First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Digital Privacy Act

Public Safety Canada calls for submissions on new national cybersecurity strategy

On August 16, 2016, Public Safety Canada (“PSC”) issued a consultation paper, launching a public consultation as part of PSC’s development of an updated national cybersecurity strategy. The consultation will close on October 15, 2016. Businesses may want to consider making submissions in respect of some key questions posed around possible regulation or standard-setting regarding Internet of Things and connected devices, certification for E-commerce activities, and information sharing (especially in respect of critical infrastructure).

 

, , , , , , , , , , , , , ,

New PIPEDA data breach regulations proposed

On March 9, 2016 the Department of Innovation, Science and Economic Development Canada released a discussion paper on the new data breach regulations being proposed. The Ministry is accepting public submissions until May 31, 2016 on the proposed Data Breach Notification and Reporting Regulations.

 

, , , , , , , , ,

Hackable Barbies, malicious POODLEs: PIPEDA compliance and the Internet of Things

She stands just under a foot tall, has a résumé that includes such storied accomplishments as astronaut, registered nurse, and Presidential candidate. Whether cropped or worn shoulder-length, her iconic blonde hair has been inspiring popular culture since well before Madonna. She’s owned more dream homes than most real estate magnates, and earlier last month Barbie tried out a brand new accessory that has been turning heads ever since—an AzureWave AW-CU300E 802.11 b/g/n WiFi Microcontroller Module.

 

, , , , , , , , , , ,

Businesses should re-evaluate approach to privacy with passage of Digital Privacy Act

The Digital Privacy Act (Bill S-4) passed into law, introducing (among other things) significant fines and mandatory breach notification (not yet in force) into the Personal Information Protection and Electronic Documents Act (PIPEDA). Organizations which handle personal information in the course of their commercial activities will want to undertake a review of their privacy policies […]

 

, , , , , , , ,

Cyber-insurance: What you need to know?

A question that I often get from clients is one about cyber-insurance. In light of the recent passing of Bill S-4, better known as the Digital Privacy Act, the Personal Information Protection and Electronic Act has now been amended to include mandatory breach notification provisions. While these mandatory breach notification provisions are not yet in force, it is a good time to review your cyber-insurance coverage.

 

, , , , , , , , , , , , , , , , , , , , , , , ,

Where does Canada stand on privacy?

Canada, like many countries, must answer a fundamental question: How does it achieve its law enforcement and national security objectives while also protecting and respecting the privacy rights of its citizens? “We hope the current administration and its privacy opponents can reach reasonable compromises that allow both groups to achieve their desired outcomes” Chris Stevens, CIPP/US, CIPP/C, CIPP/E, CIPP/G, CIPM, CIPT, and Steve Holland, CIPM, write. In this exclusive for The Privacy Advisor, they look at the high-stakes issues facing Canada’s quest to balance the two priorities and whether Privacy Commissioner Daniel Therrien is the right man to help it do so.

 

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,