Office of Legal, Compliance and Privacy

Brock’s Legal, Privacy, and Compliance unit serves the University community by providing legal services, privacy and freedom of information supports, records management administration, and investigation services. The unit is also responsible for advising on and overseeing the University’s compliance activities.

What do we do?


The legal team provides legal services to the University, including the provision of legal advice across the University, drafting, amending, and negotiating contracts, managing litigation and dispute resolution files, assisting with policy development, and engaging external counsel as needed. The legal team also includes an internal investigator responsible for performing investigations into allegations of harassment and discrimination and managing external investigations.

Privacy and Freedom of Information

The privacy office handles all aspects of protection of privacy and freedom of information, including providing advice and training on privacy, conducting privacy assessment impacts, facilitating privacy and confidentiality agreements, investigating and responding to privacy breaches and complaints, processing all freedom of information requests, responding to any freedom of information appeals and mediations, and fulfilling the University’s provincial reporting requirements.


The records team manages the University’s records management program, including implementation of the University’s records policy, procedures, and standards, maintaining, and updating records retention schedules, handling all records disposition requests, advising on records matters, educating the university community regarding best practices in records management, and assisting with records inventories and clean ups.


The legal team also supports the University’s compliance program, monitoring and advising on compliance requirements, providing guidance regarding industry relevant compliance practices, and reporting to the Audit Committee of the Board of Trustees annually on areas of non-compliance and identified compliance risks.