Canada's Privacy Breach Notification Requirements Coming into Force
Canada’s Privacy Breach Notification Requirements Coming into Force
The provisions of Canada’s Digital Privacy Act dealing with privacy breach notification and breach record keeping (the “Provisions”) will come into force on November 1, 2018. Once in force, these Provisions will constitute a major change to Canada’s privacy law. For unknown reasons, the federal government made this announcement without fanfare or even a government press release.
The Digital Privacy Act was enacted in 2015, but the Provisions remained in limbo, not having been brought into force with the balance of the statute.
Summary of Provisions
In summary, the Provisions address several subjects:
Breach Notification
- Each organization will be required to report to the Privacy Commissioner of Canada any breach of security safeguards involving personal information under its control, if it is reasonable in the circumstances to believe the breach creates a real risk of significant harm to an individual.
- If this same test is met and unless otherwise prohibited by law, an organization will be required to notify an individual of any breach of security safeguards involving the individual’s personal information under the organization’s control.
- If an individual must be given such notice, the organization will also have to notify any other organization or government of the breach if the notifying organization believes the other organization or government may be able to reduce the risk of harm that could result from the breach or mitigate that harm.
- The form and content of such notices are to be prescribed in future regulations.
- These notifications must be given as soon as feasible after the organization determines the breach has occurred. The Canadian statute does not name a specific timeline, unlike the new European privacy regulation due to come into effect in May 2018.
Breach Record Keeping
- An organization will be required to keep and maintain a record of every breach of security safeguards involving personal information under its control, in accordance with regulations to be released in the future. Importantly, a record of all such breaches of security safeguards involving personal information will have to be made, not only those where there is a real risk of significant harm to an individual.
Whistleblowing
- Enhanced whistleblowing provisions will apply.
Authors
Insights
-
Banking and Financial Services
Practical Law The Journal - Canadian Interest Rate Transition from CDOR to CORRA
The article, “Canadian Interest Rate Transition from CDOR to CORRA” authored by Michael Bertrand, has been republished in Practical Law The Journal, December 2024 Year in Review Issue.The article… -
Financial Services Regulatory
FINTRAC Advisory Concerning Financial Transactions Related to High-Risk Countries Identified by the FATF
On November 18, 2024, the Financial Transactions and Reports Analysis Centre (FINTRAC) issued an updated advisory (the “Advisory”) concerning financial transactions related to countries identified by… -
Acquisition Finance
In-Depth: Acquisition and Leveraged Finance - Edition 11 - Canada
David Nadler, David Wiseman, Dan Dedic, Caroline Descours, Cathy Costa-Faria, Chris Baxter and Zhiyao Chen have co-authored the Canada Chapter in Lexology's In-Depth: Acquisition and… -
Banking and Financial Services
Canadian Securities Regulators Publish Temporary Exemptions For Derivatives Data Reporting Requirements
On October 31, 2024, the Canadian Securities Administrators (CSA) introduced temporary relief from certain derivative data reporting requirements under the Trade Reporting Rules identified… -
Banking and Financial Services
OSFI Releases Annual Report For Fiscal Year 2023 – 2024
On October 15, 2024, the Office of the Superintendent of Financial Institutions (OSFI) published its annual report for the fiscal year from April 1, 2023 to March 31, 2024 (the “Annual Report”), which… -
Capital Markets
Canadian Securities Administrators Further Extend Compliance Deadline in Interim Approach to Value-Referenced Crypto Assets
On September 26, 2024, the CSA provided a further update for crypto asset trading platforms (CTPs) that are registered, or that have provided a pre-registration undertaking (PRU), on the interim…
Featured Work
-
Capital Markets
Northwest Healthcare Properties Real Estate Investment Trust announces inaugural unsecured debentures offering
Goodmans LLP advised Northwest Healthcare Properties REIT in connection with a private placement offering of $500 million aggregate principal amount of senior unsecured debentures of the REIT in two… -
Mergers and Acquisitions
Apotex acquires CanPrev
Goodmans LLP acted for Apotex Inc. in connection with its acquisition of CanPrev, a leading Canadian provider of vitamins, supplements, and other natural health products… -
Restructuring
Comark Group’s restructuring proceedings
Goodmans LLP is counsel for Alvarez & Marsal Canada Inc. in its capacity as court-appointed monitor in the recognition proceedings of Comark Group under the Companies’ Creditors Arrangement Act… -
Mining
Coeur Mining, Inc. acquires SilverCrest Metals Inc. at an implied equity value of approximately US$1.7 billion
Goodmans LLP acted as Canadian counsel to Coeur Mining, Inc. in connection with its acquisition of SilverCrest Metals Inc., whereby pursuant to a plan of arrangement Coeur acquired all of the issued… -
Banking and Financial Services
Majority interest in Vault Credit Corporation and Vault Home Credit Corporation sold for $60 Million to HB Leaseco affiliate
Goodmans LLP represented Vault Credit Corporation and Vault Home Credit Corporation in the sale of Chesswood Group Limited's entire interest in Vault to an affiliate of HB Leaseco Holdings Inc., in… -
Restructuring
Contract Pharmaceuticals CCAA proceedings and sale to Aterian Investment Partners
Goodmans LLP acted as counsel to Contract Pharmaceuticals Limited and its affiliates in connection with their CCAA proceedings and other restructuring…
News & Events
-
Banking and Financial Services
Chambers and Partners Once Again Honours Goodmans with Global Recognition
We are proud to announce Goodmans LLP continues to receive top-tier recognition from Chambers and Partners in the Chambers Global 2025 Guide released today.Recognition from Chambers and Partners is… -
Banking and Financial Services
Goodmans Featured in the 2025 Lexpert's Leading 500 Cross-Border Lawyers: A Guide to Doing Business in Canada
We are pleased to announce that Lexpert's Leading 500 Cross-Border Lawyers: A Guide to Doing Business in Canada once again recognizes Goodmans in their 2025 Guide.The Lexpert 500, produced in… -
Banking and Financial Services
IFLR1000 2024 Recognizes Goodmans Lawyers and Practices
We are proud to announce Goodmans continues to be recognized by IFLR1000 in its annual guide.Recognition in IFLR1000 is based on a combination of in-depth qualitative research and direct client…