Canadian Personal Information Security Breach Obligations – Preparing for Compliance

Éloïse Gratton April 30, 2018

Commencing November 1, 2018, Canada’s federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) will require an organization that suffers a “breach of security safeguards” involving personal information under its control to keep prescribed records of the breach and, if the breach presents a “real risk of significant harm to an individual”, to promptly report the breach to the Privacy Commissioner and give notice of the breach to affected individuals and certain other organizations and government institutions.

Preparing for compliance with the personal information security breach obligations may require significant effort, time and expense. Canadian organizations should now be taking steps to prepare for compliance.

To read our bulletin on this topic. click here.

This content has been updated on May 4, 2018 at 23 h 11 min.

Éloïse Gratton

Privacy & Data Protection Law

Canadian Personal Information Security Breach Obligations – Preparing for Compliance

Data governance and privacy risks in Canada: A checklist for boards and c-suite

An Update on New Québec Confidentiality Incidents and Record-Keeping Requirements

The inside scoop on how to become a privacy lawyer: 10 tips from the top

Preparing for the Privacy Reform in Canada

Getting Ready for Québec’s New Privacy Law in 2023 (Part 1): Using what we know so far

Getting Ready for Quebec’s New Privacy Law in 2023 (Part 2): Navigating uncertainty in the Law

Une fugitive recherchée depuis 30 ans, capturée à Berlin grâce à la reconnaissance faciale

CBC Windsor Morning Radio Show

La Cour suprême vient compliquer les cyberenquêtes

Une fugitive capturée à Berlin grâce à la reconnaissance faciale

Aide-mémoire en matière de protection de la vie privée et de sécurité des renseignements personnels

Lucky 7 data privacy and security cheat sheet