Responding to a data security incident is as much art as science. Whatever size your organization and whatever risks you face, you should have a detailed incident response plan to guide the efforts of a defined incident response team…
Tag: Data Breach
Federal Privacy Commissioner Weighs In Against Sharing Details of Employee Discipline
In a recently released decision summary, the Office of the Privacy Commissioner of Canada (OPC) held that a bank acted properly in deciding not to tell the victim of unauthorized access precisely how it had punished its offending employee (Employee). The victim, the complainant in this case, was a neighbour of the Employee who happened…
Federal Government Consults on PIPEDA Data Breach Regulations
On March 4, 2016, the federal government posted Data Breach Notification and Reporting Regulations (Regulations) for public discussion. Amendments to the Personal Information Protection and Electronic Documents Act (PIPEDA) enacted by the Digital Privacy Act (Bill S-4) will, upon proclamation, require private sector organizations to notify the public in circumstances where security safeguards involving their…
Hicks Morley Information and Privacy Post – 2013
Dear Friends: It’s early October 2013, and here’s what’s on our minds. With great pleasure, we’ve released this year’s Information and Privacy Post – a review of 60 information management and privacy cases that caught our attention in the last year. We like the exercise of producing the Post because pulling together and organizing recent…
New Privacy Legislation in Manitoba
Organizations with operations in Manitoba need to be aware that the Manitoba Legislature has recently passed new privacy legislation that will apply to the private sector and, to a lesser degree, to the not-for-profit sector – The Personal Information Protection and Identity Theft Prevention Act (“PIPITPA” or the “Act”). PIPITPA will establish rules for the…
Reaching Out – Third Edition
Dear Friends, As we welcome back Spring, which finally seems to be taking hold, it presents an opportunity to do some spring cleaning and dust off common HR issues that bear review before we get too far into 2013. In the Spring edition of Reaching Out, Carolyn Cornford Greaves, an associate in our Toronto office…
The Science of Data Breach Prevention and the Art of Breach Response
Organizations should be paying close attention to data loss prevention and response in light of recent developments. Recent media frenzies over the loss of portable storage devices illustrate that individuals’ fears and perceptions can cause great pressure on organizations even when the risk of real harm to individuals is remote. In addition, the risk of…
Hicks Morley Information and Privacy Post – 2011/2012
Dear Friends: It’s late August 2012, and here’s what’s on our minds. Our Information and Privacy Post is back. This edition contains 61 case summaries relating to the protection of confidential business information, electronic evidence, freedom of information, privacy, privilege and production. It has been a remarkable year. Canadian privacy law, in particular, has made…
How the New Privacy Tort Will Affect Employers
On January 18th, 2012, the Court of Appeal for Ontario in Jones v. Tsige recognized a new “intrusion upon seclusion” civil cause of action. In this FTR Now, we describe the new cause of action (or “tort”) and identify its significance to employers. THE INTRUSION UPON SECLUSION TORT Under Ontario law it is now clear…