Not exact matches
In addition to the
notification requirements under
privacy legislation, the organization could also have a broader legal duty under negligence law to notify an individual whose data has been
breached if that
breach could harm, or could materially increase the risk of harm to, that individual.
The Digital
Privacy Act amends the federal Personal Information and Protection of Electronic Documents Act (PIPEDA) to mandate a data
breach response that includes reporting,
notification and record - keeping
requirements.
Even though PIPEDA does not have mandatory data
breach notification requirements yet, the
privacy commissioner has always encouraged
notification if the
breach is significant and companies want to get ahead of the story by notifying relevant regulators before an individual makes a complaint or the media breaks the story — if only to better shape the narrative.
As we previously reported, the Digital
Privacy Act, which amended Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) to include a mandatory
breach notification requirement, became law nearly three years ago.
The Digital
Privacy Act amended the Personal Information Protection and Electronic Documents Act (Canada) to add
notification requirements for «
breaches of security safeguards», but we've all been anxiously awaiting regulations that will breathe life into the provisions.
The Government of Canada has announced that its proposed data
breach notification requirements pursuant to the Digital
Privacy Act (the «Act») will take effect on November 1, 2018.
In Europe, such concerns prompted the passing of the General Data Protection Regulation (GDPR) which will be enforced in May 2018 and that enacts legal
requirements for
privacy,
breach notifications, and more.