Brian Lapidus Discusses the First Phase of PIPEDA Regulations in Canada

On November 1, 2018, Canadian businesses became subject to new regulations under the Personal Information Protection and Electronic Documents Act (PIPEDA) involving mandatory breach reporting, and a year after PIPEDA was implemented, the Office of the Privacy Commissioner of Canada received 680 breach reports, six times the volume it received during the same period a year earlier. The most common type of breach (accounting for 58% of those reported) was unauthorized access, followed by accidental disclosure, loss and theft. 

“Now, when organizations have a (breach) event (that poses a significant harm to individuals), they have to report it to the Privacy Commissioner of Canada, and the impacted individuals,” said Brian Lapidus, Global Practice Leader in the Identity Theft and Breach Notification practice of Kroll, a division of Duff & Phelps, in an article for Insurance Business Canada. This has led to a growing number of individuals seeking small claims in the consumer identity theft policies market. He further discusses the challenges organizations face when they prematurely notify breach events and highlighted the launch of Kroll’s dark web monitoring capabilities in Canada armed with cyber professionals to help organizations better run breach investigations. 

Read the full article here

2020-04-16T00:00:00.0000000 0001-01-01T00:00:00.0000000 /en-ca/about-us/news/first-phase-pipeda-regulations-canada /-/media/kroll/images/news/featured-images/2019/pipeda-canada.jpg news {78D3F940-BF08-40FB-A7F6-B55FB2D9165B} {BFB3FCA2-C3BE-42CF-8A4B-F761BFAEC095} {3C7B541B-9C46-4B7C-B32F-5171B3FA949B} {CF536F14-5642-4A78-B222-89E096E41A19}

Related Services

Cyber Risk

End-to-end cyber security services provided by unrivaled experts.

Cyber Risk

Data Breach Response

Services include drafting communications, full-service mailing, alternate notifications.

Data Breach Response

News