Law Assignment
About PIPEDA
PIPEDA (Personal Information Protection of Electronic Documents Act) was passed by the federal government to regulate the collection, use, disclosure, retention, access and security of personal information in the course of commercial activity. The PIPEDA obliges that any business that gathers, utilizes or reveals personal information within the course of commercial action create security approaches and practices based on ten protection principles of the Canadian Standard Association's Model Code for the Protection of Personal Information. This code was created by Canadian businesses, buyers and government through the Canadian Standards Association and has been consolidated as a calendar to PIPEDA. Ten privacy principles of PIPEDA are: 1. Accountability 2. Identifying Purposes 3. Consent 4. Limiting Collection 5. Limiting Use, Disclosure and Retention 6. Accuracy 7. Safeguards 8. Openness 9. Individual Access 10. Challenging Compliance
1. Principle Accountability
An association is answerable for the personal information under its control and ought designate a an individual or individuals who are responsible for the association's consistence with the PIPEDA privacy rule. Under the Accountability principle, organization must:
Accept responsibility for personal information under its control. Designate no less than one agent to be responsible for the organizations agreeability with the 10 standards set out in Schedule 1 of PIPEDA; Make the personality of the designated individual(s) known on request Secure all personal information in the association's ownership or care, incorporating information that has been exchanged to a third party for processing.
1. 2. 3. 4.
Use contractual or different intends to guarantee a comparable level of protection while personal information is with third party for processing. Develop and implement policies and practices to maintain the 10 standards set out in Schedule 1 of PIPEDA including: Strategies for securing personal information Building strategies for getting and reacting to complaints and requests Preparing staff and conveying information to staff about the organizations policies Advancing information to explain the organizations policies and procedures. (office of the privacy commisioner of canada, 2013)
For example TELUS, a telecommunication company clearly record in writing all the reasons
why you collect personal information. All the relevant documents like terms of agreement, application forms, privacy codes and privacy commitments in PDF format are available on the
website. On the website and in all the documents TELUS, clearly explain why information is collected from the customers. (telus, 2013)
For example:
Edgecrest Capital Corporation Develop simple and easily accessible procedures for receiving and responding to inquiries and complaints about personal information handling policies and practices in the company. If a complaint is being submitted on behalf of another party, that party must provide evidence of authorization from the client to act on its behalf. Edgecrest acknowledge complaint within five business days. (edgecrest capital corporation, 2013)
Bibliography
Canadian institute of management. (n.d.). Canadian Institute of Management P.I.P.E.D.A. Compliance. Retrieved from canadian institute of management: http://www.cim.ca/privacy edgecrest capital corporation. (2013). Complaint Procedures for Edgecrest Capital Corporation. Retrieved from edgecrest capital: http://www.edgecrest.com/upload/pdf/Complaint_Procedures_for_Edgecrest_Capital_Corporation.pdf office of the privacy commisioner of canada. (2013). PIPEDA Self-Asses ment Tool. Retrieved from http://www.privcom.gc.ca/. privacysense.net. (2014). The 10 Privacy Principles of PIPEDA. canada. telus. (2013). telus privacy. Retrieved from telus: http://about.telus.com/community/english/privacy