Private sector organizations must follow a code for the protection of personal information under federal or provincial privacy legislation. The code was developed by business, consumers, academics and government under the auspices of the Canadian Standards Association. It lists 10 principles of fair information practices, which form ground rules for the collection, use and disclosure of personal information.
These principles give individuals control over how their personal information is handled in the private sector. An organization is responsible for the protection of personal information and the fair handling of it at all times, throughout the organization and in dealings with third parties. Care in collecting, using and disclosing personal information is essential to continued customer confidence and good will.
The 10 principles that businesses must follow are:
- Be Accountable for Personal Information held
- Identify the Purposes for collecting
- Obtain Consent from the Employer and/or Individual
- Limit collection
- Limit Use, Disclosure and Retention
- Be Accurate
- Use appropriate Safeguards
- Be Open
- Give Individuals Access
- Challenging compliance
PERSONAL INFORMATION QUESTION / REQUEST FORM (PDF)
The links that are in PDF format above require the Adobe Acrobat Reader to be installed on your computer. To download this free software, click here.