Personal organization information can be any information that identifies a client, employee or partner. Whether your business collects this info through direct contact or over the internet, you must shield it so that it does not get a liability to your company.
PIPEDA, Canada’s privateness rules, defines personal data as “information that pertains to an individual and that can be used to spot the person. ” This includes any information that is connected or linkable to an individual (i. e. a person’s name, social security number or biometric information) and is also not normally publicly obtainable.
Examples of PII include:
Cultural protection numbers; the date and place of birth; their moms maiden term; their cruising licence amount; their particular medical records and other health-related information; and credit card or purchase card account statistics.
Sensitive PII, also called PHI, is data that any time disclosed without the individual’s consent may cause harm, unpleasantness or trouble to these people. This includes the Social Security Number, medical record, disciplinary actions, performance ratings, occupation history and some other information that could use to identify or trace an individual.
PIPEDA needs organizations to:
Be clear regarding the purpose meant for collecting your details before or perhaps at the time of collection, and teach you why you will need it. You can inquire from for more details or decrease to provide it if you are not satisfied with all the explanation.
Limit the amount and type of sensitive information gathered about what is necessary for the purpose of the intended goal. If you furnish additional information, it must be for a goal related to the first purpose and go to these guys as long as you agree to it.