privacy policy

Privacy Commissioner of Canada provides guidance on meaningful consent

June 4, 2018 Christina Catenacci Human Resources, Privacy and Security

Obtaining meaningful consent represents a significant responsibility, and the Privacy Commissioner has created a checklist to assist organizations in achieving compliance.

consent process, data protection, employment law, Guidelines for obtaining meaningful consent, meaningful consent, Personal Information Protection and Electronic Documents Act, PIPEDA, privacy, privacy policy

Privacy information: Cookieless identification and tracking of devices

September 6, 2017 Christina Catenacci HR and Technology, HR Policies and Procedures, Human Resources, Privacy and Security

On August 21, 2017, the Office of the Privacy Commissioner of Canada released an informative piece regarding cookieless identification and tracking of devices.

canvas fingerprinting, Cookieless identification, cookieless tracking, cookies, employment law, fingerprinting, information technology, Internet Protocol, IP address, Privacy Commissioner of Canada, privacy law, privacy policies, privacy policy, tracking of devices, Virtual Private Network VPN, web browser, Web browsing activities, website, work computer

Principle of accountability under PIPEDA

January 9, 2017 Christina Catenacci Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security, Training and Development

Under Personal Information Protection and Electronic Documents Act (PIPEDA), there is nothing that prevents organizations from outsourcing the processing of data inside or outside of Canada—however, organizations must take all reasonable steps to protect that information from unauthorized uses and disclosures when it is in the hands of third party processors. This is where accountability, the first principle in PIPEDA, comes in; and there are obligations to meet regarding training staff that are highly relevant.

accountability, employment law, outsourced data, personal information, Personal Information Protection and Electronic Documents Act, PIPEDA, PIPEDA principles, privacy policy, third parties

“Safeguarding” personal information clarified

December 8, 2016 Christina Catenacci Employee Relations, HR and Technology, HR Policies and Procedures, Human Resources, Privacy and Security, Training and Development, Union Relations

You may be wondering, what exactly is “safeguarding” personal information? Thankfully, the Office of the Privacy Commissioner of Canada has clarified how safeguarding can reduce the risk of privacy breaches.

confidentiality of personal information, employment law, personal information, Personal Information Protection and Electronic Documents Act, PIPEDA, privacy policy, safeguarding personal information, safeguards

Loose lips sink shifts?

July 4, 2016 Michele Glassford Employee Relations, Employment/Labour Standards, HR Policies and Procedures, Human Resources, Human Rights, Payroll, Privacy and Security, Recruiting and Hiring, Union Relations, Wages and Compensation

A recent online article reported that two seventeen-year-old employees were fired from a Kansas City pizza joint for talking about their pay rates. Both were new employees with the same experience, and the female employee discovered she was earning $0.25/hour less than her male co-worker. When she contacted her employer for an explanation, she was fired for discussing wages with a co-worker, as was the male co-worker. The employer advised that discussing pay was against employer policy, even though both employees stated that such policy was never disclosed to them.

discrimination, discrimination in pay policies, discussing pay, discussing wages, employees’ rights to communicate, employer policies, employer policy, employment law, fair pay policies, female employee earning less, Gender wage gaps, gender-based pay gaps, HR policy, human rights legislation, pay policies, pay rates, paying women less than men, personal information about employees, PIPEDA, privacy policy, privacy statutes

Victory for transfer of cost employers with WSIB

October 13, 2015 Clear Path Employer Services Employee Relations, Health and Safety, HR Policies and Procedures, Human Resources, Payroll, Pensions and Benefits, Privacy and Security, Source Deductions and Reporting, Wages and Compensation

Clear Path recently challenged what could be considered a precedent-setting decision from the Workplace Safety and Insurance Board (WSIB) that would have put certain employers at a serious disadvantage.

Disability Claims, disability claims management, Disclosure of Claim Information to Employers, disclosure policy, employment law, HR Law, privacy policy, SIEF Case Manager, Transfer-of-Cost, workers compensation, workplace injury, Workplace Safety and Insurance Board, wsib

Ontario Privacy Commissioner releases BYOD policy whitepaper

January 29, 2014 Adam Gorley Employee Relations, HR Policies and Procedures, Human Resources, Privacy and Security

Employees have taken work home with them on laptops, portable media and via email for many years. Since the advent of the smartphone, however, the scale of the practice has expanded dramatically, and data is now more likely in workers’ pockets or purses than on their desks at home.

