Privacy at Work- Privacy Laws- Personal information protection

Privacy at Work		Summary: In addition to specific "Privacy" legislation, there are several other legal frameworks you need to be aware of that deal with privacy at work- internally & externally. Purpose: To show what areas of your records are the most important from a human resources stand point- in particular employment standards, worker's compensation, health and safety and freedom of information.
Quick Tips Ask "WHY" the information is being requested & what it is going to be used for. Don't be afraid to say "No!" Fill the bare minimum to obtain a services on-line. Opt-out of further contact- unless critical to operations. Disagree with one- sided terms & conditions. Are you doing them the favor by signing up? Is there a Privacy Policy. Do you agree with the terms? Internet Security software		Advice: Organization should be aware that most privacy laws apply retroactively. The sooner you get organized the easier it will be to organize and protect the relevant information. There is a responsibility to get informed consent for all personal information on any system. In terms of your own people, it involves a variety of specific information, even some shared with third parties, such as outside payroll/ insurance health care providers and various levels of government. So how bad is it? Recent Heath care privacy breaches At the very minimum, be prepared identify and protect any personal information that you collect, retain, use, or disclose in the course of a commercial activity- nationwide & internationally. This includes Customers/Patients and suppliers/ contractors/ consultants- past, present and future. See more on government Privacy legislation. Let's assume that you have good privacy policy and procedures in place. This data will start to grow exponentially. You must take reasonable steps to protect that personal information, both the paper and electronic documents. There are no official or nonofficial versions of this electronic data, be it recorded or stored on any medium in or by a computer system or similar device. Oh yes, that includes anything that can be read or perceived- print outs, displayed on a monitor or other output. Now we are talking about a server accessed by a PC, cell or display telephone, PDA's, etc. and even if that information is just sitting on a laptop at home. And of course, let's not forget the formal hard copy document, scan-fax, hand written speedy memo/post-it-note, picture/ drawing, or even oral communication for the purpose of providing consent, collecting or disseminating personal information. Just in case you were wondering does everything need to be locked down? Business contact information is ok- such as name, business address/phone and e-mail. Or is it? Stealers and sellers of information love that stuff, since even one snippet of information leads to another. The First Steps: 1.- Consent- Can be explicit or inferred, orally, in writing or electronically. Best Practice- Be explicit- written consent with the full disclosure of the purpose(s) it is being gathered for. 2.- Training- Make sure all of your Staff if aware and complying of your policies and procedures on an on-going basis. Do not forget to include suppliers of products and services, such as payroll processors, recruitment firms, insurance providers, actuaries, etc. 3.- Organize and Secure- Get in the habit of organizing your information and consents. Some hard decisions need to be made on storage, release procedures and on-going protection/ destruction methods.

Advice:
Organization should be aware that most privacy laws apply retroactively. The sooner you get organized the easier it will be to organize and protect the relevant information. There is a responsibility to get informed consent for all personal information on any system. In terms of your own people, it involves a variety of specific information, even some shared with third parties, such as outside payroll/ insurance health care providers and various levels of government. So how bad is it? Recent Heath care privacy breaches

At the very minimum, be prepared identify and protect any personal information that you collect, retain, use, or disclose in the course of a commercial activity- nationwide & internationally. This includes Customers/Patients and suppliers/ contractors/ consultants- past, present and future. See more on government Privacy legislation.

Let's assume that you have good privacy policy and procedures in place. This data will start to grow exponentially. You must take reasonable steps to protect that personal information, both the paper and electronic documents. There are no official or nonofficial versions of this electronic data, be it recorded or stored on any medium in or by a computer system or similar device. Oh yes, that includes anything that can be read or perceived- print outs, displayed on a monitor or other output. Now we are talking about a server accessed by a PC, cell or display telephone, PDA's, etc. and even if that information is just sitting on a laptop at home.

And of course, let's not forget the formal hard copy document, scan-fax, hand written speedy memo/post-it-note, picture/ drawing, or even oral communication for the purpose of providing consent, collecting or disseminating personal information.

Just in case you were wondering does everything need to be locked down? Business contact information is ok- such as name, business address/phone and e-mail. Or is it? Stealers and sellers of information love that stuff, since even one snippet of information leads to another.

The First Steps:
1.- Consent- Can be explicit or inferred, orally, in writing or electronically.
Best Practice- Be explicit- written consent with the full disclosure of the purpose(s) it is being gathered for.
2.- Training- Make sure all of your Staff if aware and complying of your policies and procedures on an on-going basis. Do not forget to include suppliers of products and services, such as payroll processors, recruitment firms, insurance providers, actuaries, etc.
3.- Organize and Secure- Get in the habit of organizing your information and consents. Some hard decisions need to be made on storage, release procedures and on-going protection/ destruction methods.

Privacy at work

Privacy at Work

Privacy at work- PC- PDA's- Email- Surfing- Hard copy