Personal business information is usually any information that identifies a buyer, employee or partner. Whether your business collects this information through direct contact or internet, you must safeguard it so that it does not work as a liability for your company.

PIPEDA, Canada’s privacy laws, defines private information as “information that pertains to an individual and that can be used to spot the person. ” This includes any information that is connected or linkable to an person (i. e. a person’s name, social security number or biometric information) and is not otherwise publicly readily available.

Examples of PII include:

Social reliability numbers; a person’s date and place of entry into the world; their mother’s maiden name; their cruising licence quantity; their particular medical details and other health-related information; and credit card or purchase card account statistics.

Sensitive PII, also called PHI, is facts that if perhaps disclosed without the individual’s consent may cause harm, embarrassment or difficulty to them. This includes a person’s Social Security Number, medical record, disciplinary actions, performance ratings, work history and some other information that could be taken to identify or perhaps trace a person.

PIPEDA requires organizations to:

Be clear regarding the purpose intended for collecting your data before or at the time of collection, and express why you require it. You can ask for more details this post or fall to provide this if you are not satisfied with the explanation.

Limit the amount and type of personal data gathered about what is necessary with respect to the intended goal. If you offer additional information, it ought to be for a purpose related to the first purpose and only when you accept it.