Personal data compliance

The HR department of a company manages a lot of personal data. All such personal data must be protected under the law.

Personal data compliance

Personal data

The HR department of a company collects and archives a lot of information throughout the professional career of its employees: CV, employment contract, address, social insurance number, compensation, annual evaluations, etc. All such personal data must be protected under the law.

The Act to modernize legislative provisions as regards the protection of personal information (also known as Law 25) came into force in Quebec in September 2022.

This reform modernizes the rules protecting personal information in Quebec so that they are better adapted to the new challenges posed by the current digital and technological environment.

Law 25 did not disrupt what we were already doing. It does not impose a workload or constraints that we do not already impose on ourselves. Law 25 simply formalizes a practice that was already well established within SIGMA-HR.

Law 25: obligations in force since September 2022 in Quebec.

  • Appointment of a Privacy Officer.
  • Obligation to notify the Commission d’accès à l’information (CAI) of any confidentiality incident involving personal information presenting a serious risk of harm.
  • Obligation to form a committee on access to information and the protection of personal information. These measures must be published on the company’s website.
  • Obligation to disclose any bank of biometric characteristics or measurements to the CAI at least 60 days before it is implemented.

Your sensitive data is safe

We have all heard the recent horror stories about data theft. SIGMA-HR is ISO 27001 + HDS certified for IT security and development methods. What does it mean? It means the ultra-secure access to your HR solution guarantees you greater peace of mind.

The SIGMA-HR promise is a commitment to do everything possible to secure all sensitive user data. Our goal? Protect the interests of our clients, employees and partners. Being ISO/IEC 27001 certified also means that we adhere to the best practices and standards in terms of IT security.

As for data management, the SIGMA-HR solution complies with all Canadian and European requirements.

Photo avec sceaux sécurité SIGMA-RH-01
technology-concept-with-cyber-security-internet-networking

Data confidentiality is protected within SIGMA-HR

As subcontractors, we are required to comply with specific obligations in terms of security, confidentiality and documentation of our activity. We must also take data protection into account in the design of our HRIS SIGMA-HR software and put in place measures to guarantee optimal data protection.

The advanced configuration possibilities of the SIGMA-HR software make it possible to define access rights by person, profile, department, etc. so that everyone can only access the data that is useful to them. Data confidentiality is thus preserved.

The SIGMA-HR software also allows you to modify or delete data to respond to requests pertaining to the right to modify or delete personal data.

SigmaRH_Lifestyle_HD-9

Security at the heart of SIGMA-HR’s concerns

Since our creation, the security and confidentiality of the data of our clients and their employees have been one of our priorities.

Specialists in HRIS solutions in SaaS mode since 2006, we have developed significant expertise in the field of data security management over these years.

We are committed to a permanent quality approach to support our clients and partners in terms of IT security and the management of confidential data. To find out more, you can consult our commitments relating to SaaS mode in terms of security and confidentiality.