Data governance and privacy risks in Canada: A checklist for boards and c-suite

Privacy compliance and cyber risks are hot issues for the c-suite and board of directors, and for good reason. Under Canadian law, corporate directors are responsible for their corporation’s business, including risk identification and management activities, and are required to demonstrate a duty of care. And regulators aren’t the only ones watching. Cybersecurity was the second-highest environmental, social and governance (ESG) concern cited by institutional investors and consultants in a 2021 RBC report, and proxy advisors routinely rate companies on their cyber and privacy practices under the governance category of ESG scoring.

If you are a senior leader, what are the new data privacy risks that should be on your radar? And how should you exercise your duty of care when it comes to these risks so you keep both regulators and investors happy?

My recent article shares four privacy risks every director and officer should be aware of, then offers an 11-point checklist with key recommendations for data governance and privacy, with a special focus on Canada.

You can read my article available on BLG’s website.

This content has been updated on November 2, 2022 at 11 h 00 min.