Chapter 10 Flashcards
What does PIPEDA stand for?
Personal Information Protection and Electronic Documents Act (PIPEDA)
What is the difference between PIPA and PIPEDA?
PIPA these acts are the provincial equivalents of the federal PIPEDA.
Who does PIPA apply to?
he Freedom of Information and Protection of Privacy Act of BC applies to provincial government ministries, Crown corporations, local governments, universities and colleges, school boards, municipal police forces, health boards and hospitals, and the self-governing professions.
What is personal information?
any factual or subjective information about “an identifiable individual,” whether recorded or not
Who does PIPEDA apply to?
PIPEDA applies to all federally regulated organizations and affects how they collect, use, disclose, and retain personal information concerning their employees, customers, patients, and suppliers. A
What is personal information that is protected under PIPEDA?
- age, home address, and identification numbers (including social insurance number);
- residential telephone numbers and personal email address;
- sex, religion, ethnicity, social status, and marital status;
- employee files (formal and informal), performance appraisals, disciplinary actions, and evaluations;
- photographs, opinions, and income;
- relevant dates, such as a birth date;
- credit records, loan records, and purchasing and spending habits; and
- blood type, genetic information, and medical records.
What is fair information principles?
the ten principles set out in schedule 1 of PIPEDA that
underlie the collection, use, protection, and disclosure of personal information
What are the two fundamental facts that PIPEDA recognises?
PIPEDA recognizes two fundamental facts. The first is that individuals have a right to privacy concerning their personal information. The second is that organizations have a need to collect, use, and disclose personal information for appropriate purposes. The aim of legislatures is to achieve a fair balance between these two valid requirements.
What are the ten fair information principles?
- Be accountable
- Identify the purpose of collection
- Get consent
- Limit collect, must only collect information that is necessary for its stated purposes.
- Limits use, disclosure, and retention.
- Be accurate
- Provide safegaurds, an organization should protect personal information against loss, theft, or unauthorised access.
- Be open,Privacy policies and procedures should be readily available to customers, clients, employees, and suppliers. Front-line supervisors should be familiar with them.
- Give individuals access. Subject to specified exceptions, organizations must provide individuals with details about the personal information being held about them and the means to gain access to it, upon request.
- Provide recourse. Organizations must establish a procedure to deal with complaints about their compliance with privacy legislation. Organizations should investigate all complaints,
What are the four criteria to qualify as employee personal information?
(1) must be personal information (i.e., information about an identifiable individual);
(2) must be collected, used, or disclosed for the reasonable purpose of establishing, managing, or terminating an employment relationship;
(3) must be collected solely for those purposes; and
(4) must not be personal information that is not about an individual’s employment
If a computer is company property is the employer permitted to monitor activities on that property?
Yes, and courts have generally been willing to admit email evidence.