personal information
January 22, 2013 Maanit Zemel Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security,
The recent loss of a Canadian government hard drive containing personal information of receivers of student loans and the ensuing class action lawsuit are a stark reminder of how easy it is to be exposed to the pitfalls of data security breaches. In this day and age, when company data is stored on small, mobile devices, all it takes is an absent-minded employee leaving their USB key or smarthpone on the subway.
absent-minded employee, class action lawsuit, company data outside of the office, Computers, customer data belonging to her employer, data security breaches, electronic devices, electronic information, employer’s data at termination, employment contract, employment law, hackers, hard drives, legal assistance, passwords, personal information, policies and procedures, portable devices, rogue employees, sensitive electronic information, smarthpone, USB key
October 31, 2012 Lauren Bride Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security,
Last week, Alison J. Bird wrote for the First Reference Talks blog about the R. v. Cole case, involving a high school teacher who had kept photos of a naked, underage student on his work computer. In the several days, there have been a flurry of news stories calling attention to privacy boundaries employees can expect regarding work-licensed technology.
Canadian Association of Counsel to Employers, company IT and employee privacy policies, company policy, Daniel Michaluk, Due diligence, Employee privacy, employee privacy and work-issued computers, employment law, internet browsing history, passwords, personal information, policies around work-issued computers and other electronic devices, privacy boundaries, privacy law, private-sector privacy laws, R. v. Cole, safeguards, Supreme Court of Canada, The Lawyers Weekly, type of digital file, work-licensed technology, workplace policies
April 26, 2012 Yosie Saint-Cyr Employee Relations, Human Resources, Privacy and Security
The privacy commissioners of Canada, Alberta and British Columbia have developed a guide to help organizations implement an effective privacy management program that meets private-sector privacy legislation and to provide consistent direction on what it means to be an accountable organization when dealing with individuals’ personal information…
accountability, customer trust, employment law, information practices, online information practices of organizations, personal information, Privacy Commissioner, privacy law, privacy management, private-sector privacy laws, reputational risk
February 22, 2012 Earl Altman Employee Relations, Human Resources, Privacy and Security
The Ontario Court of Appeal decision in Jones v. Tsige deals with a novel claim, one for damages for invasion of personal privacy. This decision has garnered a great deal of comment in the popular press in the time since its release. Is the decision as radical as some writers have suggested? What are the implications for privacy rights in Ontario, and, in particular, the conduct of employers and employees?
breach of personal privacy, Canadian Charter of Human Rights and Freedoms, class action lawsuit, Court of Appeal, damages for invasion of personal privacy, disclosure of personal information, Due diligence, employment law, improper disclosure of confidential information, intrusion upon seclusion, invasion of personal privacy, Jones v. Tsige, ontario, personal information, privacy legislation, privacy rights in Ontario, Second Restatement of Torts, tort of breach of privacy
January 10, 2012 Adam Gorley Human Resources, Payroll, Privacy and Security
Like most of you, I’m sure, I was extra busy before Christmas last year, and to top it all off, I got sick and had to leave some things unfinished. So I couldn’t bring you this brief round-up of things that happened in the last three months of 2011, much of which has to do with technology and how employers will use it to interact with employees and customers. But it’s a new year and I’ve recovered from my illness and my holidays, so without further ado…
Anti-spam bill, Canadian anti-spam legislation, cloud computing, copyright, Copyright Modernization Act, ECPA, facebook, Facebook comments as evidence, Facebook evidence, FISA, just cause to quit, no reasonable alternative to leaving the employment, online sales, online targeting, online tracking, personal information, Personal Information Protection and Electronic Documents Act, PIPEDA, profiling, public disclosure, social media, social networking, workplace conflict, Workplace Injury Tribunal
October 14, 2011 Christina Catenacci Human Resources, Privacy and Security
The Freedom of Information and Protection of Privacy Amendment Act, 2011 (Bill 3) was introduced in the British Columbia legislature on October 4, 2011. The Bill aims to facilitate digitization, compiling, sharing and combining of personal data across government ministries (including the Ministry of Labour, Citizens’ Services and Open Government). Individuals would be able to access government services with a secure digital identification card and personal ID number.
bill 3, combine personal data across ministries, data linking, digital identification, FOIPP, Freedom of Information and Protection of Privacy Act, Ministry of Labour, open government, personal data, personal information, Privacy Commissioner, privacy concerns
August 11, 2011 Yosie Saint-Cyr Human Resources, Privacy and Security
The Alberta Information and Privacy Commissioner recently confirmed that Alberta Health Services (AHS) breached the rights of one of its employees by intentionally using information from his addiction counselling against him during a human resources investigation. The breach of the employee’s personal health information clearly contravened the Health Information Act (HIA).
addiction counselling, Alberta, Alberta Health Services, Data breach, Disability, disclosure of personal information, employment law, health information, human resources investigation, Information and Privacy Commissioner, personal health information, personal information
June 29, 2011 Christina Catenacci Human Resources, Privacy and Security
The Office of the Information and Privacy Commissioner of Alberta has determined that an employer violated the Personal Information Protection Act and the Freedom of Information and Protection of Privacy Act when it disclosed more information than necessary to determine the employee’s eligibility for disability benefits, and that the group insurance provider used the information without consent.
