On November 1, 2018, as previously reported on in the E-TIPS® newsletter, the Personal Information Protection and Electronic Documents Act (PIPEDA)’s amendments establishing mandatory data breach reporting obligations set out in Division 1.1 of the statute come into effect.
The Office of the Privacy Commissioner of Canada (OPC) has published guidance to help businesses comply with the new requirements as well as a new reporting form to report privacy breaches. The final version of the guidance was developed following a public consultation through which the OPC received submissions from various sectors on a draft version.
Under the new regulations organizations subject to PIPEDA must:
For more information, please see the OPC’s news release announcing the new data breach reporting requirements.
Summary By: Jae Morris
Disclaimer: This Newsletter is intended to provide readers with general information on legal developments in the areas of e-commerce, information technology and intellectual property. It is not intended to be a complete statement of the law, nor is it intended to provide legal advice. No person should act or rely upon the information contained in this newsletter without seeking legal advice.
E-TIPS is a registered trade-mark of Deeth Williams Wall LLP.