Office of Privacy Commissioner Says It’s Status Quo on Consent Requirements for Data Processing Transfers

By Ann Henderson (CA), Julie Himo (CA), John Cassell (CA) & Alexis Kerr (CA)

October 1, 2019

On September 23, the Office of the Privacy Commissioner of Canada (OPC) announced, following consultation with stakeholders, that it will maintain the position set out in its 2009 guidelines that an organization’s transfer of personal information to a third party for processing, including a transfer across the Canadian border, is a “use” of that personal information, and not a disclosure that requires separate consent. This announcement brings at least temporary clarity to an issue…

Data Protection Report

Canada’s Mandatory Privacy Breach Reporting Requirements coming into force November 1, 2018

By Ryan Berger (CA), Julie Himo (CA) & John Cassell (CA)

April 10, 2018

iStock_000006975570_Large Canada Canadian Flag Country International Building Reflective — Data breach regulations proposed in Canada

Starting on November 1, organizations across Canada subject to the Personal Information Protection and Electronic Documents Act (PIPEDA) will be required to provide notice of certain privacy breaches. The breach reporting requirements relate to a “breach of security safeguards,” which is defined in PIPEDA as: the loss of, unauthorized access to or unauthorized disclosure of personal information resulting from a breach of an organization’s security safeguards, or from a failure to establish those safeguards. If…

Data Protection Report

Draft mandatory data breach reporting regulations released for comment in Canada

By Ryan Berger (CA), John Cassell (CA), Caroline Deschênes (CA) & Sharissa Ellyn

September 20, 2017

On September 2, 2017, the Government of Canada published proposed new data breach regulations in the Canada Gazette. These regulations set out specifics regarding the mandatory data breach reporting requirements under the Personal Information Protection and Electronic Documents Act. The PIPEDA Amendments were passed in June, 2015 but are not yet in force. Overview The Regulations set out the proposed requirements for the reporting of data breaches of security safeguards (each, a Breach). Under the…

John Cassell (CA)

Office of Privacy Commissioner Says It’s Status Quo on Consent Requirements for Data Processing Transfers

Canada’s Mandatory Privacy Breach Reporting Requirements coming into force November 1, 2018

Draft mandatory data breach reporting regulations released for comment in Canada

Stay Connected

Company

Support

New to the Network