On November 1, 2018, Canadian businesses became subject to new regulations under the Personal Information Protection and Electronic Documents Act (PIPEDA) involving mandatory breach reporting, and a year after PIPEDA was implemented, the Office of the Privacy Commissioner of Canada received 680 breach reports, six times the volume it received during the same period a year earlier. The most common type of breach (accounting for 58% of those reported) was unauthorized access, followed by accidental disclosure, loss and theft.
“Now, when organizations have a (breach) event (that poses a significant harm to individuals), they have to report it to the Privacy Commissioner of Canada, and the impacted individuals,” said Brian Lapidus, Global Practice Leader in the Identity Theft and Breach Notification practice of Kroll, a division of Duff & Phelps, in an article for Insurance Business Canada. This has led to a growing number of individuals seeking small claims in the consumer identity theft policies market. He further discusses the challenges organizations face when they prematurely notify breach events and highlighted the launch of Kroll’s dark web monitoring capabilities in Canada armed with cyber professionals to help organizations better run breach investigations.
Read the full article here.
Watch Brian discuss how his team helps their clients manage the myriad of global complexities around privacy and security, including PIPEDA.
Stay Ahead with Kroll
Cyber and Data Resilience
Kroll merges elite security and data risk expertise with frontline intelligence from thousands of incident response, regulatory compliance, financial crime and due diligence engagements to make our clients more cyber resilient.
Breach Notification
Kroll’s data breach notification solutions – from drafting compliant letters, to full-service mailing help, to alternate notifications for large breaches – take the burden off your organization.
24x7 Incident Response
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Data Breach Call Center Services
A notification letter can generate lots of questions for those affected by a data breach. Kroll’s call center services are provided by skilled representatives who know how to handle difficult questions and stand at the ready to serve your breached population.