First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

privacy law

Privacy law: The Supreme Court of Canada’s Royal Bank of Canada v. Trang

The Supreme Court of Canada released a landmark decision giving important guidance on when personal financial information may be disclosed under Canada’s federal privacy law, the Personal Information Protection and Electronic Documents Act.

 

, , , , , ,

Adequacy of Canadian privacy law

Potential amendments could mean Canadian businesses receiving personal information from Europe will have more exposure to the differences in the data protection laws and enforcement regimes in the EU member states.

 

, , , , , ,

Privacy, privilege and wilfulness

On July 26th, 2016, the Supreme Court of British Columbia released an interesting decision that addresses questions regarding: (1) the scope of privilege that applies to work done by lawyers in relation to judicial proceedings; and (2) the interpretation of BC’s Privacy Act with respect to the requirements of “wilfulness”.

 

, , , , , , , , , , , ,

The hiring process: How to control risks

Recruiting and hiring new staff members is fraught with challenges. Which candidate has the right combination of skills for the job? Will she fit in with her new team members? Can he actually do the things he says he can? These questions are fundamental to effective hiring, but they don’t begin to consider the legal risks associated with the hiring process.

 

, , , , , , , , , , , ,

Cyber-insurance: What you need to know?

A question that I often get from clients is one about cyber-insurance. In light of the recent passing of Bill S-4, better known as the Digital Privacy Act, the Personal Information Protection and Electronic Act has now been amended to include mandatory breach notification provisions. While these mandatory breach notification provisions are not yet in force, it is a good time to review your cyber-insurance coverage.

 

, , , , , , , , , , , , , , , , , , , , , , , ,

Slaw: Adjudicator decides Legal Aid Society a not-for-profit subject to PIPA

On February 11, 2013, an adjudicator of the Alberta Office of the Information and Privacy Commissioner decided that Alberta’s Legal Aid Society is subject to the Personal Information Protection Act (PIPA), with consequences for all non-profit organizations that conduct activities with a commercial character. . .

 

, , , , , , , , , , , ,

Privacy practices for developing mobile applications (apps)

mobile-apps

Privacy practices, and all things mobile, are both hot topics these days. This is in part because mobile devices and apps are fun, cool, provide value, and are on the rise. They are used by professionals of all types, and people of most any age, including our youth. This however feeds the assumption that technology in general, including mobile devices and apps, is threatening the privacy rights of individuals.

 

, , , , , , , , , , , , , , , , , , , , , ,

Do you offer ‘paperless receipts’?

If you do, you should make sure you understand the privacy and personal information implications. CTV reports that some Canadian retailers are now offering their customers an “e-receipt”, which they can receive by email or access at dedicated websites. Sure, it’s a “green” option, and maybe more convenient for customers who want to track their purchases, but it requires the customer to provide an email address, which might allow retailers to “learn a lot about a customer’s preferences and buying habits”.

 

, , , , , , , , , , , ,