Thu, Apr 16, 2020

Brian Lapidus Discusses the First Phase of PIPEDA Regulations in Canada

On November 1, 2018, Canadian businesses became subject to new regulations under the Personal Information Protection and Electronic Documents Act (PIPEDA) involving mandatory breach reporting, and a year after PIPEDA was implemented, the Office of the Privacy Commissioner of Canada received 680 breach reports, six times the volume it received during the same period a year earlier. The most common type of breach (accounting for 58% of those reported) was unauthorized access, followed by accidental disclosure, loss and theft. 

“Now, when organizations have a (breach) event (that poses a significant harm to individuals), they have to report it to the Privacy Commissioner of Canada, and the impacted individuals,” said Brian Lapidus, Global Practice Leader in the Identity Theft and Breach Notification practice of Kroll, a division of Duff & Phelps, in an article for Insurance Business Canada. This has led to a growing number of individuals seeking small claims in the consumer identity theft policies market. He further discusses the challenges organizations face when they prematurely notify breach events and highlighted the launch of Kroll’s dark web monitoring capabilities in Canada armed with cyber professionals to help organizations better run breach investigations. 

Read the full article here

Watch Brian discuss how his team helps their clients manage the myriad of global complexities around privacy and security, including PIPEDA.

2020-04-16T00:00:00.0000000 0001-01-01T00:00:00.0000000 /en/about-us/news/first-phase-pipeda-regulations-canada /-/media/kroll/images/news/featured-images/2019/pipeda-canada.jpg news {E39587AD-8F0B-4FE2-865F-969BC5501096}{CE589BFE-43ED-4214-8CBC-A96989570B0F}{3A077BFC-C74A-40AF-A14C-13BCF6E3873E}{4D975B32-83A6-485A-843E-2131B17303F0} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Stay Ahead with Kroll

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Identity Theft and Breach Notification

Services include drafting communications, full-service mailing, alternate notifications.

24x7 Incident Response

Enlist experienced responders to handle the entire security incident lifecycle.

Data Breach Call Center Services

A notification letter can generate lots of questions for those affected by a data breach. Kroll’s call center services are provided by skilled representatives who know how to handle difficult questions and stand at the ready to serve your breached population.