Study Guides (292,177)
CA (139,354)
WLU (5,411)
BU (1,357)
BU451 (4)
Final

BU451 Study Guide - Final Guide: Chief Privacy Officer, Employee Retention, Personal Information Protection And Electronic Documents Act

26 pages99 viewsWinter 2017

Department
Business
Course Code
BU451
Professor
Shelly McGill
Study Guide
Final

This preview shows pages 1-3. to view the full 26 pages of the document.
BU451
Nov 2nd 2017
Government Regulation of Privacy in the Private
Sector
Personal privacy
The right to bodily integrity free from unreasonable surveillance, search,
seizure.
Territorial Privacy
The right to secure home, business and other personal spaces free from
intrusion
Person Information Privacy
The right to control and protect access, use, collection, distribution, retention
and destruction of all trail of information created and or left behind in our daily
lives.
Privacy Law
Rules from common law and legislation to create separate standards applicable to:
Government activities (Private sector institutions and agencies)
Privacy act, charter of rights and freedoms, criminal code
Private sector commercial activities
PIPEDA
Person Individual behaviour
Case law - tort - confidentiality agreements
Invasion of privacy triggers
Technology
Discrimination
Security
Transborder activities
Target marketing
Privacy as a Human Right
Charter of rights and freedoms
Section 7: entitled to life, liberty and security of person
Section 8: free from unreasonable search and seizure/reasonable expectation
of privacy
Not absolute: reasonable limits justified in a free and democratic society
Reasonable balancing of individuals interests with others, the public at large and the
state.
find more resources at oneclass.com
find more resources at oneclass.com
You're Reading a Preview

Unlock to view full version

Only half of the first page are available for preview. Some parts have been intentionally blurred.

Governments and Personal Information
Privacy act 1983
Governments institutions should:
Use or disclose info only for purpose it was collected
Obtain consent for any other use
Allow access to info by individual
Respond to complaints of individuals and recommendations of privacy.
Privacy Commissioner
Office of the Privacy Commissioner created to administer the Privacy act
Power to investigate compel evidence, received complains and make corrective
recommendations.
Assigned responsibilities for PIPEDA
Ontario’s Public Sector
Freedom of information and protection of privacy act
Govt, agencies, universities, public schools
Personal health information protection act
Pharmacies, labs, clinics, retirements homes, hospitals and physicians
Municipal freedom of information and protection of privacy act
Cities, regions, school boards, agencies
Office of the information and privacy commissioner
Private Sector: Personal Information
Personal Information Protection and Electronic Documents Act (PIPEDA)
Applies to commercial activity not covered by privacy act or similar provincial
legislation
Does not apply to employee information unless federally regulated
Banks, airlines, inter-provincial transportation, broadcasting
Privacy commissioner has some added powers
Destruction of requested information
Whistleblower retaliation
Obstruction of investigation
Privacy and Business
Business collect, use, store, and transfer personal information
Information about employees, customers, consumers suppliers and competitors
Also applies to non-Canadian business that collect, use or disclose personal
information about individuals in Canada, even if the business does not have
Canadian presence.
What is Covered
find more resources at oneclass.com
find more resources at oneclass.com
You're Reading a Preview

Unlock to view full version

Only half of the first page are available for preview. Some parts have been intentionally blurred.

Information about an identifiable individual other than business contact information
Information given such as DOB and address
Information created by organization
Information generated electronically by either the organization or the individual.
2. Identifying business purpose:
Collection: only necessary information
Communication
Reasonableness
3. Consent
Collection, use and disclosure
Meaningful consent
Exceptions
Reasonableness
Consent not required to:
Use personal info produced by an employee in the course of their
employment
Disclose personal info to govt
Disclosure personal info to another organization
Use or disclose necessary personal info in association with business
transaction so long as the info is safeguarded.
5. Limiting use, disclosure and retention
Use and disclosure: information used or disclosed only for identified purpose and
with consent of data owner
Retention: Information may be kept for only as long as is necessary for identified
purpose.
Destruction: need policies and guidelines governing the safe and secure destruction
Ex: Movie theatre chain, collecting name address phone number of disabled people
for use of the equipment. So that people don’t steal it, someone did report it. When
filed against for the privacy act they found that it was fine.
Privacy Compliance by Business
Designated person responsible for privacy
Chief information officer, chief privacy officer.
find more resources at oneclass.com
find more resources at oneclass.com
You're Reading a Preview

Unlock to view full version


Loved by over 2.2 million students

Over 90% improved by at least one letter grade.