Canada
PIPEDA provides limited direction on the destruction of personal information. Organizations must develop their own guidelines that govern the disposal or destruction of personal information. 4.3. Data correction, completion, updating or erasure Personal information about an individual must be accurate, complete and up to date. Organizations must respond to requests to amend personal information about individuals. An amendment may involve the correction, deletion or addition of
information. If requested, organizations must also be able to provide an account of the third parties to which the information has been disclosed. Access must be provided for free or a minimal fee, within a reasonable time. 4.4. Data protection and security practices and procedures PIPEDA requires organizations to implement appropriate safeguards against unauthorized access or modification of personal information. It mandates appointing privacy officer(s) to be accountable for ensuring compliance. The name, title and contact information of the privacy officer(s) must be readily available as they must act as the point of contact for individuals with compliance concerns. 4.5. Disclosure, sharing and transfer of data Organizations transferring data to service providers must ensure compliance by third parties. Contractual safeguards and monitoring can ensure that service providers are also compliant with
https://www.foglers.com/
Made with FlippingBook - PDF hosting