PIPEDA

Recent reports regarding privacy: 2018-2019 survey of Canadians on privacy and 2017 survey of Canadian businesses on privacy-related issues

June 3, 2019 Christina Catenacci Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security, 0

The Privacy Commissioner of Canada has a mandate to protect and promote privacy rights of Canadians, and this includes conducting public opinion research with the general population and also with Canadian businesses on privacy-related issues.

data breaches, employment law, online personal information, Personal Information Protection and Electronic Documents Act, personal privacy, PIPEDA, privacy, privacy compliance practices, privacy policies, privacy rights

A reasonable expectation of privacy: The application of R v. Jarvis to the employment context

May 14, 2019 Piccolo Heath LLP Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security, 0

The recent Supreme Court of Canada decision in R v. Jarvis addressed the circumstances that give rise to a reasonable expectation of privacy. While the case directly considered whether certain recordings violated the Criminal Code, the Court’s broad analysis of when a reasonable expectation of privacy exists applies outside the criminal context, with relevance to employers.

employment law, PIPEDA, privacy, privacy law, privacy violations

Privacy Commissioner releases guidance document regarding cannabis transactions and privacy protection

March 4, 2019 Christina Catenacci Employee Relations, HR Policies and Procedures, Human Resources, Human Rights, Privacy and Security, Training and Development, 0

The Office of the Privacy Commissioner of Canada recently released a guidance document to help cannabis retailers and purchasers understand privacy rights and obligations under the Personal Information Protection and Electronic Documents Act (PIPEDA).

cannabis, employment law, personal information, Personal Information and Protection of Electronic Data Act, PIPEDA, privacy, technological security measures

Privacy Commissioner of Canada’s consent guidelines are in effect as of January 1, 2019

January 7, 2019 Christina Catenacci Employee Relations, Human Resources, 0

Last spring, the Office of the Privacy Commissioner of Canada released an important guidance document concerning meaningful consent. It now applies as of January 1, 2019.

consent, consent process, data protection, employment law, meaningful consent, Personal Information Protection and Electronic Documents Act, PIPEDA, privacy

5 questions regarding PIPEDA’s mandatory breach reporting – What human resources professionals need to know

November 6, 2018 Employer Advisor, McCarthy Tétrault LLP Employee Relations, HR Policies and Procedures, Human Resources, Penalties and Fines, Privacy and Security

This blog answers 5 key questions employers have with respect to the new mandatory breach reporting requirements under PIPEDA.

Canada’s privacy commissioner, compliance with privacy legislation, employer obligations, employment law, mandatory breach reporting, PIPEDA, privacy law

Privacy Commissioner of Canada seeks feedback on breach reporting guidance

October 1, 2018 Christina Catenacci Employee Relations, HR Policies and Procedures, Human Resources, Human Rights, Privacy and Security

On September 17, 2018, the Office of the Privacy Commissioner of Canada (Privacy Commissioner) invited stakeholders to provide feedback on a draft guidance and draft breach reporting form entitled What you need to know about mandatory reporting of breaches of security safeguards by October 2, 2018.

breach reporting, employment law, PIPEDA, privacy, privacy breach

Three popular articles this week on HRinfodesk

August 30, 2018 Yosie Saint-Cyr, LL.B. Managing Editor Employee Relations, Employment/Labour Standards, HR Policies and Procedures, Human Resources, Notice, Damages and Settlements, Payroll, Privacy and Security, Wages and Compensation

The three popular articles this week on HRinfodesk deal with a recent Ontario Court of Appeal decision that clarified the limitation period for a wrongful dismissal claim starts as soon as working notice is provided, the Morneau Shepell survey which shows employers in Canada are expecting salaries to increase by an average of 2.6 percent in 2019, and guidelines on obtaining meaningful consent.

Alberta Personal Information Protection Act, British Columbia Personal Information Protection Act, collecting personal information, collection, compensation, consent, employment law, employment standards act, ESA, Jones v Freidman, limitation period for wrongful dismissal, meaningful consent, obtaining consent, personal information, Personal Information Protection and Electronic Documents Act, PIPEDA, privacy, privacy policies, Quebec Act respecting the protection of personal information in the private sector, salary increases, Severance pay, use and disclosure of personal information, wages, wrongful dismissal, wrongful dismissal claim

Privacy Commissioner of Canada provides guidance on meaningful consent

June 4, 2018 Christina Catenacci Human Resources, Privacy and Security

Obtaining meaningful consent represents a significant responsibility, and the Privacy Commissioner has created a checklist to assist organizations in achieving compliance.

consent process, data protection, employment law, Guidelines for obtaining meaningful consent, meaningful consent, Personal Information Protection and Electronic Documents Act, PIPEDA, privacy, privacy policy

