The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Tuesday, April 12, 2005
In the United States, citizens are more often concerned about the information held by government. After a huge range of privacy breaches in the private sector, Newhouse news has an interesting take on how the US federal government secures personal information in its custody:
Government Surpasses Business in Protecting Citizens' Privacy:"WASHINGTON -- Here's a surprise:
In the face of increasingly intrusive information-gathering technology, many experts on privacy are convinced the U.S. government does a better job than business when it comes to protecting data compiled on hundreds of millions of Americans.
Federal agencies including the Internal Revenue Service, the Social Security Administration, the Census Bureau and the Centers for Medicare & Medicaid Services routinely collect and store detailed personal information about each citizen.
They keep a security lid on it with stiff criminal and civil penalties for improper disclosure. Leaks have been rare.
"That is because the federal government inherently is not in the business of moving information around to make the economy and commerce flow," said Robert Atkinson, a technology expert at the Progressive Policy Institute. "They use information for very narrow purposes, and in those situations it's a lot easier to protect data."
In the private sector, citizens often simply are viewed as consumers, their personal information a valued commodity to be bought and sold and exploited in a marketplace where data mining is the rage, and where identity theft has become widespread.
...
While laws on the subject have varied from state to state, effective April 20 tighter new federal privacy guidelines will cover private-sector electronic transactions handled by most health plans, care providers and health data clearinghouses. The rules were drafted by the Centers for Medicare & Medicaid Services, responsible for the confidentiality of health care records of 82 million citizens.
Still, federal authorities fear that public reaction to abuses in the private sector will damage faith in the government and interfere with its efforts to perform assigned functions.
...
"We think privacy is essential in building trust," said Gerald Gates, chief enforcement officer at the Census Bureau.
"We have a strict confidentiality statute, with penalties of five years in prison and $250,000, and training for employees on an annual basis. In 35 years there has never been a violation that has come to my attention."
The IRS, which processes 130 million individual and family tax returns annually, takes a back seat to no other agency in respecting the confidentiality of taxpayer records, said spokesman John Lipold.
"We never, ever disclose anybody's personal privileged information except as authorized by law, and there are stringent access rules," he said.
Then there's the Social Security Administration, which each year keeps track of some 160 million people reporting their wages and paying Social Security taxes, another 50 million collecting retirement benefits, and 50 million more aged, blind and disabled Americans getting Supplemental Security Income payments.
"Nobody has access to our computer records," said spokesman Mark Hinkle, adding that the agency enforces a "zero tolerance" policy for privacy violations...."
Labels: health information, identity theft, information breaches
The Canadian Privacy Law Blog is licensed under a
Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.