02 Nov New Canadian Privacy Rules to Compel Businesses to Disclose Breaches
Security experts recently voiced their concerns regarding Canada’s new privacy legislation, the Personal Information Protection and Electronic Documents Act (or PIPEDA), saying that it does not go as far as it should.
The new rules, which took effect last Thursday, will require Canadian companies to alert their customers any time their personal information is involved in a breach and there is a risk of significant harm.
However, it is said that the new law is full of imprecise language, the commissioner’s office can only advise organizations to make changes, not penalize companies for failing to comply or alert their customers. Experts fear that this will make it likely that some incidents will be reported too slowly or not at all.
Source: CBC CA