canadian_banner

    Public Comments Sought on Canada’s Data Breach Notification Regulations

    Apr 13, 2016

    Innovation, Science and Economic Development Canada (ISED) on March 4 released a Notice of Consultation to solicit input and views on how the government of Canada should design data breach regulations related to the Personal Information Protection and Electronic Documents Act (PIPEDA), which was adopted in June 2015.

    ISED also released a discussion paper which outlines each area where the government has the authority to make regulations and invites stakeholders to respond to specific questions pertaining to key issues in each area. The public comment period will end on May 31, 2016.

    PIPEDA establishes ground rules for how organizations may collect, use, or disclose personal information. It requires organizations to keep a record of all data breaches, including those that don't meet mandatory reporting requirements, and to report all breaches to the Office of the Privacy Commissioner on request. It also gives individuals the right to access and request correction of the personal information collected about them.

    The discussion paper requests input on 26 questions covering the following areas of pending regulation: 1) Determining real risk of significant harm; 2) Form and content of reporting to the commissioner; 3) Content, form, and manner of notifying individuals; 4) Notifying other organizations; and 5) Recordkeeping.

    According to the discussion paper, following the consultation, the government is expected to publish draft regulations for public comment, and final regulations will be published after input is received on the draft regulations.

     This monthly advisory contains brief summaries of recent legislative and regulatory issues that may affect the management of records and information in Canada.

     Want to sign up to receive an e-mail version of the Canadian Policy Brief? It's free! Just tell us a little about yourself and you'll receive a monthly dose of the latest in legislation, regulation, and more.

     

     

    © 2017, ARMA International