The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Friday, February 11, 2005
It continually drives me bonkers when I read about how some organizations implement privacy laws (see below). Granted, these laws are not always easy to understand, but they usually can be implemented without completely shutting down normal business operations or even normal personal interactions.
A huge part of the problem is that the laws are not very easy to understand, particularly if you sit down a read them from beginning to end. Most laypeople have a hard enough time staying awake during the process and it is rare to actually make it through the law in one sitting. But even if you can manage to make it that far, there in little in the laws themselves to help you in translating theory to practice. (You're not alone: I've dealt with lawyers who have little understanding of the law itself, let alone how it should be implemented. A law degree does not automatically confer an ability to figure it out.)
So what's to be done? People need to be trained about what the law means and how it needs to be integrated into their operations. Front line employees don't need to memorize section 7(3)(c)(ii), but they do need to know how to do their job in this new regulatory environment. They need to know how to meet customer expectations. They need to know how to deal with circumstances where privacy laws may entail a bit more process for their customers. And they need some common sense.
On this front, I have to give full marks to the Nova Scotia Department of Justice, which recently held a series of workshops for department administrators of the Freedom of Information and Protection of Privacy Act throughout the province. And they had the good sense to include a unit on PIPEDA. Though this law doesn't generally apply to the same organizations subject to FOIPOP, it has been a major source of confusion.
CBC Manitoba - Ombudsman slams province over privacy laws:
"Tuckett says there are many cases where public officials do not use common sense in providing people with access to their own personal information.
'I had a call from somebody where they were talking to somebody in a medical doctor's office and asking about the condition of the person and the doctor came up and said, 'You know, you can't talk about your medical condition with other people in our office because it's contrary to PHIA,'' he says.
'I call it 'PHIAnoia' because, you know what it is, it's this, 'I can't share that, I can't do this.' Privacy laws were never intended to be applied so rigidly that all of a sudden you can't have normal human relations with people.'
Tuckett recommends the government should set up a training program to help its employees understand privacy and access laws. This report will be Tuckett's last as ombudsman; he is retiring as of Feb. 11."
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.