First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

privacy breach

Privacy damages awarded for commercial use of a person’s image in a public setting

Organizations which use images for commercial purposes would be wise to seek the consent of all persons appearing in such images, even where the images are made in a public setting.


, , , , , ,

Mitigate the risks associated with IT systems acquisition

Any organization which acquires IT systems must do so carefully. Among other reasons, systems may be costly, they may be critical to business operations, and they may create significant risks (for example a risk of security breaches). The following suggestions will help to mitigate some of the risks associated with IT systems acquisition:


, , , , , , , , , , ,

Hospital privacy breach results in OSC laying charges

The Ontario Securities Commission has announced a series of criminal and quasi-criminal charges following an investigation related to the misuse of confidential patient information from the Rouge Valley Health System and the Scarborough Hospital.


, , , , , , ,

Amendments to PIPEDA disappoint privacy watchdogs

On May 29, the federal government introduced Bill C-29, the Safeguarding Canadians’ Personal Information Act, which makes substantial changes to the Personal Information Protection and Electronic Documents Act (PIPEDA). The Bill had been in development for several years, and one of its primary objectives was to address a significant gap in PIPEDA, the issue of mandatory disclosure of “material” breaches of personal information by the companies or organizations responsible.


, , , , , , , , , , , , , , , , ,

When did privacy become such a huge issue?

I guess you’ve heard about some of the privacy breaches of the past few years. You know, the one where a major Canadian bank faxed personal information on thousands of customers to two random businesses in West Virginia and Quebec, or where the public officials left work laptops or memory keys unattended with unencrypted private data on citizens and they were stolen, and on and on. What’s happening? Why are these accidents popping up so frequently now?


, , ,