Privacy Laws & PIPEDA – Are You Compliant?

Compliance with Canadian Privacy Laws and the Personal Information Protection and Electronic Documents Act (PIPEDA) is not optional – if your business is not compliant your company is at risk.

PIPEDA Compliance

10 Tips For PIPEDA Compliance 

1) Define what personal information you will collect, where you will store it, how you will share it and ultimately, how you will destroy it.

2) Collect only the personal information that your business actually needs.

3) Advise customers of video/CCTV surveillance.

4) Draft a Privacy Policy that clearly outlines how your business collects and uses personal information.

5) Train your employees on your Privacy Policy.

6) Limit access to the information you collect. It should not be readily available to all employees and access should be monitored.

7) Minimize the collection and retention of personal information.  If you no longer require the information then you should properly destroy it.

8) Protect personal information by securing it in locked cabinets, password protected files or by encryption.

9) Ensure you appoint a “Privacy Officer” who your customers and vendors can contact with any questions.

10) Don’t ignore requests for access to personal information.

PIPEDA Compliance

To assist with compliance, the Office of the Privacy Commissioner of Canada offers a “Privacy Toolkit for Businesses“.  This toolkit helps businesses understand what is necessary for compliance and provides a guideline for how to get compliant.

If you’d like some help we’re only a phone call away. We perform compliance audits, gap analysis, and work with you to develop Privacy Policies.

Need assistance? We’re here for you.  We help business owners solve problems.
Stellacon Solutions (613) 263-1010