Preamble

1.1.
The Personal Information Protection Policy (the “Policy”) is established by RMDS Innovation (the “Company”) in accordance with the Act to modernize legislative provisions as regards the protection of personal information (Act 25), which was enacted on September 22, 2021. This law aims to modernize the regulatory framework related to the protection of personal information.

Person in Charge of Implementation

2.1.
The president of RMDS Innovation is responsible for the implementation of this Policy and, more broadly, for overseeing the protection of personal information within the Company.

2.2.
To enhance the security of personal information and promote uniformity in practices, a committee specializing in personal information protection has been established.

2.3.
All employees of the Company are required to assist in locating documents and information that are the subject of any access request.

2.4.
It is the duty of employees to maintain the confidentiality of personal information and sensitive data.

Committee on Personal Information Protection

3.1.
The Committee on Personal Information Protection is composed of the following members:

• The person responsible for personal information protection within the company;
• People responsible of Administration and Human resources functions of the Company;
• Any other individual whose expertise is deemed necessary.

3.2.
The person responsible for personal information protection acts as the chairman of the Committee.

3.3.
Sessions are convened by the chairman of the Committee.

3.4.
The Committee’s responsibilities include:

• Ensuring the implementation of this policy and best practices regarding personal information protection;
• Defining and approving guidelines on personal information protection;
• Approving governance rules;
• Issuing opinions and proposing protective measures for any project involving the acquisition, development, or overhaul of the information system;
• Planning and ensuring the implementation of training activities related to the protection of private information;
• Promoting the guidelines, directives, and decisions made by the Information Access Commission;
• Regularly reassessing the level of personal information protection;
• Handling complaints related to personal information protection.

Complaints Regarding Personal Information Protection

4.1.
Complaints can be submitted electronically to PRP@rmds.ca.

4.2.
Such complaints will be examined in a timely manner by the Committee on Personal Information Protection, which will take the necessary actions.