Here at the university we are not allowed to ask people for their IRD number to get access to their record.
The power company would not be allowed to use my University student ID number to find someone in their records.
etc etc
My understanding though is that in the US anybody can use the social security number of a person as the identifier of that person in any database system.
*That* is what makes identity theft possible.
Nick Rout wrote:
yes but they are allowed to store it in their database.yeah yeah (there is an OT in the thread subject) :-/
I hold a number of client's ird numbers. for example when i put their funds on bank deposit, the bank needs to know the ird number, so resident withholding tax is deducted at the correct rate. I need to tell that to the bank, so the client needs to have told me.
I don't keep these numbers in my head. I store them in a database. the database has a specific field for it. I don't have a clue whether this fied is indexed, as i didn't write the database (which is part of an accounting/practice management system)
it is reasonable to have privacy laws. it is easy to bend them. an "agency" can use the information for the purpose for which it was
obtained. make that purpose wide enough and you can make wider use of
the information. *
* lawyers have tighter rules of client confidentiality than imposed by the privacy act anyway. these rules have always been in place.
OT now i think :-)
-- Zane Gilmore, Analyst / Programmer Information Services Section, Information Technology Dept, University of Canterbury - Te Whare Waananga o Waitaha Private Bag 4800, Christchurch New Zealand Phone +64-3-364 2987 extn 7895
