P2016-ND-42

On three separate occaisions (November 14, 18 and 21, 2014) an Administrator with the Organization inadvertently sent an email with a link to documents containing some or all of the information at issue to the wrong email address. On the first occasion, the information included name, home address, details of position offered, and starting salary. On the second and third occasions, the information included completed TD1 and TD1A taxation forms, with name, home address, date of birth, social insurance number, basic personal amounts claimed, and the Organization’s New Hire Data Form containing addresses and contact information, citizenship, and date of birth. The Organization discovered the breach on December 3, 2014.

File Type: pdf
File Size: 180 KB
Categories: 2016