Privacy and Employee information
Posted: Monday, August 09, 2010
by Shailesh Rajgor
working professional
Many Companies are throwing out old design and st ructure and trying out new design, structure, strategies and technologies to achieve best in global competition and continuous development in IT .
Today, in an age of increasing electronics data transfer to automation of business practices.The issue of protecting peoples privacy has become one of the most important
Employee Privacy and legislations
A number of jurisdictions, including the federal government, British Columbia, Alberta, & Qubec have introduced privacy legislation cover ing employee personal information & privacy at workplace
Previously few rules governed how employees gathered and managed personal information respecting employees. Employers operating in jurisdictions with privacy legislation are now expected to establish polices for collection, storage and disclosure of employee information
Employer must also be aware that, under privacy legislation, they are accountable for any personal information transfered to suppliers, client or outsourced for fur ther process, therefore precautions should be taken to ensure the confidentiality abd secur ity of such infor mation.
The Canadian government and some provincial governments have legislation that sets limits on the collection, use and disclosure of per onal information and set guidelines, called the ten fair information principles which form ground rules for the collection, use and disclosure of personal information. These principles give individual control over how their personal information is handling in the organization. An o ganization is responsible for the protection of personal information and fair handling of it at all the times throughout the organization and in dealing with third parties.
PIPEDA - The personal information protection and electronic documents act applies to the any business activities within a province that does not have its own privacy legislation since 2004. The federal government may exempt organization and activities in provinces/ter itor ies that have adopted substantially similar privacy legislation.
Employer, Payroll Community & Privacy laws.
Payroll Professional weather working in house for employer or for an outsourced payroll provider handles sensitive information as part of their work. Payroll Professionals have access to employee information like bank account number, address, SIN, WCB, garnishing wages, date of birth, family details and other tidbits that appears in system & employees file. Payroll Professionals are abide by privacy legislations and code of ethic of Canadian Payroll Association. This challenge is not something to be taken lightly because privacy is one of most fundamental of human rights,
Most family support and maintenance enforcement acts permit the cour t to request personal information such as address, social insur ance numbe r and financial records, however a lawyer or parent involved with a child supporter are not authorized to access such infor mation.
The SIN is personal information under PIPA and PIPEDA are subject to rules governing their collection, use and disclosure of individuals per sonal information. Organization that collects the SIN for purposes other than (income tax, CPP, EI and benefits) legally requested must get the individuals consent in writing or verbally.
When payroll is outsourced its the responsibility of the client employer to comply with privacy legislation and the outsourcing agreement should define pr ivacy parameters as well as clarify the employer pr ivacy policy be followed by the p rovider
Privacy law recognizes a difference between disclosure of personal information and transfers of personal information.
Being payroll professionals, our responsibility for per sonal information from end to end. Fundamentally organization needs to use the guideline of who needs to know what.
Clear policies and clear expectations
At a minimum, employers should tell their employees what personal information will be collected, used and disclosed. They should inform employees of their policies on web, e mail and or ientation. Employer s should also ensure that information they collect for one purpose is not used for an unrelated purpose without the employees consent
Good privacy practice is not just about avoiding complaints, grievances, or lawsuits. Whether or not privacy is protected by law or cont r act, fostering a workplace culture where pr ivacy is valued and respected contributes to morale and mutual trust, and makes good business sense.
Privacy policies and audits
Privacy Law r equires all pr ivate sector organizations to establish policies and procedures for the protection of personal information. As well the pr ivacy commissioner of Canada has produced a Guide for Businesses and Organizations to help them comply with the feder al p r ivate secto r privacy legislation.
Employer should base their policies, practices and procedur es on the requi r ements set out by PIPEDA or any provincial legislation under they fall.In doing so, they will ensure that they are meeting their legislative compliance requirements. Most of organizations publish their policy on website for employees and concern stakeholder.
A chief pr ivacy officer, who is r equi red under federal law for all companies, should be responsible fo r ensuring the policy is followed. P roper security measures are being implemented and followed, there should be r egular audits of company policy and practices and compa rison with industry standards. Encryption is an important tool to use, pa rticular ly where data is transferred between an employer and outsourced provide r. It is also important to have retention policy so unnecessary r ecords are not kept for too long. Especially if a contr act has expi r ed with p r ovide r.
This Article has been viewed 632 times. (Not updated in real-time.)
Top-level comments on this article: (2 total)Yes, this academic purpose and good for canadian as well as canadian organization
Nice and learning materials for me
We want your comments! If you can read this, you don't have javascript enabled, so you can't use this comment system. Please enable javascript.