E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants

Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


Source: Toronto Star

Posted on January 5, 2004

      Businesses that collect and use personal information for commercial activities must now comply with a new federal privacy law, whose third and final phase goes into force January 1, 2004.

      It doesn't matter what kind of business you run. Every operation, large and small, from videos stores and magazine publishers to charities and accounting firms, will need to get its information management practices in order if it wants to avoid possible fines, litigation or public embarrassment.

      "It's going to hit all kinds and sizes of businesses in Canada," said Federal Privacy Commissioner Jennifer Stoddart in a recent interview with the Star.

      The legislation does not just protect customer data used for marketing purposes. Information about your employees could also be protected under the law, which gives individuals the right to complain to the federal privacy watchdog if they feel their information is being collected and used improperly.

      This includes any information about an individual that can be tied to that person's identity, such as a home address, personal income details, social insurance number, driver's licence information, Internet surfing activity and spending habits.

      Provinces with privacy legislation are generally exempt from the federal law, but Ontario isn't expected to have its own private-sector law until later this year. So what must Ontario businesses know about the Personal Information Protection and Electronic Documents Act?

      Under the new legislation, you will need to:

      - Show accountability for privacy abuses and breaches by developing internal policies and practices that protect personal data. A privacy point-person should also be selected to oversee compliance and handle customer complaints.

      - Demonstrate and communicate a purpose for which personal data is collected, one that would be considered acceptable by a "reasonable person." Businesses should limit their collection, use, and disclosure of the data for only that stated purpose and should not deceive or mislead customers.

      - Obtain direct and timely consent to gather, share and use the data, and obtain additional consent when the data is to be used for a secondary purpose.

      - Avoid unnecessary retention of information. Make sure to destroy, erase or render anonymous information that is no longer required.

      - Maintain accuracy of stored customer information by keeping it up-to-date, complete and correct.

      - Assure safeguards to keep that information in the right hands and to prevent accidental disclosure.

      - Be more open with customers, clients and employees by informing them of any policies and practices in place to manage their personal information. Make sure all policies are jargon-free and easily accessible.

      - Give individuals access to information about them and give them the ability to correct errors and amend their files.

      - To give consumers an opportunity for recourse , develop simple complaint procedures so customers have a way to voice concerns that will be properly received and investigated.

      The new rules not only create a safer environment for consumers, but also give businesses the opportunity to build more trusting relationships with their customers, experts say.

      And, by forcing many businesses to rethink their information practices, there is an opportunity to find savings through increased efficiencies by only keeping data that's needed and by increasing the accuracy -- and usefulness -- of customer information.

      Check out www.pipeda.org and www.privacyinfo.ca for more information about the law and related issues.

      Also visit the federal privacy commissioner's Web site at www.privcom.gc.ca for tips on compliance.

      To navigate through the new law, a book called The Personal Information Protection and Electronic Documents Act by Stephanie Perrin, Heather Black, David Flaherty and Murray Rankin is a helpful and thorough guide. Irwin Law Inc. is the publisher.

      Two other handy books are The Canadian Privacy Law Handbook by Murray Long and Suzanne Morin, and The Privacy Payoff by Tyler Hamilton and Ontario privacy commissioner Ann Cavoukian.

      Editor's Note: See this valuable discussion about practical and profitable Privacy Audits.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.