The seventh principle of the 10 Privacy Principles of PIPEDA is Safeguards.
The principle of Safeguards states that an organization should protect personal information with security safeguards that are appropriate for the sensitivity of personal information held.
Personal information should be protected against loss or theft, unauthorized access, disclosure, copying, use or modification, regardless of what format it is stored in (paper, electronic, etc).
What type of Safeguards Should a Business Use?
If someone owns a small business and collect customers’ email addresses for an online newsletter, for example, she might store the emails in a spreadsheet. It then may be reasonable to password protect the spreadsheet and/or encrypt it so that if the spreadsheet were stolen, it would be difficult to decrypt and retrieve the email addresses.
If an organization were to collect more sensitive personal information, such as credit card numbers, the organization would be expected to have much stronger safeguards in place to protect that information.
The organization should determine how sensitive personal information is and implement safeguards to protect it. It is always good business sense to enact safeguards that provide better-than-average protection for the personal information it protects — after all, the last thing an organization wants is to suffer a privacy breach.
Methods of Protection
Organizations should use physical, organizational, and technological methods to protect personal information.
An organization should use physical methods to protect personal information whenever possible. Cabinets, safes, doors, and offices should be locked when they are not in use. They should be restrict access whenever possible.
When printing or receiving faxes, documents should be retrieved immediately. Some office printers allow employees to print papers once they approach the printer and key in their personal code.
Sensitive and confidential personal information should not visible to the public.
Many organizations give employees RFID tags which open doors according to a security access level. Information should be limited to a need-to-know basis.
Some organizations wisely choose to pre-screen their employees for criminal records and bad credit histories before giving them access to sensitive information.
An organization should implement and enforce a clear desk policy. Employees should have their desks clear and free of any papers containing sensitive personal information or confidential company information. Employees should lock this information in a private filing cabinet. Similar rules apply for a clear screen policy.
An organization should enforce strong passwords and have employees change them on a scheduled basis.
It should also implement encryption whenever possible, especially when dealing with sensitive personal information such as credit card numbers. Encryption should be considered at all stages of transit.
An organization’s privacy officer should ensure that all employees are aware of the importance of maintaining the confidentiality of personal information. This can be done initially upon training, by having routine “refresher” sessions, and through documentation.
Destroying Personal Information
Organizations should exercise great care when disposing or destructing personal information.
News headlines are increasingly reporting businesses who foolishly dispose of sensitive personal information, often by throwing un-shredded papers into the trash which then become public property.