A Canadian federal employee’s guide to PIPEDA
First, let’s quickly overview PIPEA: What is it?
The Personal Information Protection and Electronic Documents Act, also known as PIPEDA, is a law passed by the Parliament of Canada respecting privacy for the private sector and applies to personal information collected during the course of commercial activities. (Wikipedia contributors, 2018)
What employers have to work within PIPEDA??
Any employer who falls under federal jurisdiction in the Constitution of Canada.
Those areas being:
- banks (but not provincial credit unions).
- marine shipping, ferry and port services.
- air transportation, including airports, aerodromes and airlines.
- railway and road transportation that involves crossing provincial or international borders.
- canals, pipelines, tunnels and bridges (crossing provincial borders).
- telephone, telegraph, and cable systems.
- radio and television broadcasting.
- grain elevators, feed and seed mills.
- uranium mining and processing.
- businesses dealing with the protection of fisheries as a natural resource.
- many First Nation activities.
- most federal Crown corporations.
- private businesses necessary to the operation of a federal act. (Government of Canada, 2018)
Specific employers include but are not limited to:
Government of Canada and most federal Crown corporations such as Canada Post, Banks (Bank of Montreal, RBC, Scotiabank, Tangerine), Airlines (Air Canada, Porter, Westjet), and Phone and cable companies (Bell Canada, Rogers, Telus), for examples.
What are federal employers’ obligations under PIPEDA?
- obtain consent when they collect, use, or disclose their personal information;
- supply an individual with a product or a service even if they refuse consent for the collection, use or disclosure of your personal information unless that information is essential to the transaction;
- collect information by fair and lawful means; and
- have personal information policies that are clear, understandable and readily available. (Wikipedia contributors, 2018)
What are federal employees’ rights under PIPEDA?
PIPEDA gives employees the right to:
- know why an organization collects, uses or discloses their personal information;
- expect an organization to collect, use or disclose their personal information reasonably and appropriately, and not use the information for any purpose other than that to which they have consented;
- know who in the organization is responsible for protecting their personal information;
- expect an organization to protect their personal information by taking appropriate security measures;
- expect the personal information an organization holds about them to be accurate, complete and up-to-date;
- obtain access to their personal information and ask for corrections if necessary; and
- complain about how an organization handles their personal information if they feel their privacy rights have not been respected. (Wikipedia contributors, 2018)
As a federal employee, how can I access my private human resources file?
Ask! Or send a written letter to your organization’s Chief Privacy Officer or whichever officer is in charge of the company’s privacy policy. Details on who that person is will be available from your employer.
“Ordinarily, it should cost you little or nothing to gain access to your personal information. The law requires an organization to respond to your request at minimal or no cost to you.” (Office of the Privacy Commissioner of Canada, 2016)
References
Government of Canada. (2018, November 9). Federally Regulated Businesses and Industries. Retrieved 29 March 2019, from https://www.canada.ca/en/employment-social-development/programs/employment-equity/regulated-industries.html.
Office of the Privacy Commissioner of Canada. (2016, September 12). Accessing your personal information. Retrieved 29 March 2019, from https://www.priv.gc.ca/en/privacy-topics/access-to-personal-information/accessing-your-personal-information/.
Wikipedia contributors. (2018, November 13). Personal Information Protection and Electronic Documents Act. In Wikipedia, The Free Encyclopedia. Retrieved 29 March 2019, from https://en.wikipedia.org/w/index.php?title=Personal_Information_Protection_and_Electronic_Documents_Act&oldid=868668286.
This article was written by J2DW CEO Peter V. Tretter