The 10 Privacy Principles of PIPEDA – Limiting Use, Disclosure, and Retention

The fifth principle of the 10 Privacy Principles of PIPEDA is Limiting Use, Disclosure, and Retention.

Limiting Use, Disclosure, and Retention

The principle of Limiting Use, Disclosure, and Retention states that your organization shall limit the ways it uses, discloses and retains personal information.

This means that that your organization should not use or disclose personal information for purposes other than those which you have identified purposes and received consent for. Your organization should only retain personal information for as long as is necessary to fulfill its purposes.

Exceptions

There are some exceptions to this principle. For example, your organization may have legal obligations to comply with, such as providing personal information to authorities for investigating fraud. Refer to PIPEDA for specific exceptions.

New Purposes for Personal Information

If your organization wants to use personal information for a purpose that it did not originally collect it for, it must obtain consent from those affected individuals. In addition, your organization should document the new use of personal information in order to be complaint with the principles of Openness and Individual Access.

Develop Guidelines and Implement Procedures

Your organization must develop guidelines and implement procedures for the retention of personal information and should only retain personal information for as long as it is required to fulfill its intended purposes. Your organization should also allow a reasonable amount of time for an individual to request his/her personal information before it is destroyed, erased, or made anonymous.

Minimum and Maximum Retention Periods

Your organization should implement a minimum and maximum retention period for personal information.

For example, your minimum retention period may be one year. It should allow your organization sufficient time to use the personal information it has collected and also satisfy any legal or contractual requirements.

Your maximum retention period may be two years. This will allow individuals sufficient time to request their personal information in accordance with the Individual Access principle.

Destroying Personal Information

After your maximum retention period, your organization should destroy, erase, or otherwise make anonymous the personal information is has collected. Your organization’s privacy officer should develop guidelines and implement procedures to do this.

Personal Information is a Liability

While many organizations see personal information as an asset, it is rather a large, unnecessary liability that your organization carries the longer it accumulates.

No system is completely secure; the more personal information your organization collects, the more it has to lose. Nothing can destroy your company’s image and business quicker than suffering a privacy breach and losing your customers’ and clients’ sensitive personal information.

Data Mining

Organizations that collect information from their customers and clients often see data mining as a valuable tool in order to discover relationships and patterns in data that may give their business a competitive edge.

In order to be compliant with the principle of Limiting Use, Disclosure, and Retention, your organization should make information anonymous before accumulating and using it for statistical analysis.

This way, organizations can reap the benefits of using their data to find important patterns while satisfying their requirements under privacy legislation.

Compliance with Other Principles

The principle of Limiting Use, Disclosure, and Retention is closely linked with other principles such as Consent, Identifying Purposes, and Individual Access.