Most churches collect and use personal information in the course of their ministry. Documents which might include personal identifiable information includes baptismal, marriage and burial (private cemetery) records. Once these types of records are created, they must be retained for legal purposes. Other types of records, which are generated only to fulfil immediate tasks, such as developing mailing lists, may not need to be kept in the same form or length.
It is important, regardless of the purpose or use, to be able to identify which documents contain personal information and how the information should be used in order to best protect the people’s privacy. This endeavour should never be seen as a hindrance, but rather a commitment to protect and respect others.
Rustruct Consulting’s golden rule is: Treat the personal information under your control, as you would want someone to treat your information under their control/custodianship.
Some churches have implemented Privacy Standards Policy, which we strongly suggest doing. The Policy should speak to the collection, use, management, retention, protection, disclosure, and disposition of personal information held at church office locations. Provincial and Federal legislation should be consulted when creating Policy. This includes, but is not limited to, the federal Personal Information Protection and Electronic Documents Act (PIPEDA) (2000, c.5).
What is considered Personal Identifiable Information?
Personal Identifiable Information includes:
- Individuals home address and phone number
- Race, national or ethnic origin
- Sexual orientation
- Marital status
- Mental or physical disability
- Family member’s names
- Social status
- Employee files, including evaluations, disciplinary actions, existence of a dispute and related opinions.
- Income, credit, and bank records
- Donation Information
- Loan Records
- Medical Records
Personal Information does not include:
- Name, job title, business address, and contact information
- Information that could otherwise be found publicly ie: phonebook, published obituaries
Church records that contain, or may contain, personal information:
- Baptismal, marriage, and burial records
- Employee records (ministry personnel and lay employees)
- Pension and benefits records
- Directories and mailing lists of church members, committees, and church groups
- Stewardship and donor information
- Records of committees that focus on personal and pastoral relations
- Records of disputes, hearings and commissions
Use of Personal Information
Each record containing Personal Information can only be used for the purposes for which they were created. A good example comes from the United Church: Employees of the United Church provide their emergency contact information so they can be reached in case of emergency. The contact information can not then subsequently be used to generate a mailing list for stewardship campaigns because the information was not collected for that use or purpose.
Fun Fact: Personnel records are restricted for 100 years from date of birth.
Source: www.unitedchurcharchives.ca ‘Handbook Privacy Issues Recordkeeping’
Produced by The United Church of Canada Archives Network Revised October 2019