Privacy Commissioner of Canada provides guidance on inappropriate data practices

June 4, 2018 Christina Catenacci Human Resources, Privacy and Security

The Privacy Commissioner has outlined several “No-Go Zones”, and organizations are recommended to avoid collection, use and disclosure of personal information for these inappropriate purposes.

audio surveillance, collect personal information, collecting data, data breaches, data collection, data disclosure, data practices, data protection, employee screening, employment law, inappropriate data practices, personal information, Personal Information Protection and Electronic Documents Act, PIPEDA, privacy, profiling, social media, surveillance, video surveillance

The European Union’s General Data Protection Regulation (GDPR) took effect on May 25, 2018 – what does this mean for Canadian organizations?

June 4, 2018 Christina Catenacci Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security

When determining whether the GDPR applies to our organization, it is important to ask questions such as, “Do I have an establishment in the EU?”, “Do I offer goods or services to individuals in the EU?”, and “Do I monitor the behaviour of individuals in the EU?”

behaviour monitoring, company data breaches, data breaches, data collection, data protection, data security, Employee privacy, employment law, GDPR, General Data Protection Regulation, personal data breach, Personal Information Protection and Electronic Documents Act, PIPEDA, privacy laws, right to be forgotten

Privacy Commissioner of Canada creates draft guidance document outlining inappropriate data practices and no-go zones

December 6, 2017 Christina Catenacci HR and Technology, HR Policies and Procedures, Human Resources, Privacy and Security, Recruiting and Hiring

On September 28, 2017, the Privacy Commissioner of Canada created a draft guidance document providing clarification on inappropriate data practices, specifically focusing on subsection 5(3) of the Personal Information Protection and Electronic Documents Act (PIPEDA). This provision is entitled, “Appropriate purposes”, and states that, “an organization may collect, use or disclose personal information only for purposes that a reasonable person would consider are appropriate in the circumstances”.

access to personal information, Data, disclosure, electronic devices, employment law, no-go zones, personal information, Personal Information and Protection of Electronic Data Act, PIPEDA, Privacy Commissioner of Canada, social media

Proposed privacy breach of security safeguards under PIPEDA

October 4, 2017 Christina Catenacci HR and Technology, HR Policies and Procedures, Human Resources, Privacy and Security

Organizations that have control over an individual’s personal information are recommended to become familiar with the proposed requirements so that they are prepared to respond to the changes.

breach of security safeguards, Data breach, Digital Privacy Act, employment law, personal information, PIPEDA

PHIPA fines in the workplace

August 16, 2017 Lisa Stam, Spring Law HR Policies and Procedures, Human Resources, Privacy and Security

This spring the largest penalty to date was issued under Ontario’s Personal Health Information Protection Act (PHIPA). A social work student was convicted of accessing personal health information without authorization, and ordered pay a $20,000 fine and a $5,000 victim fine surcharge.

common law tort for invasion of privacy, digitized workplace, employment law, invasion of privacy, Personal Health Information Protection Act, Personal Information Protection and Electronic Documents Act, PHIPA, PIPEDA, privacy, Privacy Act

HR and IT: An uneasy alliance

February 6, 2017 Deveen Hunter Employee Relations, HR and Technology, HR Policies and Procedures, Human Resources, Human Rights, Privacy and Security

HR is being called on to focus primarily on strategic goals and to add increasing value to organizations. The other field that has become an integral part of business is technology. It is therefore not surprising that in HRs effort to become increasingly relevant, IT is being leveraged in the execution of the HR function in an increasing number of ways. This e–HR revolution has taken many forms, from applicant tracking systems, to machine learning in recruitment and selection to software driven onboarding and employee HR support. The consequence of this is that more and more HR activities are being executed electronically—by a computer instead of by a person.

Data, data interpretation, employment law, e–HR, e–HR revolution, HR, HR management, HR practitioners, IT and HR, PIPEDA, privacy, Protection and Electronic Documents Act, social media, technoethics

Principle of accountability under PIPEDA

January 9, 2017 Christina Catenacci Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security, Training and Development

Under Personal Information Protection and Electronic Documents Act (PIPEDA), there is nothing that prevents organizations from outsourcing the processing of data inside or outside of Canada—however, organizations must take all reasonable steps to protect that information from unauthorized uses and disclosures when it is in the hands of third party processors. This is where accountability, the first principle in PIPEDA, comes in; and there are obligations to meet regarding training staff that are highly relevant.

accountability, employment law, outsourced data, personal information, Personal Information Protection and Electronic Documents Act, PIPEDA, PIPEDA principles, privacy policy, third parties