Personal organization information can be any information that identifies a customer, employee or partner. Whether your company collects this information through direct speak to or on line, you must protect it in order that it does not work as a liability for your company.
PIPEDA, Canada’s privacy legislation, defines personal information as “information that relates to an individual and can be used to recognize the person. ” This includes details that is linked or linkable to an specific (i. e. the name, social security number or biometric information) which is not normally publicly available.
Examples of PII include:
Sociable protection numbers; the date and place of start; their mother’s maiden term; their travelling licence number; their medical reports and other health-related information; and credit card or purchase credit card account amounts.
Sensitive PII, also called PHI, is details that if perhaps disclosed without the individual’s consent may cause harm, humiliation or trouble to them. This includes a person’s Social Security Number, medical record, disciplinary actions, efficiency ratings, occupation history and some other information that may provide to identify or trace someone.
PIPEDA requires organizations to:
Be clear about the purpose intended for collecting your information before or perhaps at the time of collection, and teach you why you will need it. You can inquire from for more details or drop to provide this if you are unsatisfied with the explanation.
Limit the amount and type of personal data gathered as to the is necessary for the intended goal. If you furnish additional information, it ought to be for a purpose related to the first purpose and financial markets only when you consent to it.