PIPEDA - Canada

From The Secure Arc Wiki

Jump to: navigation, search

Information in italics below is referenced from wikipedia, reproduced in accordance with the GNU Free Documentation License.

The Personal Information Protection and Electronic Documents Act (abbreviated PIPEDA or PIPED Act) is a Canadian law relating to data privacy. It governs how private-sector organizations collect, use and disclose personal information in the course of commercial business. In addition, the Act contains various provisions to facilitate the use of electronic documents. PIPEDA was passed in the late 1990s to promote consumer trust in electronic commerce. The act was also intended to reassure the European Union that the Canadian privacy law was adequate to protect the personal information of European citizens.

The principles set out in the National Standard of Canada entitled model code for the protection of personal information are as follows;

  • Accountability
  • Identifying Purposes
  • Consent
  • Limiting Collection
  • Limiting Use, Disclosure and Retention
  • Accuracy
  • Safeguards
  • Openness
  • Individual Access
  • Challenging Compliance

Major publications

The Personal Information Protection and Electronic Documents Act of 2000, can be found at the following link.

Compliance

Canadian law requires organizations to

  • obtain consent when they collect, use or disclose their personal information;
  • supply an individual with a product or a service even if they refuse consent for the collection, use or disclosure of your personal information unless that information is essential to the transaction;
  • collect information by fair and lawful means; and
  • have personal information policies that are clear, understandable and readily available.

Navigation

Personal tools