/74/150. V.19-08182 (E) 190819 200819 *1908182* A/74/130 Contents Page I. Introduction ................................................................... 4 II. Replies received from Governments ............................................... 4 Argentina ..................................................................... 4 Armenia ...................................................................... 6 Australia ..................................................................... 8 Austria ......................................................................
    [Show full text]
  • Ontario's Electronic Health Record (EHR
    Ontario’s Electronic Health Record (EHR) Conceptual Information Model (CIM) Digital Health Enabled VERSION 2.0 Version History Version Number Date Summary of Change Changed By 1.0 November 2014 Initial version part of Ontario’s Ehealth Blueprint eHealth Ontario, Architecture & Standards Division 2.0 June 26, 2019 Updated to align with HL7 Electronic Health Record eHealth Ontario, Architecture & System Functional Model (EHR-S FM) [Draft Standards Division Release 2.1] CIM 2.0 Page 1 Table of Contents Introduction ...................................................................................................................................................................... 3 Overview ............................................................................................................................................................................ 4 Information Architecture .................................................................................................................................................................................................... 6 EHR Information Principles ............................................................................................................................................................................................... 6 Modelling References .......................................................................................................................................................................................................... 7 Conceptual Information
    [Show full text]
  • Exhibit 2 Crown-Controlled Corporations
    Exhibit 2 Crown-Controlled Corporations Corporations whose accounts are audited by an auditor other than the Auditor General, with full access by the Auditor General to audit reports, working papers and other related documents as required Alcohol and Gaming Commission of Ontario North West Local Health Integration Network Agricultural Research Institute of Ontario Ontario Capital Growth Corporation Central East Local Health Integration Network Ontario College of Trades Central Local Health Integration Network Ontario French-language Educational Central West Local Health Integration Network Communications Authority (TFO) Champlain Local Health Intgration Network Ontario Health Quality Council Education Quality and Accountability Office Ontario Infrastructure and Lands Corporation eHealth Ontario (Infrastructure Ontario) Erie St. Clair Local Health Integration Network Ontario Lottery and Gaming Corporation Forest Renewal Trust Ontario Pension Board (Dec 31)* General Real Estate Portfolio Ontario Power Generation Inc. (Dec 31)* Hamilton Niagara Haldimand Brant Local Health Ontario Tourism Marketing Partnership Corporation Integration Network Ontario Trillium Foundation HealthForceOntario Marketing and Recruitment Ottawa Convention Centre Corporation Agency Owen Sound Transportation Company Limited Health Shared Services Ontario (HSSOntario) Ontario Agency for Health Protection and Higher Education Quality Council of Ontario Promotion (Public Health Ontario) Human Rights Legal Support Centre Royal Ontario Museum Hydro One Inc. (Dec 31)* Science
    [Show full text]
  • Data Transfers to the US Since the Schrems II
    Data transfers to the U.S. since the Schrems II judgement: An analysis seeking to integrate GAFAM and major providers in the E.U. enforcement strategy Tilburg Institute for Law, Technology and Society, Tilburg University LL.M. Law and Technology Janvier Parewyck SNR 2065486 June 2021 Supervisor: Prof. Dr. Eleni Kosta Second Reader: Dr. Irene Kamara Table of Content Chapter 1 – Introduction ...................................................................................................................... 4 1.1 Background ................................................................................................................................... 4 1.2 Problem Statement ........................................................................................................................ 8 1.3 Methodology and limitations ......................................................................................................... 8 1.4 Narrative structure ......................................................................................................................... 9 Chapter 2 – Lawfulness of data transfers in EU law up to the Schrems II judgement and the invalidation of the Privacy Shield ...................................................................................................... 10 2.1 Introduction ................................................................................................................................. 10 2.2 The GDPR regime and the ‘accountability’ principle ................................................................
    [Show full text]