1 POLICY
1.01 Local 213 of the International Brotherhood of Electrical Workers (referred to as IBEW 213) respects the privacy of its members and employees. IBEW 213 is committed to maintaining the security, confidentiality and privacy of personal information.
1.02 This Protection of Privacy Policy documents IBEW 213's ongoing commitment to acknowledging the sensitivity of the information collected and ensuring the security of personal information and has been developed in compliance with applicable local and federal privacy legislation.
1.03 IBEW 213 only collects personal information that it reasonably requires.
1.04 IBEW 213 may review and change this Protection of Privacy Policy from time to time.
2 PURPOSE
2.01 IBEW 213 will collect, use, store and disclose personal information for purposes authorized or required by applicable privacy legislation or other law and for the following purposes:
- To manage and develop IBEW 213 business and operations including maintain a database of workers for the purposes of Business Development;
- To provide employment advocacy services;
- To communicate with the membership in accordance with the IBEW 213 Communication Policy;
- To detect and protect IBEW 213, members, employees, our working partners and others from error, negligence, fraud, or other illegal activity, which may include providing information to insurers;
- To provide information to partners of IBEW 213 as needed for the provision of our services such as but not limited to legal services and disability management services;
- To issue invoices, process payments (including Union Dues), and collect debts owed to IBEW 213;
- To track and report dues payments, work history, seniority (if applicable), certification, voter eligibility, and membership standing;
- To comply with legal and regulatory requirements;
- To promote and market IBEW 213 through various media sources; and,
- To provide our membership with newsletters, correspondence, information, bulletins, and surveys about areas of employment, politics, industry, unions, education and law including for and about Local 213 of the International Brotherhood of Electrical Workers, its associated Trusts and Training Funds, and the International Office of the IBEW all in accordance with Canadian antispam legislation.
These collections, uses and disclosures are a necessary part of the membership relations with IBEW 213.
3 SCOPE
3.01 This policy applies to all members and employees of IBEW 213.
3.02 This policy applies to information collected for the purposes of membership with the local union including such information as:
- Contact information:
- Name;
- Address;
- E-mail Address;
- Telephone Number(s).
- Employment information:
- Social Insurance Number (SIN);
- Gender;
- Date of Birth;
- Date of union membership;
- Occupation and Professional Qualifications (if any);
- Employer's/ worksite information;
- Date of hire or Dispatch; and,
- Record of financial contributions to the Union.
- Additional information may be collected if members become involved in a grievance, board, or trial proceeding as an appellant, witness or affected party. In these instances, IBEW213 collects only the personal information necessary to the proceeding and its archive of potential evidence about collective bargaining, board, employer and union practice and precedents for use in future proceedings.
- Medical Information may be collected to assist the member in a grievance, board, or trial proceeding as an appellant, witness or affected party. Only information reasonably necessary to the case will be collected.
4 RESPONSIBILITY
4.01 The Privacy Officer
Local 213 of the International Brotherhood of Electrical Workers is responsible for personal information under its control. IBEW 213 has designated a Privacy Officer who is responsible for compliance with this policy. All questions, complaints, or concerns with this Policy should be made in writing and will be directed to the Privacy Officer:
Scott Ashton,
Privacy Officer
Local 213 of the International Brotherhood of Electrical Workers
1424 Broadway Street
Coquitlam, BC V3C 5W2
email: sashton@ibew213.org
4.02 Employees
Employees of IBEW 213 are responsible for the gathering, inputting, safe handling/storing and the necessary disclosure of any personal information they come in contact with in accordance with the procedures laid out in this Statement of Policy and Procedure.
4.03 Members
Members of IBEW 213 are responsible for providing and maintaining up to date information in particular the information found in article 3.02. Members who participate in meetings and events, or who perform casual and official positions on board, committees, as stewards or otherwise are bound by this Statement of Policy and Procedure.
5 DEFINITIONS
5.01 "Members" and "Membership" means dues paying members and also includes: laid-off or unemployed members in good standing that are paying out-of-work dues; past members who are no longer with the IBEW 213 but may have documents in their possession from IBEW 213; Deceased members who may have documents or information belonging to IBEW 213; and beneficiaries of plans that are the result of collective bargaining and union certification with Local 213 of the International Brotherhood of Electrical Workers.
5.02 "Electronic document" means data that is recorded or stored on any medium in or by a computer system or other similar device and that can be read or perceived by a person or a computer system or other similar device. It includes a display, print-out or other output of that data. It may also be a text, sound, voice or image.
5.03 "Hard copy" means material that is not data in nature and is recorded or stored on any medium other than a computer system or other similar device and that can be read or perceived by a person. It includes paper documents even if they are print-outs, books, pamphlets and images, a display, print-out or other output of that data.
6 REFERENCES and RELATED STATEMENTS of POLICY and PROCEDURE
Personal Information Protection and Electronic Documents Act (PIPEDA) (Canada)
Personal Information Protection Act (PIPA) (British Columbia)
Workers Compensation Act (British Columbia) OP 1.02.BC IBEW213 Communication Policy PP 6.53.BC Work From Home Policy
7 PROCEDURE
7.01 Disclosure
IBEW 213 discloses some or all of the personal information it has about its members on a need-to-know basis to:
- The Canada Revenue Agency;
- Human Resources and Development Canada;
- British Columbia Labour Relations Board;
- Canadian Labour Board;
- Workers Compensation Board;
- Local 213 Electrical Workers Welfare and Pension Plans;
- Electrical Joint Training Committee;
- NetCom Committee;
- Certified Bargaining Unit Employers;
- The International Office of the International Brotherhood of Electrical Workers;
- Other local unions of the IBEW;
- Legal consultants
7.02 IBEW 213 does not disclose personal information to other members or to any agencies or organizations outside of those listed in 7.01 without obtaining permission to do so from the affected member or employee.
