Time to update your data privacy and security to align with tough new legislation.
Amid a pandemic that is accelerating digital transformation and increasing instances of cyber attacks and breaches, the federal government has introduced Bill C-11, the Digital Charter Implementation Act, to overhaul Canada’s federal data privacy law.
This bill aims to repeal the privacy provisions of the Personal Information Protection and Electronic Documents Act (PIPEDA) and introduce new obligations for organizations in the private sector. It will also provide individuals with greater control over their personal information.
The Bill also proposes to create a new privacy statute, the Consumer Privacy Protection Act (CPPA), as well as a new administrative tribunal, the Personal Information and Data Protection Tribunal.
When the legislation is approved, any company that collects and shares the personal information of customers and employees will have to comply or risk serious penalties.
This bill is similar to many that are being introduced in provinces across Canada and in many other countries to update and bring data privacy legislation in line with the European Union’s General Data Protection Regulation (GDPR) – currently the toughest privacy and security law in the world.
British Columbia, Ontario and Quebec recently proposed privacy legislation updates. And, and on November 3, the California Privacy Rights and Enforcement Act (CPRA), which will strengthen privacy rights in that state, was approved.
As Canadians increasingly rely on technology, we need a system where they know how their data is used and where they have control over how it is handled. For Canada to succeed, and for our companies to be able to innovate in this new reality, we need a system founded on trust with clear rules and enforcement. This legislation represents an important step towards achieving this goal.
– The Honourable Navdeep Bains, Minister of Innovation, Science and Industry
Bill C-11 introduces extensive new regulations and requirements that business leaders will need to address. Following are some of the key provisions.
There are many more requirements with which private-sector organizations will have to comply.
Now is the time to review and update your data privacy and security framework to ensure it aligns with this expansive legislation – and protects your competitive advantage.
Connect with an MNP advisor to discuss your data privacy and security needs.
Adriana Gliga-Belavic, CISSP, CIPM, PCIP, is a Partner, member of the Firm’s Cyber Security team and Privacy Leader with MNP in Toronto. Passionate about security and privacy, Adriana helps public and private clients build pragmatic strategies and privacy programs to maintain customer trust and find the right balance between business results, proactive cyber resiliency and enhanced privacy.