Public advocacy centre skeptical of data breach reporting regulations
By The Canadian PressNews Public Sector annex data breach federal regulations public advocacy centre regulations
OTTAWA — Companies would be required to notify people in the event of a serious data breach involving personal information under proposed new federal regulations.
But the regulations do provide some flexibility, depending on the circumstances.
Several businesses — including telecom provider Bell Canada and affair-seekers website Ashley Madison — have been stung by breaches in recent years.
The loss of data can be embarrassing for an organization and can cause headaches for customers whose personal or financial details are suddenly swirling in cyberspace.
Legislation passed two years ago laid the groundwork for mandatory reporting of private-sector breaches that pose a “real risk of significant harm” to individuals.
The Ottawa-based Public Interest Advocacy Centre says the proposed regulations don’t go far enough because they give companies discretion as to whether a breach is serious enough to report to those affected and the federal privacy commissioner.
News from © Canadian Press Enterprises Inc. 2017
Print this page
- Man facing assault charges after nurse attacked at Montreal hospital
- Tripwire Study: 81 per cent of security professionals say skills required for cybersecurity have changed