First Reference Talks » Privacy and Security

Archive for the ‘Privacy and Security’ Category

Year-end round-up

Tuesday, January 10th, 2012

Like most of you, I’m sure, I was extra busy before Christmas last year, and to top it all off, I got sick and had to leave some things unfinished. So I couldn’t bring you this brief round-up of things that happened in the last three months of 2011, much of which has to do with technology and how employers will use it to interact with employees and customers. But it’s a new year and I’ve recovered from my illness and my holidays, so without further ado…

Read the rest of this post »

Tags: Anti-spam bill, Canadian anti-spam legislation, cloud computing, copyright, Copyright Modernization Act, ECPA, facebook, Facebook comments as evidence, Facebook evidence, FISA, just cause to quit, no reasonable alternative to leaving the employment, online sales, online targeting, online tracking, personal information, Personal Information Protection and Electronic Documents Act, PIPEDA, profiling, public disclosure, social media, social networking, workplace conflict, Workplace Injury Tribunal
Posted in Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

Slaw: Mandatory reporting of Internet child pornography by persons who provide an Internet service now law

Thursday, December 22nd, 2011

On December 8, 2011, the federal Act respecting the mandatory reporting of Internet child pornography by persons who provide an Internet service (formerly Bill C-22) came into force. The new legislation aims to protect children from online sexual exploitation, by requiring suppliers of Internet services to the public to:

Read the rest of this post »

Tags: child pornography, criminal code, Cybertip.ca, employment law, Internet child pornography, Internet service, ISP, Mandatory reporting, persons who provide an Internet service, suppliers of Internet services, The Canadian Centre for Child Protection, to protect children from online sexual exploitation
Posted in Employee Relations, Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

Canada-U.S. Beyond the Border Action Plan proposes immigration-related initiatives

Thursday, December 15th, 2011

On December 7, 2011, US President Obama and Canada’s Prime Minister Harper released their Beyond the Border Action Plan, which discusses their shared vision for perimeter security. In furtherance of this objective, the plan proposes several immigration-related initiatives.

Read the rest of this post »

Tags: Beyond the Border Action Plan, business travel, Canada-US border, Electronic Travel Authorization, employment law, Foreign workers, Immigration Law, screening methodologies and programs, Security and Economic Competitiveness, United States
Posted in Corporate Immigration, Human Resources, Privacy and Security | 1 Comment »

Another example of how Facebook comments can jeopardize an employee’s job

Friday, November 11th, 2011

A first-grade teacher in New Jersey could lose her job following a questionable Facebook post. While this story comes out of the US, the lessons can apply to workplaces located in Canada.

Read the rest of this post »

Tags: consistent monitoring and enforcement of policy, context, facebook, Facebook firing, inexusable, lose her job, off-duty posting on Facebook, online comments, questionable Facebook post, social media, social media policy, stuck by a student, teacher, terminated
Posted in Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

Sick days or personal days?

Thursday, November 3rd, 2011

Employers are often at a loss as to how to ensure employees who take sick days are really sick and not simply abusing the system. They are often scared to ask for doctor’s notes, but also scared that if they don’t, the abuse will become rampant. I often encourage employers to consider abandoning the notion of sick days altogether, and simply provide a fixed number of “personal days”, which eliminates the implicit or explicit requirement that an individual be sick in order to have time off.

Read the rest of this post »

Tags: Absenteeism, abusing sick days, act of bad faith, Disability, discrimination, doctor's note, duty to accommodate, employment law, Honda v. Keays, managing absenteeism, personal days, policies and procedures, sick days, sick leave policy, time off to take care of personal responsibilities, vacation
Posted in Employee Relations, Employment Standards, Health and Safety, Human Resources, Privacy and Security | 3 Comments »

Personal information online: new tools, old responsibilities

Monday, October 24th, 2011

Sometimes, technology creates new ways to exploit information faster than the law and business can keep up. The Office of the Privacy Commissioner of Canada is trying to make sure that doesn’t happen in the case of behavioural advertising. Last year, the Privacy Commissioner conducted consultations on the new ways that organizations are collecting and using customers’ personal information, and prepared its Report on the 2010 Office of the Privacy Commissioner of Canada’s Consultations on Online Tracking, Profiling and Targeting, and Cloud Computing.

Read the rest of this post »

Tags: behavioural advertising, marketing, mobile technology, Office of the Information and Privacy Commissioner, oipc, privacy, Privacy Commissioner, profiling, targeting, technology, tracking
Posted in Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

What HR professionals need to know about ‘kidnap and ransom’ insurance

Tuesday, October 18th, 2011

Organizations that send employees to destinations with a high risk of kidnapping should seriously contemplate kidnap and ransom (K&R) insurance. K&R insurance protects individuals and corporations, typically covering kidnapping, extortion, wrongful detention and hijacking. K&R policies may also indemnify personal accident losses caused by kidnapping, and will generally cover the fees and expenses of crisis management consultants.

