First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Privacy Compliance and Management

Working together works: Ontario Securities Commission approves reduced sanction for insider tipper who cooperated with investigation

The OSC recently approved a settlement agreement in which the respondent admitted to providing material non-public information to a third party. The order in Re Hutchinson, which did not include an administrative penalty or disgorgement of profits, was held to be in the public interest given the respondent’s cooperation and other mitigating factors.

 

, , , , , , , , , , , , , ,

514-BILLETS gets billed by the CRTC for CASL violations

This case reminds organizations that CASL applies to any form of CEM, even text messages, used to promote products and services, and that the CRTC is actively monitoring and responding to complaints involving different types of CEMs.

 

, , , , , , , , , ,

An idea to help drive effective risk management

We want all decision-makers to consider all the potential consequences of their decision (in fact, all the potential consequences for each option on the table) before making an informed and intelligent judgment. What if the quality of decision-making was a significant factor in assessing performance? Thus affecting compensation and career progression. This idea could help drive effective risk management.

 

, , , , , , , ,

Guidance on recording of customer telephone calls updated

The Office of the Privacy Commissioner of Canada recently updated its information and guidance on recording of customer telephone calls to bring it up to date, make it web-friendly and responsive for user feedback.

 

, , , , , , , , ,

10 top ways to be a wildly effective compliance officer

Competition law

To be wildly effective, compliance officers should have a positive working relationship with the other functions in the business, especially Legal, Audit and Human Resources.

 

, , , ,

It’s official: Mandatory data breach notification coming on November 1, 2018

The coming into force of mandatory breach notification and record-keeping requirements on November 1, 2018 should be viewed by organizations as an effort to align Canadian legal and regulatory requirements with those in the United States and Europe (especially with the General Data Protection Regulations – or GDPR – coming into force in May 2018).

 

, , , , , ,

Rejected job applicants obtain disclosure of application records under privacy law

PIPA governs how private organizations handle personal information and creates rules regarding its collection, use, and disclosure. Section 23(1)(a) of PIPA gives individuals the right to access their personal information that is under the control of an organization.

 

, , , , ,

A step-by-step guide to creating a cybersecurity plan

The first step is easily accomplished by reviewing a few definitions. The second step is trickier. The third step may involve a lot of work, but you can start with six straightforward steps.

 

, , , , , , , , , , , , ,

Privacy damages awarded for commercial use of a person’s image in a public setting

Organizations which use images for commercial purposes would be wise to seek the consent of all persons appearing in such images, even where the images are made in a public setting.

 

, , , , , ,

Artificial intelligence: The year in review

The regulatory landscape impacting AI continues to evolve both domestically and abroad. As we begin the new year, we pause to reflect on some of 2017’s most notable developments in AI and prepare for new trends to watch out for in 2018.

 

, , , , ,

Whistleblower protection: Employers need to create a speak-up environment

It is incumbent on Canadian employers to take whatever steps they can to implement systems that would allow whistleblowers to step forward without fear, and speak-up without punishment.

 

, , , , , , , , ,

Technology law highlights: 2017 Year in Review

Here, in no particular order, are some of the year’s highlights as chronicled by McCarthy Tétrault’s bloggers:

 

, , , , , ,

Artificial intelligence and the protection of personal information in Canada: The priority for 2018

“When I look at myself, I am discouraged, when I compare myself to others, I panic…” This distorted saying summarizes the interactions in 2017 between artificial intelligence (AI) and personal information. While the number of AI projects and successes continues to mount in Canada, especially in Montréal, discussions on “the after” remain embryonic: how can […]

 

, ,

Keeping an eye on employees – Guidance from BC’s Office of the Information and Privacy Commissioner

If you decide that you need to keep an eye on your employees, you’ll want to take into consideration this guidance from BC’s Office of the Information and Privacy Commissioner. As technology becomes more inexpensive, accessible and ubiquitous, we are seeing an increase in employers’ use of surveillance tools. While workplace monitoring has its benefits, […]

 

, , , ,

Canadian Competition Bureau releases final fintech report

The Bureau’s final fintech report is intended as guidance for financial services sector regulators and policymakers. The following are the key takeaways, which were covered in more detail when the draft report was issued.

 

, , , ,

Previous Posts