Reminder: Mandatory Data Breach Notification in Force on November 1, 2018

As we previously reported, as of November 1, 2018, the Personal Information Protection and Electronic Documents Act (PIPEDA) will require notification to affected individuals and the federal Office of the Privacy Commissioner (OPC) when a security incident involving personal information results in a “real risk of significant harm.” The supporting regulations published March 27, 2018…

PIPEDA Breach of Security Safeguards Regulations Published

Beginning November 1, 2018, the Personal Information Protection and Electronic Documents Act (PIPEDA) will require private sector organizations to provide notice to affected individuals and the federal Office of the Privacy Commissioner (OPC) when a security incident involving personal information results in a “real risk of significant harm.” The supporting regulations, Breach of Security Safeguards…

Mandatory Breach Notification Comes to Canada: What To Do About It

It’s been a long time coming, but we finally know that mandatory breach notification is coming to Canada. Beginning November 1, 2018, the Personal Information Protection and Electronic Documents Act (PIPEDA) will require notification to affected individuals and the federal Privacy Commissioner when a security incident involving personal information results in a “real risk of significant…

Proposed Data Breach Regulations Under PIPEDA Published

On September 2, 2017, the federal government published the proposed regulatory text of the Breach of Security Safeguards Regulations (Regulations) made under the Personal Information Protection and Electronic Documents Act (PIPEDA). Interested persons have been invited to make representations on the Regulations. As previously reported, amendments to the PIPEDA enacted by the Digital Privacy Act…

Guidance for Organizations Sharing Information for Investigation/Fraud Purposes Issued by OPC

The Office of the Privacy Commissioner of Canada (OPC) recently provided guidance on the new provisions of the Personal Information Protection and Electronic Documents Act (PIPEDA) that allow organizations to share information for investigation and fraud prevention purposes. The amendments, in force since 2015, give organizations significant flexibility to address cyber-crime and fraud by allowing…