#CyberFLASH: Privacy Commissioner’s office weighs in on proposed data breach regulations

1297658073661_ORIGINALCanadian businesses that fall victim to data breaches will soon be required to notify users that their personal data has been compromised, if Canada’s privacy commissioner has his way.

The commissioner’s office recently submitted an official response to the Ministry of Innovation, Science and Economic Development regarding the new data breach notification and reporting regulations proposed for the Personal Information Protection and Electronic Documents Act (PIPEDA).

In the June 10 document, Barbara Bucknell, the director of policy and research for the privacy commissioner’s office, wrote that “during his appearance before the House of Commons Standing Committee on Industry, Science and Technology (INDU), Privacy Commissioner Daniel Therrien expressed support for the new measures, indicating that mandatory breach notification will bring enhanced transparency and accountability to the way private sector organizations manage personal information.”

While the amendment’s final version has not yet been publicly released and will require government approval to become law, a draft version has been posted online since March, and companies and users alike were invited to comment until May 31.

Of course, the commissioner’s office had a few thoughts of its own regarding five key elements of the proposed regulations, and the companies facing the brunt of its impact might want to take note of them.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.