First - as we have seen many times before, a prompt and proper response to any alleged privacy breach is crucial. Every person in every business that has customer contact must be trained to spot privacy issues, and immediately bring them to the attention of the business's privacy officer.Second - what should be the proper response when something like credit cards or documents with personal information is sent to the wrong person? Is telling them to cut them up or shred them sufficient? Or should they request they be returned? At least if they are returned, the business will know exactly what was sent.
The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
Tuesday, January 31, 2006
How to handle an inappropriate disclosure of personal information
Over at eLegal Canton, David Canton is discussing the lessons to be learned from an incident reported on Techdirt about an individual who was sent 34 other credit cards along with his own:
No comments:
Post a Comment