Most organizations still don’t encrypt data when it leaves the office

keyboard-litupI recently read a news release by the Alberta Office of the Information and Privacy Commissioner that indicated there are still high incidences of laptops containing personal information being stolen—without having security measures such as encryption put in place. The commissioner was left scratching his head.

The commissioner found it odd that organizations would not take the time to properly protect personal information. He stated, “Encryption technology is pretty much commonplace, and it’s irresponsible that an organization would allow this stuff out the door, without ensuring it’s protected.”

The commissioner also commented that these organizations were putting a lot of people on edge, given the potential for identity theft or personal embarrassment. On the same note, when a laptop containing personal information is stolen, the organization faces more work, cost and embarrassment because they have to notify individuals that they lost their personal information, and it might be used for illegal purposes.

I’m wondering: what kind of security measures do you have in place in your organization? What type of physical and technological protections do you have to prevent privacy breaches?

Christina Catenacci
First Reference Human Resources and Compliance Editor

Alberta
canadian employment law
employment law
encryption
Encryption technology
identity theft
laptops
Office of the Information and Privacy Commissioner
personal information
private sector privacy legislation
protecting personal information
security measures
stolen laptops
technology
Share

Related Posts

Imagen 1

Addressing domestic violence in the workplace – some insights

The Ontario Occupational Health and Safety Act violence and harassment prevention provisions (Bill 168) require an employer to take all reasonable precautions in the circumstances for the protection of all employees if a domestic violence situation is likely to expose a worker to physical injury in the workplace and the employer becomes aware or ought reasonably to be aware of the situation.

But what does that imply? The law states the requirement but provides little guidance on what employers need to do to prevent domestic violence from spilling into the workplace. In addition, many employers are not comfortable addressing a situation of such a personal nature. It is not an easy task to complete and might never be.

Marie-Yosie Saint-Cyr, LL.B. Managing Editor

Read more
Imagen 1

Disclosing persons with a history of violence

The Ontario Occupational Health and safety Act violence and harassment prevention provisions (Bill 168) require employers to provide information, including personal information, about a person with a history of violent behaviour if:

Marie-Yosie Saint-Cyr, LL.B. Managing Editor

Read more
Imagen 1

Sleeping on the Job? What do you have to do to get fired in Canada, anyway?

Employees can be dismissed for cause, and therefore without notice or severance, when their misconduct or performance is so egregious that the employment relationship has been irreparably harmed. In assessing this issue, employers must adopt a contextual approach, which considers not only the misconduct in question, but the entirety of the employment relationship.

Rudner Law, Employment / HR Law & Mediation

Read more