And so it begins. Effective November 1st in Canada, breach readiness takes on a whole new meaning. New regulations regarding mandatory notification, reporting and record keeping of privacy breaches under Canada’s federal data protection law, the Personal Information Protection and Electronic Documents Act (PIPEDA) come into effect. In addition to details on record keeping in relation to breaches, the new regulations will detail:
- What breaches require notification?
- Who needs to be notified of the breach?
- When notification needs to happen?
- How the notification needs to be delivered?
These changes will present new risks, costs, and challenges for organizations including: incident response, compliance, legal risk management and additional liability and regulatory exposures. Are you ready?