Digital Privacy Act: Canada’s Data Breach Notifications Rules

With each passing year, malicious cyber events increase in size and severity, impacting companies and customers alike. Small and medium-sized businesses are common victims of hackers, as their security measures tend to be easier to crack. However, even global organizations like Yahoo, eBay and Target that have invested substantial sums into cyber security programs are not immune from the threat of a data breach.

In 2016 alone, more than 1.3 billion records were lost or stolen worldwide, with Northern America

Federal Data Breach Regulations Take Effect Nov. 1, 2018

Starting Nov. 1, 2018, Canada’s federal Personal Information Protection and Electronic Documents Act (PIPEDA) will require organizations that suffer a data breach involving personal information to:

    1. Report the breach to the Privacy Commissioner of Canada.
    2. Give notice of the breach to affected individuals.
    3. Maintain records of data breaches that affect personal information

In order to avoid fines and penalties, organizations will need to understand the basic requirements of PIPEDA.

Learn more and