7.03 IBEW 213 discloses information it collects with respect to a case, grievance, board, or trial proceeding to representing legal firm(s), adjudicator(s) and opposing party or parties. Some or all of this information might become public information if the adjudicator issues an award or decision.
7.04 Hiring Hall Dispatches
Members who are eligible for hiring hall dispatches, their name, trade designation, date of their dispatch, the name of the work location and employer to which they were dispatched are recorded in a book that can be viewed by request by other members of the same bargaining unit. Neither the dispatch book, nor any form of copies or information recorded from the dispatch book will be permitted to be removed from the premises. Members viewing the book will be accompanied by the dispatcher, the Business Manager or the Business Manager's designate while they have access to the dispatch book.
7.05 IT Contractors
IBEW 213 engages with IT contracting firms to construct and maintain its Information System network and electronic files. These firms are bonded and are a part of the private information protection planning that IBEW 213 has put in place. Due to the nature of the work these IT firms do, these organizations have access to personal information stored on the devices they work with. These organizations are also subject to the federal and provincial privacy laws as well as industry ethical standards.
7.06 Storage of Personal Information
Personal information is stored with restricted secure access in a secure building located in Canada either on adequately fire-walled, password protected and encrypted electronic data-base for the electronic file or, in the case of hard copy information, in a locked file room with limited access.
Certain information necessary for membership with IBEW 213 will be sent to the International Office of the International Brotherhood of Electrical Workers whose offices are located in Ontario, Canada and Washington DC, USA
7.07 Disposal of Personal Information
Hard copy Personal information is disposed of through our contract with a secured shredding Contractor. All documents IBEW 213 deems no longer necessary will be destroyed. Prior to disposal, all hard copy documents to be destroyed are stored in locked containers which are located in a locked room with limited access until such time they are picked up by the contracted shredding company.
Electronic devices are disposed of by means of wiping all information and re-formatting the device. Hard drives are destroyed rendering them unreadable.
7.08 Information collected that is not deemed necessary or the case, grievance, board, or trial proceeding has ended and IBEW 213 has determined that the information is not necessary for archive of potential evidence about collective bargaining, board, employer and union practice and precedents for use in future proceedings, IBEW 213 will return personal items and evidence to the rightful owners and destroy and dispose of all remaining needless information in accordance with article 7.07 of this policy.
7.09 Employees Working Away
Employees who work "on-the-road" or are in a "work-from-home" situation are directly responsible for the personal information in their control while working away from the office. Documents containing personal information, if they cannot be transported by electronically encrypted means, must be logged and the type of private information they contain documented. The logged documentation must be stored securely at the office preferably in electronic storage. Documents created or used away from the office must be destroyed, by either shredding onsite with the shredded parts returned to the office for safe disposal or, if shredding is not possible, the documents will be logged (as stated) and specifically and securely transported back to the office as directly as possible.
7.10 Access to Personal Information
Members may request to view their Personal information by making an appointment to visit the Union office accompanied by the Privacy Officer. The Privacy Officer will consider requests to expunge personal information from such files and will make decisions in this regard based on a determination about whether the information enhances IBEW 213's archive of potential evidence about collective bargaining, board, employer and union practices/precedents for use in future proceedings.
Should a request to expunge personal information be denied, a member may appeal the Privacy Officer's decision in this regard by providing the Business Manager I Financial Secretary with a written submission describing the reasons why the member believes the Privacy Officer's decision is incorrect. The decision of the Business Manager I Financial Secretary is final.
7.11 Privacy Breach Procedure
A privacy breach is a situation where private information under the control of IBEW 213 is lost, stolen or mistakenly disclosed allowing unauthorized access to the information as defined in British Columbia's Personal Information Protection Act (PIPA) or part 3 of British Columbia's Freedom of Information and Protection of Privacy Act (FIPPA) and Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).
In the event there is a privacy breach the following steps will be taken:
Step 1: Contain the Breach
The person who has discovered the breach take steps to limit the breach by stopping the breach if it is continuing and try to contain the loss of information. They must then notify the Business Manager I Financial Secretary and the Privacy Officer immediately.
The Privacy Officer will:
- conduct an initial investigation;
- notify the Police if the breach appears to involve criminal activity;
- inform other departments (IT, Security) and create a team to respond to the breach (The Response Team);
- commence filling out the OP 1.04.BC-A !BEW 213 Privacy Breach Checklist
Step 2: Evaluate Risks
The Response Team will determine:
- what information is involved
- the cause and extent of the breach
- individuals affected by the breach
- the foreseeable harm from the breach
Step 3: Notification
The Privacy Officer will notify affected individuals through appropriate means in accordance with provincial and federal law. The Privacy officer will determine if notification is required or necessary under the circumstances to:
- Insurers or others through contractual obligations;
- Professional or other regulatory bodies;
- Other internal and/or external parties not already notified;
- The Office of the Privacy Commissioner (Federal);
- The Office of the Information and Privacy Commissioner (Provincial);
Step 4: Complete Investigation
The Privacy Officer will complete the OP 1.04.BC-A /BEW 213 Privacy Breach Checklist and create a report of the breach for the Business Manager I Financial Secretary including recommendations for changes to policy, organizational structure, security and procedures in an effort to prevent future privacy breaches.
-30-