Starting November 1, 2018, companies governed by the Personal Information Protection and Electronic Documents Act (PIPEDA), will be required to report data breaches to affected customers, third parties and the federal Privacy Commissioner. The Office of the Privacy Commissioner (OPC) has prepared draft guidance in order to help businesses comply with these new mandatory breach reporting requirements.
PIPEDA’s Breach of Security Safeguards Regulations were published for consultation on September 2, 2017, as previously reported on in E-TIPS®, with the final version published in April 2018. In brief, these regulations require that an organization experiencing a data breach posing “a real risk of significant harm” to any individual whose personal information is involved:
Summary By: Jae Morris