The Government of Canada’s Digital Privacy Act was passed into law in 2015, bringing with it some major changes to Canada’s PIPEDA privacy act, including significant changes to current data breach reporting requirements.
Amendments to Bill S-4 expected to take effect later this year will require business to maintain data breach records and will introduce new regulations around reporting breaches. As a business owner or manager, your responsibilities will soon include:
- Reporting on certain types of data breaches to the Privacy Commissioner
- Notification to those affected by data breaches
- Notification of data breaches to third parties that can assist in the mitigation of harm
- Record keeping of data breaches
According to the Online Trust Alliance, over 82,000 “cyber incidents” which negatively impacted organizations were documented in 2016, but estimates the actual number in 2016 could have exceeded 250,000, as most incidents currently go unreported. With the changes coming this year, as well as an upward trend in breach attempts (Fortinet’s FortiGuard Labs detected 184 billion total exploit attempts in Q2 2017 alone – a 30% increase from Q1 of the same year), cybersecurity is a critical component of any business with any kind of digital footprint.
Do you understand your data breach risks?
Do you know how to prevent and monitor data breaches?
Are you able to report on breaches?
Do you know who to engage to resolve data breaches?
Broadview has developed solutions to help prevent and detect breaches and has partnered with several leading organizations that specialize in Risk Assessments, Data Breach Monitoring & Reporting, and Breach Remediation. For example, Fortinet’s Total Threat Protection and “Indicator of Compromise” solutions are designed to help small businesses avoid as well as detect potential data breaches.