Data breach

Mandatory data breach reporting – a message from the Privacy Commissioner of Canada

November 5, 2019 Christina Catenacci Employee Relations, HR and Technology, Human Resources, Privacy and Security, 0

On October 31, 2019, the Office of the Privacy Commissioner of Canada shared what has been learned and what businesses need to know with respect to mandatory data breach reporting under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA).

breach of security safeguards, Data breach, data breach reporting, employment law, Personal, personal data, personal data security, Personal Information Protection and Electronic Documents Act

Proposed privacy breach of security safeguards under PIPEDA

October 4, 2017 Christina Catenacci HR and Technology, HR Policies and Procedures, Human Resources, Privacy and Security

Organizations that have control over an individual’s personal information are recommended to become familiar with the proposed requirements so that they are prepared to respond to the changes.

breach of security safeguards, Data breach, Digital Privacy Act, employment law, personal information, PIPEDA

Privacy Commissioner releases annual report regarding portable storage devices

December 17, 2015 Christina Catenacci Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security

On December 10, 2015, the Privacy Commissioner of Canada released an annual report to Parliament highlighting a result of an audit of the government’s management of portable storage devices and reported data breaches.

accidental disclosure, Breach notification, corporate governance, Daniel Therrien, Data breach, encryption, Internal Controls, personal information, policies and procedures, portable storage device, Privacy Act, privacy and security risks, Privacy audit, Privacy Commissioner of Canada, reported data breaches, security settings

Three popular articles this week on HRinfodesk

July 9, 2015 Yosie Saint-Cyr, LL.B. Managing Editor Accessibility Standards, Employee Relations, HR Policies and Procedures, Human Resources, Human Rights, Integrated Accessibility Regulation, Notice, Damages and Settlements, Payroll, Penalties and Fines, Pensions and Benefits, Privacy and Security, Recruiting and Hiring, Standard for Employment, Training and Development, Union Relations, Wages and Compensation

Three popular articles this week on HRinfodesk deal with major changes to PIPEDA; family status test in Alberta; and termination due to a mental disability.

big data, Breach notification, consent, Data breach, Digital Privacy Act, discrimination, employment law, family status test, Personal Information Protection and Electronic Documents Act, PIPEDA, privacy, termination due to a mental disability

Privacy class action to proceed

July 22, 2014 Adam Gorley Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security

Canada will see its first class action lawsuit based on the new tort of invading another’s privacy, after a Bank of Nova Scotia employee leaked customers’ personal information to his girlfriend for personal gain. At least 138 customers were subsequently defrauded. Ontario’s Superior Court accepted that the employer was vicariously liable for the employee’s actions […]

Bank of Nova Scotia, class action, common law tort for invasion of privacy, confidential information, Data breach, data fraud, employment law, Evans v. The Bank of Nova Scotia, fraud, intrusion upon seclusion, invasion of privacy, Jones v. Tsige, lack of oversight, personal information, personal information protection, privacy, vicarious liability

Slaw: Using employee (patient) health information in human resources investigation

August 11, 2011 Yosie Saint-Cyr, LL.B. Managing Editor Human Resources, Privacy and Security

The Alberta Information and Privacy Commissioner recently confirmed that Alberta Health Services (AHS) breached the rights of one of its employees by intentionally using information from his addiction counselling against him during a human resources investigation. The breach of the employee’s personal health information clearly contravened the Health Information Act (HIA).

addiction counselling, Alberta, Alberta Health Services, Data breach, Disability, disclosure of personal information, employment law, health information, human resources investigation, Information and Privacy Commissioner, personal health information, personal information

Termination for cause upheld for breach of computer information access policy

January 28, 2011 Christina Catenacci Employment/Labour Standards, Human Resources, Privacy and Security

Ontario’s Labour Arbitration Board recently held that an employer did not overreact when it terminated an IT employee for cause after he used an employer computer to download, store and share thousands of copyrighted works including movies, TV shows, music tracks, games and pornographic material, totalling over half a terabyte of data. The board found that the employee violated the employer’s trust in him and acted in flagrant disregard for the employer’s computer information access policy over many years.

computer information access policy, Copyright infringement, copyrighted works, Data breach, employee handbook, employee Internet use, employee relations, employment law, file sharing software, Illegal downloads, Internet Security, IT employee, Labour Arbitration Board, Network Security, policy manual, pornographic material, termination for cause