First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

employee personal information

Hello my name is [redacted]: Employee privacy trumps employer requirement for surnames on name tags

Prairie Montagues and Capulets can carry out their work with the public on a first-name-only basis, according to a recent ruling from a Saskatchewan labour arbitration panel. The panel sided with a healthcare union that complained about the employer’s policy requiring staff nametags to display both a first and last name. The panel found that requiring surnames to be displayed violated the employees’ privacy and occupational health and safety rights, and was inconsistent with the union’s collective agreement.

 

, , , , , , , , ,

Amendments to PIPEDA disappoint privacy watchdogs

On May 29, the federal government introduced Bill C-29, the Safeguarding Canadians’ Personal Information Act, which makes substantial changes to the Personal Information Protection and Electronic Documents Act (PIPEDA). The Bill had been in development for several years, and one of its primary objectives was to address a significant gap in PIPEDA, the issue of mandatory disclosure of “material” breaches of personal information by the companies or organizations responsible.

 

, , , , , , , , , , , , , , , , ,

Privacy risk management – by design

I’ve discussed the Privacy by Design principle before, in the Inside Internal Control newsletter. In case you don’t know, PbD is an approach developed by Dr. Ann Cavoukian, the Privacy Commissioner of Ontario, which proactively embeds privacy protection by default in the design of an organization’s practices and products.

 

, , , , , , , , ,