Posted By Ash Conversions International
Since January 1st of 2004, Canadian businesses (traditional, online and paper-based) must comply with the privacy principles defined by the PIPEDA Act.
What is PIPEDA?
PIPEDA stands for Personal Information Protection and Electronic Documents Act. This act was put in place to regulate how employers can collect, disclose and use personal information gathered from their clients and employees. In the context of this act, “personal information” refers to any “information about an identifiable individual.” This type of information encompasses all factual or subjective info in any form, whether it is recorded or not. The following information is considered identifiable under PIPEDA:
Personal business information such as the name, business title, business address, telephone number and extension of an employee or any information contained on their business card is not considered identifiable information.
Does your business comply?
If you run a business that requires you to take sensitive information from clients, make sure that this information is protected. That may mean housing this data in a secure server or program that requires special access in order to view it. Furthermore, be upfront with your clients so that they know what you are using their personal information for. The same goes for employee information. As long as all personal information from clients and employees is securely stored and only used for the reasons it was collected, then your business probably complies with PIPEDA. The 10 principles below will give you an idea of what you need to do to ensure full compliance.
PIPEDA operates on the basis of 10 principles that employers must respect.