Skip to content

Brought to you by

Dentons logo

Privacy and Cybersecurity Law

Coverage and commentary on developments in data protection.

open menu close menu

Privacy and Cybersecurity Law

  • Home
  • About Us

Mark your calendars: Mandatory data-breach notification rules come into force November 1

By Privacy and Cybersecurity Group
April 4, 2018
  • Canada
  • Data Breach
  • Enforcement
  • New and Proposed Laws
Share on Facebook Share on Twitter Share via email Share on LinkedIn

The federal government released an Order in Council, dated March 26, 2018, announcing that the mandatory data-breach notification rules will come into force on November 1, on the recommendation of Navdeep Bains, Minister of Industry, Science and Economic Development.

After nearly three years, sections 10, 11, and 14, subsections 17(1) and (4) and sections 19 and 22 to 25 of the Digital Privacy Act, Chapter 32 will come into effect to amend the Personal Information Protection and Electronic Documents Act (PIPEDA). The federal government released the proposed breach reporting rules in September 2017 and advised at that time that the proposed regulations will be delayed coming into force after their publications, meant to “give regulated organizations time to adjust their policies and procedures accordingly and ensure that systems are in place to track and record all breaches of security safeguards that they experience.”

With the amendment, PIPEDA will contain provisions requiring organizations to notify affected individuals and organizations of breaches of security safeguards that create a real risk of significant harm and to report them to the Privacy Commissioner. It also creates offences in relation to the contravention of certain obligations respecting breaches of security safeguards. Among the changes, the new rules will also give the privacy commissioner the power to enter into a “compliance agreement” with an organization in certain circumstance to ensure the organization’s compliance with PIPEDA.

Stay tuned for further updates.

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Privacy and Cybersecurity Group

About Privacy and Cybersecurity Group

Our Privacy and Cybersecurity lawyers operate at the intersection of technology and law. We understand that data is one of your core assets, driving insights and enabling development of valuable new products and services. Our global Privacy and Cybersecurity group works across all sectors offering a full complement of counseling and advice, regulatory and litigation services.

All posts

RELATED POSTS

  • Data Breach
  • Employee Privacy
  • Government Information
  • Privacy Rights
  • United States

DHS Warns Congress On Mobile Device Security

By Peter Stockburger
  • Europe
  • New and Proposed Laws
  • Privacy Rights
  • United States

Privacy Politics at IAPP, Brussels!

The recent IAPP Congress in Brussels provided a platform to bring out the “big guns” on privacy.  Needless to say, […]

By Nick Graham
  • Canada
  • Privacy Rights

Driver’s Licence Information and Test Drives: Guidance from the Alberta Office of the Information Privacy Commissioner

By Privacy and Cybersecurity Group

About Dentons

Dentons is designed to be different. As the world’s largest law firm with 20,000 professionals in over 200 locations in more than 80 countries, we can help you grow, protect, operate and finance your business. Our polycentric and purpose-driven approach, together with our commitment to inclusion, diversity, equity and ESG, ensures we challenge the status quo to stay focused on what matters most to you. www.dentons.com

Dentons boilerplate image

Twitter

Categories

  • Accountability
  • Asia Pacific
  • Canada
  • Cloud Computing
  • Consumer Protection
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • Europe
  • General
  • Government Information
  • Health Information Privacy
  • Latin America
  • Marketing, Cookies & Spam
  • New and Proposed Laws
  • Privacy Notices
  • Privacy Rights
  • Record Retention
  • Smart Cities
  • United Kingdom
  • United States

Subscribe and stay updated

Receive our latest blog posts by email.

Stay in Touch

Dentons logo

© 2023 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site