Read the rest of this post »

Tags: crisis management, employment law, extortion, hijacking, hostage, insurance, kidnap & ransom insurance, kidnapping, post-captivity support, risk management, wrongful detention
Posted in Finance and Accounting, Health and Safety, Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

Proposed privacy changes in British Columbia

Friday, October 14th, 2011

The Freedom of Information and Protection of Privacy Amendment Act, 2011 (Bill 3) was introduced in the British Columbia legislature on October 4, 2011. The Bill aims to facilitate digitization, compiling, sharing and combining of personal data across government ministries (including the Ministry of Labour, Citizens’ Services and Open Government). Individuals would be able to access government services with a secure digital identification card and personal ID number.

Read the rest of this post »

Tags: bill 3, combine personal data across ministries, data linking, digital identification, FOIPP, Freedom of Information and Protection of Privacy Act, Ministry of Labour, open government, personal data, personal information, Privacy Commissioner, privacy concerns
Posted in Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

Slaw: Banning teachers from communicating with their students on social media

Thursday, September 15th, 2011

In the age of social media like Facebook and Twitter, school administrators are asking whether such electronic communication is appropriate between students and teachers. They are wondering where boundaries for such communication should be placed. Many school boards are choosing a strict path, forbidding or restricting any communication via social media between students and teachers.

Read the rest of this post »

Tags: Amy Hestir Student Protection Act, Banning teachers from communicating with their students, Conduct and behaviour in the workplace, education, electronic communication, Employee code of conduct, employment law, facebook, one-on-one means of communication, school boards, social media, twitter
Posted in Employee Relations, Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

A new age of records retention: good policy more than worth the effort

Tuesday, September 6th, 2011

There are a number of potentially troublesome issues associated with retaining records. For example: there are storage and privacy concerns; organizations must ensure they keep records secure in accordance with relevant privacy laws. At the same time, organizations might not have considered the self-incriminating information that records might hold, and they will want to ensure they don’t keep potentially incriminating records any longer than the law requires.

Read the rest of this post »

Tags: audit, document destruction, document management, document retention, evidence, FAPP, Finance and Accounting PolicyPro, Information Technology PolicyPro, ITPP, Personal Information Protection and Electronic Documents Act, PIPEDA, records management, self-incrimination
Posted in Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

Need to know: privacy commissioner’s report on pressing online privacy issues

Tuesday, September 6th, 2011

In 2010, the Office of the Privacy Commissioner of Canada conducted consultations on current privacy issues, including online tracking, profiling, targeting and cloud computing. The office released its report on the consultations earlier this year, and it’s available online.

Read the rest of this post »

Tags: cloud computing, Office of the Privacy Commissioner of Canada, oipc, online targeting, online tracking, Personal Information Protection and Electronic Documents Act, PIPEDA, privacy by design, Privacy Commissioner, profiling, social media, social networking
Posted in Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

Facebook, privacy and the workplace

Monday, August 22nd, 2011

You might have heard about the case in which two car dealership workers were fired for cause after they wrote offensive and harassing messages on Facebook about their employer and managers.

Read the rest of this post »

Tags: facebook, Facebook firing, policy, privacy, social media, social media policy, social networking, termination, workplace harassment
Posted in Human Resources, Human Rights, Internal Controls, IT, Privacy and Security, Privacy and Security | Make a Comment »

Slaw: Using employee (patient) health information in human resources investigation

Thursday, August 11th, 2011

The Alberta Information and Privacy Commissioner recently confirmed that Alberta Health Services (AHS) breached the rights of one of its employees by intentionally using information from his addiction counselling against him during a human resources investigation. The breach of the employee’s personal health information clearly contravened the Health Information Act (HIA).

Read the rest of this post »

Tags: addiction counselling, Alberta, Alberta Health Services, Data breach, Disability, disclosure of personal information, employment law, health information, human resources investigation, Information and Privacy Commissioner, personal health information, personal information
Posted in Human Resources, Privacy and Security | Make a Comment »

Employer and insurer both breached privacy of employee

Wednesday, June 29th, 2011

The Office of the Information and Privacy Commissioner of Alberta has determined that an employer violated the Personal Information Protection Act and the Freedom of Information and Protection of Privacy Act when it disclosed more information than necessary to determine the employee’s eligibility for disability benefits, and that the group insurance provider used the information without consent.

Read the rest of this post »

Tags: Alberta, Breach of privacy, collecting medical information, consent, Disability benefits, Disclosing medical information, eligibility for disability benefits, employment law, Freedom of Information and Protection of Privacy Act, group insurance, Office of the Information and Privacy Commissioner, oipc, personal information, Personal Information Protection Act, using medical information, workers’ compensation, workplace injury
Posted in Human Resources, Privacy and Security | Make a Comment »

Workplace violence and privacy: what’s the connection?

Tuesday, June 28th, 2011

So here’s a question to ask yourself—what are your legal obligations under Ontario law when you see an online photo of your worker committing violent acts?

Read the rest of this post »

Tags: 12th Annual Ontario Employment Law Conference, Bill 168, employment law, facebook, harassment, health and safety, Kelly McDermott, occupational health and safety act, OH&S, OHSA, ontario, policies and procedures, Rioting, social media, Stanley Cup playoffs, Stringer Brisbin Humphrey, termination, twitter, workplace harassment, workplace violence, wrongful dismissal
Posted in Conferences, Health and Safety, Human Resources, Privacy and Security | Make a Comment »