Personal organization information is certainly any information that identifies a customer, employee or partner. Whether your company collects these details through direct contact or internet, you must protect it in order that it does not be occupied as a liability for your company.
PIPEDA, Canada’s personal privacy legislation, defines personal data as “information that pertains to an individual and that can be used to recognize the person. ” This includes any information that is associated or linkable to an specific (i. e. a person’s name, ssn or biometric information) and is not otherwise publicly available.
Examples of PII include:
Social biz info portal reliability numbers; the date make of labor and birth; their mums maiden name; their driving a car licence number; all their medical data and other health-related information; and credit card or purchase card account statistics.
Sensitive PII, also called PHI, is info that if perhaps disclosed without the individual’s consent could cause harm, unpleasantness or difficulty to them. This includes a person’s Social Security Number, medical record, disciplinary actions, overall performance ratings, employment history and some other information that may be taken to identify or trace someone.
PIPEDA requires organizations to:
Be clear about the purpose just for collecting your data before or at the time of collection, and make clear why you will need it. Ask for more details or fall to provide that if you are not satisfied when using the explanation.
Limit the amount and type of personal data gathered to what is necessary for the intended purpose. If you give additional information, it must be for a goal related to the initial purpose and as long as you agree to it.