First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

privacy practices

Can an employee request access to their personnel and payroll files?

In Canada, employees have the right to access information in their personnel and payroll files, provided that it does not interfere with another employee’s privacy rights.

 

, , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Privacy practices for developing mobile applications (apps)

mobile-apps

Privacy practices, and all things mobile, are both hot topics these days. This is in part because mobile devices and apps are fun, cool, provide value, and are on the rise. They are used by professionals of all types, and people of most any age, including our youth. This however feeds the assumption that technology in general, including mobile devices and apps, is threatening the privacy rights of individuals.

 

, , , , , , , , , , , , , , , , , , , , , ,

When a privacy policy is not enough!

Does your organization have an IT risk management program in place that draws upon various stakeholders to identify and prioritize privacy risks and related mitigations? Does your IT risk management program maintain appropriate records and provisions for access to information and privacy? And, have you implemented a privacy policy, only to find out that during internal audits there was a lack of compliance?

 

, , , , , , , , ,

Three Facebook legal challenges businesses should know about

Over the brief period of Facebook’s existence, the company’s practices have provided a rich source of knowledge for businesses and other organizations that collect and use customers’ information, operate online or generally fall under the Personal Information Protection and Electronic Documents Act (PIPEDA) or other privacy legislation.

 

, , , , , , , , , , , , , , , , , , ,