Ottawa’s draft PIPEDA amendments highlight the importance of security safeguards

Canadian Lawyer Online - IT Girl Column
 

It’s been a long wait. More than two years have passed since Ottawa amended Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act, by enacting Bill S-4, the Digital Privacy Act, to establish mandatory data breach reporting requirements. Yet, ss. 10.1 through 10.3, the provisions outlining the obligations for breach reporting and notification, still are not in force pending the creation of necessary regulations. On Sept. 2, the Department of Industry finally revealed the proposed Breach of Security Safeguards Regulations, along with a Regulatory Impact Analysis Statement, which can be found in the Canada Gazette. The proposed regulations will come into force at the same time as s. 10 of the Digital Privacy Act and are open for comments from interested parties for a period of 30 days.

Read More