Removal of Laptops & Personal Information Policy

  1. POLICY

As an employee of ABC Company, we remind you of your obligation to maintain the confidentiality of any and all personal information relating to ABC Company customers, employees or other individuals that you handle in accordance with the rules set forth in the ABC Company Information Security Policy. Removing such information from the workplace may be a violation of that obligation unless you do it in accordance with the terms set out in this Policy.

 

  1. PURPOSE

The purpose of this Policy is to set clear procedures, rules and policies governing the removal of Personal Information from the physical premises of ABC Company facilities.

 

  1. DEFINITION OF PERSONAL INFORMATION

This Policy applies to Personal Information, which includes but is not limited to financial, health-related and other private matters, of ABC Company customers, employees and other individuals whether maintained on paper, electronically or in other media, including but not limited to data kept on laptops, iPhones, tablets and other portable electronic devices, whether owned by the employee or ABC Company.

 

  1. REMOVAL OF PERSONAL INFORMATION MUST BE AUTHORIZED

Employees may not remove Personal Information from ABC Company facilities without prior permission of their supervisors. To obtain such supervision, the employee must notify their supervisors:

  • Which data they wish to remove;
  • The legitimate, work-related purpose for removing the data;
  • Where they propose to take the data;
  • How they propose to use it;
  • How the data will be secured;
  • When the employee will return the data; and
  • Any other information requested by the supervisor regarding the request.

 

  1. SAFEGUARDS

The following safeguards must be followed when removing Personal Information from ABC Company facilities:

  • Only paper or electronic copies may be removed. Originals must remain in the ABC Company facilities;
  • Employees who remove Personal Information must complete the check-out log sheet, a copy of which is attached to this Policy;
  • Personal Information that has been removed in accordance with this Policy must be brought back to the ABC Company facilities within one business day after completion of the purpose for which the Information has been removed;
  • Personal Information in paper must be enclosed by a protective jacket, envelope, binder or case supplied by ABC Company;
  • All protective jackets, envelopes, binders or cases must include a “return to” address that includes ABC Company’s complete mailing address, phone number and contact person;
  • Personal Information in electronic form must be kept in a laptop computer or other portable device that includes all security measures required by the ABC Company Information Security Policy.

 

  1. ENFORCEABILITY

Failure to comply with the terms of this Policy is a serious offence warranting the imposition of discipline up to and including termination in accordance with the ABC Company Information Security Policy, Progressive Discipline Policy and the terms of any applicable collective agreements.