![]() ![]() ![]() That paper trail, says Mee, “is going to be the first thing litigation counsel asks for if you have a mega breach down the road.” The act does require organizations to maintain a record of all privacy-related breaches-even those that don’t meet the standard for disclosure. And the divulged personal information must pose a “real risk of significant harm,” such as humiliation, or damage to reputation or relationships, for identity theft to be deemed reportable, says Wendy Mee, a partner at the Toronto law firm Blakes who specializes in privacy issues. “If you’ve lost $90 million to a bad guy but no personal information has been revealed, you don’t have to report it,” says Masson. “We have stringent privacy laws, but no real protections when it comes to reporting cyber breaches.” However, there are gaps in the new regulations, which relate solely to the privacy of personal information. ![]() “It’s a vast improvement on what we’ve got now,” says David Masson, head of Canada for the global cyberdefence firm Darktrace. And it requires companies to immediately report any unauthorized breach involving personal information to the Privacy Commissioner of Canada and to the affected individuals. The Digital Privacy Act is an amendment to the Personal Information Protection and Electronic Documents Act, which governs how private organizations handle Canadians’ personal information. While the employee might be tempted to keep mum, starting this November, that could cost you up to $100,000. ![]() The laptop is stolen (this actually happened to a Northwest Territories health official in May). Picture this: An absent-minded employee leaves a laptop containing unencrypted health information of 33,000 patients in his car. You’ve already been attacked.” Here’s a roundup of practical advice, easy wins and terrifying statistics that should inspire you to lock down your company (and hack-proof your employees).ġ46 million How to avoid a legal nightmare “So it’s not a matter of when you’ll get attacked. “We’re in a cyber arms race, and it’s going to get more and more complex-with AI, attacks are moving at machine speed,” he says. More attention to the issue can’t come too soon for David Masson, the head of Canada for the global cyberdefence firm Darktrace. It’s just one part of Ottawa’s cybersecurity plan, which includes a new cyber centre with $155 million in funding over five years. The Digital Privacy Act comes into effect on Nov. As if that prospect weren’t frightening enough, Canadian organizations will soon face hefty fines for putting customers’ information at risk. Take Sony Pictures: Back in 2014, hackers managed to trick executives into clicking on malicious emails, allowing the bad guys to plunder 100 terabytes of its data. It’s estimated that between 80% and 90% of data breaches are caused by human error. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |