First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

privacy breach

Mitigate the risks associated with IT systems acquisition

Any organization which acquires IT systems must do so carefully. Among other reasons, systems may be costly, they may be critical to business operations, and they may create significant risks (for example a risk of security breaches). The following suggestions will help to mitigate some of the risks associated with IT systems acquisition:

 

, , , , , , , , , , ,

Hospital privacy breach results in OSC laying charges

The Ontario Securities Commission has announced a series of criminal and quasi-criminal charges following an investigation related to the misuse of confidential patient information from the Rouge Valley Health System and the Scarborough Hospital.

 

, , , , , , ,

Amendments to PIPEDA disappoint privacy watchdogs

On May 29, the federal government introduced Bill C-29, the Safeguarding Canadians’ Personal Information Act, which makes substantial changes to the Personal Information Protection and Electronic Documents Act (PIPEDA). The Bill had been in development for several years, and one of its primary objectives was to address a significant gap in PIPEDA, the issue of mandatory disclosure of “material” breaches of personal information by the companies or organizations responsible.

 

, , , , , , , , , , , , , , , , ,

When did privacy become such a huge issue?

I guess you’ve heard about some of the privacy breaches of the past few years. You know, the one where a major Canadian bank faxed personal information on thousands of customers to two random businesses in West Virginia and Quebec, or where the public officials left work laptops or memory keys unattended with unencrypted private data on citizens and they were stolen, and on and on. What’s happening? Why are these accidents popping up so frequently now?

 

, , ,