Canadian Security Magazine

Companies must notify people affected by privacy breaches: watchdog

By The Canadian Press   

News Data Security breach

OTTAWA — A federal watchdog says companies that lose personal customer data should be required to directly notify affected people about the lapse and detail the steps taken to reduce the harm.

The Trudeau government plans to introduce breach-notification regulations in coming months to improve transparency and help consumers.

Legislation passed last year laid the groundwork for mandatory reporting of private-sector breaches that pose a “real risk of significant harm” to individuals.

The government recently asked the public and interested parties for comment on shaping the regulations.

The federal privacy commissioner’s office says companies should have to directly notify those affected by a breach — with limited exceptions — through means such as telephone calls, emails or mailed letters.

Advertisement

It also urges the government to give thought to cases in which affected people live outside Canada.

Print this page
Stories continue below


Related
Loblaw resets PC Plus passwords following breach
Uber data breach affecting 57 million users in 2016 came from hacker in Canada
Yahoo issues another warning in fallout from hacking attacks
Halifax police make arrest in breach of N.S. freedom of information website

Leave a Reply

Your email address will not be published. Required fields are marked *

*