First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Personal Information Protection and Electronic Documents Act

New PIPEDA data breach regulations proposed

On March 9, 2016 the Department of Innovation, Science and Economic Development Canada released a discussion paper on the new data breach regulations being proposed. The Ministry is accepting public submissions until May 31, 2016 on the proposed Data Breach Notification and Reporting Regulations.

 

, , , , , , , , ,

Ransomware threat to Canadian businesses broadens

Recent hacker attacks — including the first successful attack on an Apple computer, and several attacks on U.S. and Canadian hospitals — have reminded Canadian businesses of the need to be vigilant about the danger posed by ransomware.

 

, , , , , , , , , , , , , , ,

Hackable Barbies, malicious POODLEs: PIPEDA compliance and the Internet of Things

She stands just under a foot tall, has a résumé that includes such storied accomplishments as astronaut, registered nurse, and Presidential candidate. Whether cropped or worn shoulder-length, her iconic blonde hair has been inspiring popular culture since well before Madonna. She’s owned more dream homes than most real estate magnates, and earlier last month Barbie tried out a brand new accessory that has been turning heads ever since—an AzureWave AW-CU300E 802.11 b/g/n WiFi Microcontroller Module.

 

, , , , , , , , , , ,

Federal Court affirms strict compliance with PIPEDA for employers

The Federal Court recently underscored the importance of compliance with the requirements of the Personal Information Protection and Electronic Documents Act (PIPEDA) in a decision that applies only to federal works and undertakings subject to the Act.

 

, , , , , , , , , ,

Businesses should re-evaluate approach to privacy with passage of Digital Privacy Act

The Digital Privacy Act (Bill S-4) passed into law, introducing (among other things) significant fines and mandatory breach notification (not yet in force) into the Personal Information Protection and Electronic Documents Act (PIPEDA). Organizations which handle personal information in the course of their commercial activities will want to undertake a review of their privacy policies […]

 

, , , , , , , ,

Lessons from the Saanich spyware fiasco and new privacy laws to be aware of

In our current information age, security over electronic information and protection against unauthorized access is foundational to employers’ businesses. To guard against endlessly multiplying electronic threats, employers must resort to electronic means and, understandably, often resort to broad and comprehensive software to protect their operations. However, the situation involving the District of Saanich earlier this year is a good reminder to all B.C. employers that cyber-protection cannot be used at the expense of employees’ privacy.

 

, , , , , , , , , , , , , ,

CASL “take 2”: New provisions coming for January 2015

Author: Xavier Beauchamp-Tremblay, Norton Rose Fulbright LLP The entry into force of the first group of provisions of Canada’s anti-spam act [1] (CASL) on July 1, 2014, (the Spam Provisions) generated considerable attention. Now that businesses have (hopefully) determined and deployed their compliance strategy for the Spam Provisions, another set of articles from CASL is […]

 

, , , , , , , , , , , , , , , , , , , , , , , , , , ,

Marketing compliance news

E-commerce offers tremendous opportunities for non-profits. Large advertising budgets are no longer necessary to reach a broad audience. Volunteers can be more easily coordinated, charitable receipts issued relatively inexpensively, special events registration managed with far less human intervention required. This is all good news for non-profits. But along with this new e-reality have come new e-headaches.

 

, , , , , , , , , , , , , , , , , , , , ,

Business guidelines on how to destroy personal information

Organizations collect more and more personal data these days—from customers and employees. With all of this new data in their hands, organizations may be tempted to hold onto it without an express purpose, or they may be unsure what to do with it once it has served its original purpose.

 

, , , , , , , , , , , , , , , , , , ,

Where does Canada stand on privacy?

Canada, like many countries, must answer a fundamental question: How does it achieve its law enforcement and national security objectives while also protecting and respecting the privacy rights of its citizens? “We hope the current administration and its privacy opponents can reach reasonable compromises that allow both groups to achieve their desired outcomes” Chris Stevens, CIPP/US, CIPP/C, CIPP/E, CIPP/G, CIPM, CIPT, and Steve Holland, CIPM, write. In this exclusive for The Privacy Advisor, they look at the high-stakes issues facing Canada’s quest to balance the two priorities and whether Privacy Commissioner Daniel Therrien is the right man to help it do so.

 

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

New anti-spam legislation could bolster Canadian privacy commissioner’s call for greater PIPEDA enforcement powers

Canada’s new anti-spam legislation comes into effect later this year, and it packs a punch—fines of up to $10 million per violation for companies and up to $1 million per violation for individuals. The government was clearly prepared to give regulators substantial teeth to both encourage compliance and punish non-compliance.

 

, , , , , , , , , , , , , , , , , , , , , ,

Industry Canada announces effective dates of anti-spam legislation

After three years of waiting, Industry Canada has finalized the Electronic Commerce Protection Regulations and set a date for Canada’s anti-spam legislation to come into force. Canada’s anti-spam legislation will be phased in over four years starting July 1, 2014—seven short months from now.

 

, , , , , , , , , , , , , , , , , , , , , , , , ,

The Privacy Commissioner’s case for reforming PIPEDA

With 10 years of experience as Privacy Commissioner of Canada behind her, and her term reaching its end, Jennifer Stoddart has released a report titled “The Case for Reforming the Personal Information Protection and Electronic Documents Act” which describes how to modernize Canada’s private-sector privacy legislation to ensure it is able to meet the current and future challenges of the digital age and protect Canadians’ right to privacy.

 

, , , , , , , , , , , , , , , , , , , ,

The control of the personal data ecosystem belongs to the individual

A recent release from the Information and Privacy Commissioner of Ontario on the Personal Data Ecosystem praises organizations taking initiatives to integrate the socio-economic benefits of personal information while maintaining privacy and confidentiality. The Commissioner, Dr. Cavoukian, also co-authored a paper with researchers from the United States and the United Kingdom that delineates the systems […]

 

, , , , , , , , , , , , , , , ,

Previous Posts Next posts