The employment relationship as the privacy laboratory Elizabeth Denham Information and Privacy Commissioner for B.C. Privacy, Law and the Contemporary.

Slides:

Advertisements

Similar presentations

/0403 © 2004 Business & Legal Reports, Inc. BLRs Training Presentations Privacy Issues in the Workplace.

Advertisements

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.

VIU Workshop: Creating a Culture of Privacy Awareness June 12, 2013 By Justin Hodkinson OIPC Policy Analyst/Investigator Office of the Information & Privacy.

IS3350 Security Issues in Legal Context

© Information and Privacy Commissioner of Ontario, 2006 Circle of Care Ontario University & College Health Association - May 24, Manuela Di Re Associate.

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

Mark S. Hayes – Blake, Cassels & Graydon LLP Privacy and Security – Some Observations Mark S. Hayes, Blake, Cassels & Graydon LLP 7th CACR Privacy and.

Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.

Lecture to Carleton University, Center for European Studies, December 1, 2010.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

1 Office of theCommissariat Privacy Commissionerà la protection de of Canadala vie privée du Canada Personal Information Protection and Electronic Documents.

A NEW GOVERNANCE PARADIGM: Canadian Privacy Law Developments March 11, 2004 Haliburton, Ontario Canada Volunteerism Initiative Arts Council for Haliburton.

Anglican Province of Canada Privacy Policy. Commitment to Privacy The Privacy Policy, including the Web Privacy Statement, is the Anglican Province of.

Information Privacy Policy in Canada Presented By: Sue Wu.

Contemporary Issues in Canadian Health Care Nola M. Ries, MPA, LLM Adjunct Assistant Professor, University of Victoria Research Associate, Health Law Institute,

Information Commissioner’s Office: data protection Judith Jones Senior Policy Officer Strategic Liaison – public security 16 November 2011.

The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.

Privacy: What you need to know Elizabeth Denham Information and Privacy Commissioner for B.C. Professional Investigators’ Association of B.C. October 26,

1 OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002.

Using Technology in Nursing Practice: Part 1: Complying with Policy 1.

Security Policies University of Sunderland CSEM02 Harry R. Erwin, PhD.

Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

1 Freedom of Information (Scotland) Act 2002 A strategic view.

Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.

Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.

Managing Risks Associated With Privacy Alison Baker- Senior Associate Hall & Wilcox 24 November

Social Media and Background Checks Information Privacy and Data Protection Lexpert Seminar Lyndsay A. WasserDecember 9, 2013.

Privacy Professional Practice for Computer Science Guest Lecture, 05 March 2007 Philippa Lawson Director, Canadian Internet Policy & Public Interest Clinic.

Greater Toronto Hockey League The Implementation of PIPEDA and Amateur Sports – A Case Study.

Prepared by Douglas Peterson, University of Alberta 15-1 Part 3 – The Law of Contract Chapter 15 Electronic Business Law and Data Protection.

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

What is personal data? Personal data is data about an individual which they consider to be private.

© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.

PIPEDA and Receivables Management Robin Gould-Soil Receivables Management Association of Canada November 16, 2011.

Privacy Challenges for Condominium Corporations and Condominium Managers presented to the Association of Condominium Managers of Alberta by Carmen Mann,

BC Public Libraries November, 2008 Privacy Principles.

C HAPTER 34 Code Blue Health Sciences Edition 4. Confidentiality of sensitive information is an important issue in healthcare. Breaches of confidentiality.

Data Protection - Rights & Responsibilities Information Commissioner’s Office Orkney Practice Forum 4 th July 2007.

1 Canadian Privacy Policy: Customizing E.U. Standards Remarks by Jennifer Stoddart Privacy Commissioner of Canada Privacy Symposium: Summer 2007 August.

Welcome….!!! CORPORATE COMPLIANCE PROGRAM Presented by The Office of Corporate Integrity 1.

INTRODUCTION TO DATA PROTECTION An overview of the Irish Data Protection legislation.

Information Technology & Ethics. Impact The impact of IT on information and communication can be categorized into 4 groups: privacy, accuracy, property,

Data Protection: Workplace, Health and Safety. Employers’ responsibilities Employer obliged to provide safe place of work. Health and Safety Act 2004.

HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.

Copyright © 2005 Thomson Business & Professional Publishing. All rights reserved.16–1 Learning Objectives  Define employment-at-will and discuss how wrongful.

Privacy Issues - Watch Out! John D.R. Craig ORIMS Professional Development Day March 19, 2013.

Goal: By the end of this lesson you should understand how social media are taking away your privacy rights.

Data protection—training materials [Name and details of speaker]

The Medical College of Georgia HIPAA Privacy Rule Orientation.

CHAPTER SIXTEEN The Right to Privacy and Other Protections from Employer Intrusions.

Section 4 Policies and legislation AQA ICT A2 Level © Nelson Thornes Section 4: Policies and Legislation Legislation – practical implications.

The e-Workplace: Balancing Privacy and Information- Security to Manage Risk Presented by: Roger Hood, Partner Duffy & Sweeney, LTD.

Director, Regulation and Strategy

Chapter 10 Cyberlaw, Social Media, and Privacy

Privacy principles Individual written policies

Privacy and Security in the Employment Relationship

Privacy & Access to Information

Move this to online module slides 11-56

Data Protection principles

Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .

How we use Your Health Records

General Data Protection Regulations 2018

Mandatory Breach Reporting (isn’t *that* bad)

On the Cutting Edge – Update on Privacy Legislation

Government Data Practices & Open Meeting Law Overview

Government Data Practices & Open Meeting Law Overview

Presentation transcript:

The employment relationship as the privacy laboratory Elizabeth Denham Information and Privacy Commissioner for B.C. Privacy, Law and the Contemporary Workplace Faculty of Law, Queen’s University November 22, 2013

The free market

@

Applies to 300,000 “organizations” Consent not necessary to collect, use or disclose personal information that is reasonably necessary to manage the employment relationship. Personal Information Protection Act

B.C. OIPC Orders F13-04 (UBC) & P12-01 (Schindler Elevator Corporation)

B.C. OIPC Orders F13-04 (UBC) & P12-01 (Schindler Elevator Corporation) GPS used to track vehicle location and monitor distance, speed, acceleration, idling time, on/off information. The employer argued information was about vehicles, not employees. The B.C. OIPC disagreed.

Commissioner determined the data is “personal information” Schindler & UBC both authorized to collect in the circumstances Employers inadequately notified employees – new notice required B.C. OIPC Orders F13-04 (UBC) & P12-01 (Schindler Elevator Corporation)

B.C. OIPC Orders F13-04 (UBC) & P12-01 (Schindler Elevator Corporation)

Personal Information and Protection of Electronic Documents Act (PIPEDA) Federal legislation

Wansink v. TELUS Communications Inc. (F.C.A.), 2007 FCA 21, [2007] 4 F.C.R. 368

If an employer is acting reasonably in the management of the employment relationship, the employer can rely on the implied consent of the employees. Wansink v. TELUS Communications Inc. (F.C.A.), 2007 FCA 21, [2007] 4 F.C.R. 368

Employers using social media to manage employment relationship could collect: Inaccurate information Excessive information Third-party information Risks of social media collection

B.C. OIPC Mediation Summary P11-01-MS Investigation of BC NDP use of social media The BC NDP requested social media passwords for all personal accounts held by leadership candidates.

“An organization may collect personal information only for purposes that a reasonable person would consider appropriate in the circumstances...” section 11, B.C. Personal Information Protection Act B.C. OIPC Mediation Summary P11-01-MS Investigation of BC NDP use of social media

Employment related record checks 2012: Published investigation report on the use of Criminal Record Checks by the B.C. Government 2013: Launched investigation of police information checks as employment screening tool (public & private sector)

Bring your own device (BYOD)

Employers and BYOD Adopt a BYOD policy, because employees may already be using devices at work Consider tech solutions that keep personal and work data separate Balance security considerations with employee privacy

Alberta Information and Privacy Commissioner v. United Food and Commercial Workers, Local 401 Latest Case: 2013 SCC 62

Image © Mark Yuen, Vancouver Sun

A successful employer-employee relationship is built on trust, collaboration and mutual respect. Privacy-invasive technologies can undermine that relationship. The bottom line: