PIPEDA Breach of Security Safeguards Regulations Published

Beginning November 1, 2018, the Personal Information Protection and Electronic Documents Act (PIPEDA) will require private sector organizations to provide notice to affected individuals and the federal Office of the Privacy Commissioner (OPC) when a security incident involving personal information results in a “real risk of significant harm.” The supporting regulations, Breach of Security Safeguards…

Mandatory Breach Notification Comes to Canada: What To Do About It

It’s been a long time coming, but we finally know that mandatory breach notification is coming to Canada. Beginning November 1, 2018, the Personal Information Protection and Electronic Documents Act (PIPEDA) will require notification to affected individuals and the federal Privacy Commissioner when a security incident involving personal information results in a “real risk of significant…

2018 Ottawa Client Conference / Conférence pour clients 2018

**Please note this session is full. Lead with Knowledge Change is a constant in the human resources world: ongoing developments in the law, whether through new legislation or the courts, and the rapid evolution of best practices create a fast-paced learning environment for human resources professionals. Recent examples of such changes are in the areas of…

Daniel Michaluk Quoted in The Lawyer’s Daily on Ottawa Releasing Proposed Regulations on Data Breach Notifications

The Lawyer’s Daily quoted Hicks Morley’s Daniel Michaluk in a September 14, 2017 article titled “Ottawa releases proposed regulations on data breach notifications.” The article explores how private sector organizations following federal privacy law will have to provide breach notifications to customers and the privacy commissioner where it is reasonable to believe that the breach creates a “real risk of significant harm”.

Proposed Data Breach Regulations Under PIPEDA Published

On September 2, 2017, the federal government published the proposed regulatory text of the Breach of Security Safeguards Regulations (Regulations) made under the Personal Information Protection and Electronic Documents Act (PIPEDA). Interested persons have been invited to make representations on the Regulations. As previously reported, amendments to the PIPEDA enacted by the Digital Privacy Act…

Ten Incident Response Tips – Part 1

Responding to a data security incident is as much art as science. Whatever size your organization and whatever risks you face, you should have a detailed incident response plan to guide the efforts of a defined incident response team…