Quebec is weeks away from major biometrics changes for employers

September 22 is coming quickly for Quebec employers. That is the day when the Canadian province’s biometric information guidelines go fully into force.

Two business associations who will be fielding many questions about the guidelines, the Society for Human Resource Management and privacy-professionals group, the IAPP, are publishing reminders. The guidelines will be enforced by the Commission on Access to Information.

An article on the International Association of Privacy Professional’s site almost immediately hits readers with penalties for not obeying Quebec’s date-staged 2021 Act 25 (originally known as Bill 64).

For the record, violation of risk management rules in Act 25 will run from $10 million Canadian (US$7.4 million) or two percent to CA$25 million ($19 million) or four percent of global turnover.

Some of Law 25’s preparatory guidelines were enacted last September. According to the IAPP, they include naming privacy officers, making incident reports confidential, building biometric databases and strengthening internal rules for releasing biometric and other personal data used in research.

The human resource association, usually referred to as SHRM, last week published an article on the legal changes but focused on the use of biometric time clocks. The analysis starts early for companies – executives should document in detail why biometric scans are needed for timekeeping.

Some of what follows approximates the iconic Biometric Information Privacy Act in the U.S. state of Illinois. Quebecer companies have to get individual employee consent and show how and for what purposes data will be used, and how it will be integrated.

Anyone not consenting have to be offered an alternative to biometric scanning, according to SHRM.

The topic has been batted around the province since at least 2012.

Article Topics

biometrics  |  Canada  |  data privacy  |  regulation  |  time and attendance  |  workforce management