click below
click below
Normal Size Small Size show me how
Purple Module
H.I.M. -10 PIPEDA Principles
Question | Answer |
---|---|
PIO who is ultimately responsible for the compliance of the organization with the standards spelled out in the act | Accountability |
You must inform the clients of the purpose for the collection of their information either before or at the time of the collection | Identifying Purposes |
Consent must be obtained in order to collect the information | Consent |
A clear link must be established between the information that is collected and the reason for doing so | Limiting Collection of PI (personal information) |
You cannot use or disclose any information for purposes other than those for which it was collected; information must be kept only as long as it serves its intended purpose; information must be appropriately stored and destroyed | Limiting Use, Disclosure, and Retention |
Information should be accurate and complete in terms of how it is recorded to facilitate its proper use | Accuracy |
The organization must take appropriate and practical measures to protect the information from unauthorized access, use or tampering | Safeguards |
Information about policies relating to the management of personal information must be readily available to the clients | Openness |
With written request to the PIO, clients shall be given access to their personal information | Individual Access |
Each organization must have a process in place to handle complaints with respect to the way personal information is collected, used, or disclosed, or the manner in which the organization complies with the legislation | Challenging Compliance |