Alberta, Breach of privacy, collecting medical information, consent, Disability benefits, Disclosing medical information, eligibility for disability benefits, employment law, Freedom of Information and Protection of Privacy Act, group insurance, Office of the Information and Privacy Commissioner, oipc, personal information, Personal Information Protection Act, using medical information, workers’ compensation, workplace injury
May 4, 2011 Yosie Saint-Cyr Human Resources, Privacy and Security
Customers and employees entrust their personal information to businesses on a daily basis and expect that these businesses will treat that information with the care and respect it deserves by implementing the proper safeguards to keep it safe. However, just recently…
Alberta, British Columbia, class action lawsuit, data breaches, employment law, identity theft, law, lawsuit, Notice, ontario, personal data security, personal information, PlayStation, PlayStation Network, privacy legislation, privacy safeguards, private-sector privacy laws, protect personal information, PSN, Qriocity, Securing Personal Information, Securing Personal Information: A Self-Assessment Tool for Organizations, serious breach of the electronic security, Sony, unauthorized access
February 24, 2011 Adam Gorley Human Resources, Privacy and Security
Here’s something readers might want to know about: the Federal Court has awarded damages in a case based on the Personal Information Protection and Electronic Documents Act. Why is that special? Well, it’s the first damages award in the 10-year history of the Act.
damage award, document recording and retention obligations, document retention policies, employment law, FAPP, Federal Court, Finance and Accounting PolicyPro, Human Resources PolicyPro, information management, Information Technology PolicyPro, ITPP, maintaining accurate information, personal information, Personal Information Protection and Electronic Documents Act, PIPEDA, The Human Resources Advisor
January 7, 2011 Christina Catenacci Human Resources, Privacy and Security
I recently read a case coming out of the Alberta Office of the Information and Privacy Commissioner dealing with an access to information request. Though this was a case dealing with a public body, the principle applies to any information request: there was simply no reason to deny the disclosure of information.
access to information, Alberta, disclosure, employment law, FIPPA, Freedom of Information and Protection of Privacy Act, information request, Office of the Information and Privacy Commissioner, personal information, trade secrets
December 17, 2010 Christina Catenacci Human Resources, Privacy and Security
I recently read a news release by the Alberta Office of the Information and Privacy Commissioner that indicated that there are still high incidences of laptops containing personal information being stolen—without having security measures such as encryption put in place. The commissioner was left scratching his head.
Alberta, canadian employment law, employment law, encryption, Encryption technology, identity theft, laptops, Office of the Information and Privacy Commissioner, personal information, private sector privacy legislation, protecting personal information, security measures, stolen laptops, technology
June 23, 2010 Yosie Saint-Cyr Human Resources, Privacy and Security
A weekend Toronto Star article reported that employees at the Canada Revenue Agency are improperly reviewing the private financial affairs of taxpayers. Some are using agency computers to give favoured treatment to colleagues, friends, family—and themselves…
Canada Revenue Agency, CRA, customer personal information, disclosure of personal information, employment law, personal information, personal information protection, PIPA, PIPEDA, privacy, privacy and risk management, privacy breach, privacy legislation, privacy policy, privacy rights
June 10, 2010 Colin Braithwaite Human Resources, Privacy and Security
I’ve discussed the Privacy by Design principle before, in the Inside Internal Control newsletter. In case you don’t know, PbD is an approach developed by Dr. Ann Cavoukian, the Privacy Commissioner of Ontario, which proactively embeds privacy protection by default in the design of an organization’s practices and products.
confidentiality, employee personal information, PbD, PbD principles, personal information, privacy, privacy and risk management, privacy by design, Privacy Commissioner, privacy legislation
April 26, 2010 Adam Gorley Human Resources, Human Rights, Privacy and Security
I’ve discussed workplace gossip here before, and what bosses can do to prevent it or at least reduce the potential harm, but there are a couple of hyper-modern developments that I didn’t get into: reality television and the Internet. These two things have created a culture of “sharing”, for lack of a better word, that encourages people at play or work to divulge the most mundane and private details of their lives to others—the kind of information that one previously might only have shared with family or best friends.
employee relations, Employer liability, gossip, oversharing, personal information, privacy, social media
Year-end round-up
January 10, 2012 Adam Gorley Human Resources, Payroll, Privacy and Security
Like most of you, I’m sure, I was extra busy before Christmas last year, and to top it all off, I got sick and had to leave some things unfinished. So I couldn’t bring you this brief round-up of things that happened in the last three months of 2011, much of which has to do with technology and how employers will use it to interact with employees and customers. But it’s a new year and I’ve recovered from my illness and my holidays, so without further ado…
Share this:
Anti-spam bill, Canadian anti-spam legislation, cloud computing, copyright, Copyright Modernization Act, ECPA, facebook, Facebook comments as evidence, Facebook evidence, FISA, just cause to quit, no reasonable alternative to leaving the employment, online sales, online targeting, online tracking, personal information, Personal Information Protection and Electronic Documents Act, PIPEDA, profiling, public disclosure, social media, social networking, workplace conflict, Workplace Injury Tribunal