Personal organization information is any information that identifies a client, employee or partner. Whether your business collects this information through direct get in touch with or on line, you must shield it in order that it does not work as a liability for your company.
PIPEDA, Canada’s personal privacy regulation, defines private information as “information that pertains to an individual and that can be used to name the person. ” This includes details that is associated or linkable to an individual (i. e. a person’s name, social security number or biometric information) and is not otherwise publicly readily available.
Examples of PII include:
Cultural protection numbers; a person’s date and place of arrival; their moms maiden identity; their driving a car licence amount; their very own medical records and other health-related information; and credit card or purchase greeting card account numbers.
Sensitive PII, also called PHI, is data that in cases where disclosed with no individual’s consent may cause harm, distress or hassle to them. This includes the Social Security Number, medical record, disciplinary actions, performance ratings, job history and some other information that could leading and innovative application be applied to identify or perhaps trace a person.
PIPEDA needs organizations to:
Be clear about the purpose with regards to collecting your information before or perhaps at the time of collection, and make clear why you will need it. Ask for more details or fall to provide it if you are not satisfied considering the explanation.
Limit the amount and type of personal data gathered to what is necessary for the purpose of the intended purpose. If you present additional information, it must be for a goal related to the first purpose and only if you agree to it.