Acceptable Use Policy, bring your own device, Business, BYOD, BYOD policy, Data, Employees have taken work home with them on laptops, employment law, ensuring data integrity, leakage or loss, mobile electronic communication devices, Ontario Privacy Commissioner, policies and procedures, portable media, privacy and data security risks, privacy policy, remote access, smartphone, tablets, Telus, via email, whitepaper

BYOD: is personal information visible over corporate networks?

July 26, 2013 Adam Gorley Employee Relations, HR Policies and Procedures, Human Resources, Payroll, Pensions and Benefits, Privacy and Security, Recruiting and Hiring, Wages and Compensation

Employers are increasingly drafting and implementing bring-your-own-device (BYOD) policies for their employees. And they should be, since employees are increasingly using their personal digital devices—phones, tablets, laptops—to perform work, both in and out of the workplace. But employees may have trouble trusting their employers to stay out of their personal information…

bring your own device, BYOD, BYOD policy, canadian employment law, collection of personal information, corporate networks, email, employee personal information, Employee privacy rights, employee trust, employment law, Information Technology PolicyPro, IT, ITPP, laptops, mobile devices, network access, Network Security, personal information, policies and procedures, portable devices, privacy, Privacy in the workplace, privacy policy, privacy rights, protecting personal information, smartphones, tablet computer

Do you need a social media policy?

June 4, 2013 Michele Glassford Employee Relations, HR Policies and Procedures, Human Resources, Human Rights, Privacy and Security, Recruiting and Hiring

It is understandably frustrating for employers and human resources managers to try keep up with social media trends. It seems that as soon as employers (or anyone over the age of 25) has figured out the latest social media tool, the masses have moved on to the next one. Likewise it is almost impossible to amend or adapt a “social media” policy with each shift in trend.

conduct and behaviour, confidentiality, employee handbook, employment law, Google, human resources managers, invasion of privacy, job candidates, marketing strategy, offer of employment, online, policy and procedures, policy manual, privacy policy, recruiters, recruitment and selection policy, social media, social media policy, social media research of candidates, social media trends, social networking sites, workplace harassment

Slaw: Advice from Ontario Privacy Commissioner: Make privacy part of your corporate culture

September 20, 2012 Yosie Saint-Cyr, LL.B. Managing Editor Employee Relations, Human Resources, Privacy and Security

The Ontario Information and Privacy Commissioner is calling on organizations to make privacy a part of their corporate culture. Dr. Ann Cavoukian, says it is not enough for organizations to have a privacy policy in place – they must take steps on an ongoing basis to make sure it is reflected in every aspect of their operations.

employment law, Make privacy part of your corporate culture, privacy law, privacy policy, Privacy practices and procedures, private-sector privacy laws

Canada’s anti-spam law: it’s getting closer every day

November 28, 2011 Adam Gorley Human Resources, Privacy and Security

The latest info from Industry Canada has the new anti-spam legislation coming into force in early 2012. The consultation period is over, and the government will now finalize the regulations that organizations will have to follow.

Anti-spam bill, anti-spam regulations, CAN-SPAM Act, Canadian anti-spam legislation, CASL, commercial electronic messages, electronic commerce, Electronic Commerce Protection Act, email addresses, email lists, Fighting Internet and Wireless Spam Act, FISA, marketing, privacy policy, spam

Employer performed unauthorized credit checks on employees

December 10, 2010 Christina Catenacci Human Resources, Privacy and Security

I recently read an investigation report from the Alberta Office of the Information and Privacy Commissioner, where an employer made a big mistake and ended up violating the privacy of at least 25 employees.

Alberta, Alberta Office of the Information and Privacy Commissioner, canadian employment law, credit check, credit report, credit reporting, Employee privacy, employment law, Equifax Canada, Freedom of Information and Protection of Privacy Act, investigation, Privacy Commissioner, privacy policy, procedures, unauthorized collection, unauthorized credit checks on employees, unauthorized use, violating the privacy of employees, violation of privacy

Customer privacy policies and employee handling of customer personal information

June 23, 2010 Yosie Saint-Cyr, LL.B. Managing Editor Human Resources, Privacy and Security

A weekend Toronto Star article reported that employees at the Canada Revenue Agency are improperly reviewing the private financial affairs of taxpayers. Some are using agency computers to give favoured treatment to colleagues, friends, family—and themselves…

Canada Revenue Agency, CRA, customer personal information, disclosure of personal information, employment law, personal information, personal information protection, PIPA, PIPEDA, privacy, privacy and risk management, privacy breach, privacy legislation, privacy policy, privacy rights