Human Resources Management System
Privacy impact assessment (PIA) summary
Overview
The Human Resources Management System (HRMS) is a national system that provides direct access to Human Resource (HR) information. It allows HR professionals to administer HR functions electronically by capturing a wide range of employee information including:
- career plans
- certifications
- dependents
- discipline
- education
- employment equity
- grievances
- health and safety and accident reporting
- language skills
- leave and leave entitlements
- skills
- tests, and
- training courses
HRMS also allows employees to electronically:
- access and update their personal information including:
- addresses
- marital status
- phone numbers
- the ability to self-identify
- view leave
Summary of risks and recommendations
General/overall use
Risk
Potential for personal information to be used for purposes for which it was not intended.
Recommendations for mitigation
Ensure that a memorandum of understanding exists for information provided to third parties and that it acknowledges their legal responsibility for the protection of personal information provided to them in accordance with:
- the Privacy Act, and
- the Personal Information Protection and Electronic Documents Act
Disposal
Risk
The HRMS application contains several categories of data. The collection of information did not commence for all categories upon initial implementation of the system.
Recommendations for mitigation
Develop electronic purging processes within the HRMS application according to established retention periods set out in CSC manuals.
Advise all stakeholders of the legal responsibility to dispose of personal information in accordance with Section 6 (3) of the Privacy Act.
Page details
- Date modified: