Thursday, April 23, 2015 6:35 pm, Posted by Absolute Destruction
The Personal Information Protection and Electronic Documents Act (PIPEDA) is, admittedly, quite a mouthful, but every Canadian business owner should be familiar with its contents. It governs the way companies can collect, record, and use any personal information gathered from its clients and employees. For those businesses that don’t comply with its regulations, it can hold significant and costly consequences. To prevent violations, it’s important that you understand how this act affects the way you do business.
As a relatively young law, PIPEDA was enacted in 2004 to alleviate consumers’ concerns about how and where their information is being used, providing legal recourse for those individuals whose private information is used against their consent. It also gives consumers the right to question the business that is collecting their private details, allowing them access to their personal information in order to see why and how it’s collected.
But what is considered private and personal information? The answer is anything that identifies an individual, including names, contact information, and data related to client accounts and services rendered. Wrongful disclosure of such information can result in fines amounting to $10,000 for a summary conviction or $100,000 for an indictable offence. Regardless of the size and success of your business, these fines aren’t easy to swallow, but by creating a simple yet effective security strategy that includes our document destruction services, you can avoid these penalties.
A security strategy should be well-rounded and designed to consider purposeful and accidental security breaches. We’ve developed a few tips that can help any business adhere to PIPEDA.
- Train Employees: Knowledge is the first step towards creating a secure work environment, as many times these violations are unintentional mistakes made without the understanding of their consequences. But even if the disclosure isn’t willful or malicious in intent, it’s still punishable by law. Training all employees of policies regarding the law and how personal information should be protected is essential.
- Protect Records: Any information that your business does collect needs effective practices and systems put in place that defend it against malicious theft. A clean desk policy ensures paper documents are stored in secure filing systems and not left where they can be misplaced or stolen. Updating all IT security systems with new passwords and malware can protect computer systems and digital storage from being hacked.
- Destroy Trash: Once you’re ready to dispose of old client accounts and files, you have to ensure that these records can’t be accessed by anyone else. Simply throwing them out in the garbage is a gigantic compliancy error, as your bins are accessible to anyone who looks into them. Your best defence against security breaches is ensuring that all information is completely destroyed. By hiring our mobile shredding services, you can guarantee all paper files and digital media are 100% destroyed without a single chance of being retrieved.
With a security strategy that covers all the bases, you can comply by PIPEDA standards, protecting your clients’ information and yourself from costly penalties. To implement the secure destruction of information, contact us today to organize our regularly scheduled service.