Toronto Chapter #193 is a non-profit organization
belonging to ASIS International and is monitored by the Policies and
Procedures of this organization. Our Privacy code is modeled after the
Canadian Standards Association Model Code for the Protection of
Personal Information (PIPEDA)
Toronto
Chapter #193 will continue to maintain the
standards by which we have operated, while adapting to the new
responsibilities that come with compliance to the federal Personal
Information Protection and Electronics Documents Act (PIPEDA).
1.
ACCOUNTABILITY
Toronto Chapter #193 is responsible for personal
information under our control. We have designated an individual to be
our Chief Privacy Officer, to ensure compliance with the principals as
set out in the code.
Toronto Chapter #193 will continue to educate our
members as well as assist our members with issues of compliance.
We will ensure that any third
parties used to process personal information also maintain our level of
protection of personal information.
2.
IDENTIFYING PURPOSES
Toronto Chapter #193 will identify the purpose for
which personal information is collected at or before the time the
information is collected. We will ensure that all assignments and
requests for personal information are compliant with PIPEDA, and
document why the information is collected.
Personal information collected
as part of the investigation of a contravention of the law may include
information pertaining to individuals involved in criminal activity,
individuals suspected of involvement in criminal activity, or with
knowledge of criminal activity, as well as those who may advance an
investigation by providing information relating to the identity of
those involved or suspected of criminal activity.
Personal information collected
in the investigation of the breach of an agreement may pertain to
individuals who are party to an agreement, have knowledge of the terms
and conditions of an agreement, who have knowledge of a breach of an
agreement, or may advance an investigation by providing information
relating to a breach of an agreement.
3.
CONSENT
We will obtain consent from
individuals for the collection, use or disclosure of personal
information, and document that consent. We will never obtain consent by
deceptive means.
In many instances, obtaining
the knowledge and consent of individuals would defeat the purpose of an
investigation. Personal information will only be collected, used and
disclosed by Toronto Chapter #193 without consent
in accordance with section 7 of the Personal Information Protection and
Electronics Documents Act, S. C. 2000, c 5 (PIPEDA).
Express consent will be used
whenever possible and in all cases where the information is sensitive.
Toronto Chapter #193 may also conduct investigations
using implied consent, when it is appropriate to collect, use or
disclose personal information.
4.
LIMITING COLLECTION
The personal information
collected will be limited to that which is necessary for the purposes
we have identified. We will collect the information by fair and lawful
means, and only for legitimate purposes. We will not be deceptive with
regard to the purpose for which the information was obtained.
5.
LIMITING USE, DISCLOSURE, AND RETENTION
Personal information will not
be used or disclosed for purposes other than those for which it is
collected, except with the consent of the individual or as required by
law. Personal information shall be retained only as long as necessary
for the fulfillment of those purposes.
Personal information will be
destroyed, erased or rendered anonymous once it is no longer required
for the purpose for which it was collected.
6.
ACCURACY
Personal information we collect
shall be as accurate, complete and current, as is necessary for the
purposes for which it is to be used.
We will attempt to make every
effort to ensure the information used is accurate and up to date. We
will work with our members in this regard and assist them in the
transfer of information as well as verify the information we receive
before conducting investigations. We will inform our members of any
errors or omissions so that they may take steps to correct the
information in their own files.
7.
SAFEGUARDS
Toronto Chapter #193 will safeguard all personal
information appropriate to the sensitivity of the information. Our
facilities are adequately protected using state of the art technology
both from a physical and electronic standpoint.
The executives have been
instructed on Privacy Act regulations. Additionally, all documents are
shredded under secure control and electronically stored information is
deleted from our hard drives.
8.
OPENNESS
We shall make readily available
to individuals specific information with regard to our policies and
practices relating to the management of personal information. A copy of
this policy may be obtained by accessing our web site or contacting our
Chief Privacy Officer Bill Bradshaw CPP 416.367.0909, 200
Queens Quay East 4-2, Toronto M5A 4K9
9.
INDIVIDUAL ACCESS
Upon request, an individual
shall be informed of the existence, use and disclosure of his or her
personal information, and shall be given access to that information.
Any individual my be able to challenge the accuracy and completeness of
the information and have in amended as appropriate.
There are lawful exceptions to
the above: When the information is protected by Solicitor /Client
privilege, or personal information with regard to another person may be
revealed, as well as safeguarding the safety of an individual's life or
security.
Other exception exists and can
be discussed with anyone with concerns.
10.
CHALLENGING COMPLIANCE
An individual may address a
challenge concerning compliance to our Privacy Officer. We will
investigate all complaints and take appropriate measures to correct
information handling practices and provide a response to registered
complaints within a reasonable time period.
