CAN/DGSI 100-6 Data Governance – Part 6: Responsible governance of employee information (Second Edition)

This Standard specifies minimum requirements for how employers collect, use, store, disclose, and dispose of information related to employees, regardless of format, physical form, or characteristics. This includes, and is not limited to:

• information about remuneration and benefits;
• records of and metadata relating to web browsing, audio and video recordings, email text (SMS) messages, direct messages, and other forms of communications; and
• employee data acquired or created directly or indirectly by or on behalf of employers through platforms, devices, technologies, and vehicles used by employees.

This Standard addresses information governance considerations with the aim of strengthening trust between employers and employees by ensuring employer openness and clarity about what, how, why, and when information about employees is collected or used, how long, and in what form(s) it is retained, to whom it is disclosed, the purpose(s) for any such disclosure, and scale of the information. The Standard also considers data that is analyzed by humans and processed by digital machines, as well as the concept and validity of employee consent.

DATE POSTED: October 3, 2024

DEADLINE FOR COMMENTS: December 6, 2024