Colligeres
10/01/2021
New requirements to the Private Sector Act that will be enforce in one year. Act now!
1. Appointment of a Data Privacy Officer (DPO)
• By default, the CEO of every organization will be the “person in charge of the protection of personal information”.
• The Data Privacy Officer (DPO) must ensure that the organization implements and complies with the Act.
• The Data Privacy Officer (DPO) role can be delegated in writing to any person.
• The Data Privacy Officer’s (DPO) contact information must be published on the organization’s website.
2. Breach Reporting
• Organizations must notify the Commission d’accès à l’information (CAI) and the affected individuals when a “confidentiality incident” presents a “risk of serious injury” to the individuals.
• The “risk of serious injury” threshold is assessed using factors similar to the “real risk of significant harm” under PIPEDA, namely the sensitivity of the information concerned, the anticipated consequences of its use and the likelihood that such information will be used for injurious purposes.
• Organizations must keep a register of breaches that they would be required to provide to the CAI upon request.
Thank you BLG Canada's Law Firm for this summary.
01/14/2021
Many companies use dark pattern techniques to make it difficult to find how to obtain your .
JustGetMyData aims to be a directory of urls to enable you to easily obtain your .
https://justgetmydata.com/
Click here to claim your Sponsored Listing.