Employee Privacy Policies Provide Notice - Without Choice
Employee privacy policies differ from customer privacy
policies. Employee privacy policies inform employees about
the employer's purposes for the collection, use and disclosure
of their personal information, but there is one key difference
- there is often no choice. An employee cannot withdraw
consent without impacting their employment entitlements,
if not their continued employment.
Thus, employee privacy policies inform employees of their
privacy rights and of the organization's practices related
to the collection, use and disclosure of employee personal
information.
PIPEDA is Not Applicable
Organizations looking for legislative guidance when creating
employee privacy policies should look to British Columbia
and Alberta's Personal Information Protection Act (PIPA).
Federal privacy legislation, the Personal Information Protection
and Electronic Documents Act (PIPEDA), has limited application
with respect to employee personal information, as PIPEDA
only applies to employees of Federal Works(*).
This is good news, as both the B.C. and Alberta PIPA take
into consideration the unique privacy requirements employers
face with respect to employee personal information. PIPA
does not require employers to obtain consent from employees
for the collection, use or disclosure of their personal
information, as long as the purpose is to establish, manage
or terminate an employment relationship. PIPA simply requires
organizations to notify the employee as to the purposes
for the collection, use and disclosure.
Thus, employee privacy policies serve as notification.
(*)Federal Works, Undertakings and Business,
as defined in PIPEDA and often referred to as federally
regulated organizations includes the Banks, Telcos, Airlines,
Transportation companies and all organizations in Canada's
territories.
Page 3 of 4
|
.gif){kind=spacer}
