Federally regulated firms are focusing on customers' privacy while neglecting staff, privacy law will extend to all organizations next January
Some federally regulated organizations have been caught off guard by complaints about privacy from employees, according to the federal privacy commissioner.
In his annual report to Parliament, George Radwanski said some organizations have jumped to the conclusion that the Personal Information Protection and Electronic Documents Act refers only to information about customers — completely forgetting about their employees.
“It appears not to have occurred to such organizations that, in the everyday course of business administration, they also handle a great deal of personal information about the individuals who work for them,” he said.
Radwanski said organizations need to take staff into account when developing privacy policies and procedures.
Even organizations that aren’t federally regulated need to start taking steps to address the issue. On Jan. 1, 2004, the law will extend to every organization that collects, uses or discloses personal information in the course of a commercial activity within a province, whether or not the organization is a federally-regulated business or not.
The federal government may exempt organizations in provinces that have adopted privacy legislation similar to the federal law.
For a detailed look at the act and how it will affect organizations, check out the Feb. 24 issue of Canadian HR Reporter.
In his annual report to Parliament, George Radwanski said some organizations have jumped to the conclusion that the Personal Information Protection and Electronic Documents Act refers only to information about customers — completely forgetting about their employees.
“It appears not to have occurred to such organizations that, in the everyday course of business administration, they also handle a great deal of personal information about the individuals who work for them,” he said.
Radwanski said organizations need to take staff into account when developing privacy policies and procedures.
Even organizations that aren’t federally regulated need to start taking steps to address the issue. On Jan. 1, 2004, the law will extend to every organization that collects, uses or discloses personal information in the course of a commercial activity within a province, whether or not the organization is a federally-regulated business or not.
The federal government may exempt organizations in provinces that have adopted privacy legislation similar to the federal law.
For a detailed look at the act and how it will affect organizations, check out the Feb. 24 issue of Canadian HR Reporter.
