Office of the Information and Privacy Commissioner of Saskatchewan. Technology’s Impact Upon Employee Privacy. Updated 14 May 2024. 1 Technology’s Impact Upon Employee Privacy DISCLAIMER: This document is not intended to provide legal advice and is provided for informational use only. Updated May 2024 Introduction The Freedom of Information and Protection of Privacy Act (FOIP) and The Local Authority Freedom of Information and Protection of Privacy Act (LA FOIP) provide employees of government institutions and local authorities with a right to informational privacy in the workplace. Technology has enhanced how workplaces can organize themselves and how to complete tasks. However, technology can have a significant impact upon employee privacy. This document provides guidance to government institutions and local authorities on how they collect, use and disclose employee personal information. Notification of Purpose and Function Creep Government institutions and local authorities must inform individuals of the purpose for which their personal information is being collected when they are collecting personal information directly from the individual (subsection 26(2) of FOIP and subsection 25(2) of LA FOIP). Therefore, prior to using technology in the employment lifecycle, including monitoring employee activities, government institutions and local authorities must know the purpose for which they are collecting employee personal information. Then, prior to or at the time of collection, the government institution or local authority must inform employees of the purpose. However, the use of technology in the employment life cycle often occurs as a result of “function creep.” Function creep occurs when information is used for a purpose that is not the originally specified purpose. For example, a workplace may install a security system that requires employees to sign-in or sign-out of the workplace. The purpose of the security system is to prevent unauthorized access to a particular workspace. However, organizations may end up using this information to track employee attendance. If organizations do this, they are guilty of function creep. Function creep often is a privacy breach where organizations use and/or disclose personal information without proper authority. As organizations plan and implement projects, programs or processes, they should be cognizant of the privacy impacts these may have upon employee privacy. Below are some examples of technologies that may impact employee privacy.
RkJQdWJsaXNoZXIy MTgwMjYzOA==