Canadian privacy breach notification requirements

27 January 2023

Guides

Contacts:

Antoine Guilmain, Wendy Wagner, Brent Arnold, Christopher Oates, Jasmine Samra, Kavivarman Sivasothy, Hunter Fox, Marc-Antoine Bigras, Michael Walsh, Caitlin Schropp

Canadian organizations that have experienced a privacy breach, in most cases, will have a legal duty to notify the individuals affected by the breach, as well as relevant regulatory bodies.

To help you navigate this process effectively and better understand your unique obligations, this resource offers a high-level overview of the specific breach notification requirements under PIPEDA, the Québec Act and PIPA AB.

Topics include:

How does each Act define a privacy breach?
Who needs to notify whom?
When is notification mandatory?
What are the essential elements of a privacy breach notification?
What record-keeping obligations are contained in each Act?

Download our guide here

NOT LEGAL ADVICE. Information made available on this website in any form is for information purposes only. It is not, and should not be taken as, legal advice. You should not rely on, or take or fail to take any action based upon this information. Never disregard professional legal advice or delay in seeking legal advice because of something you have read on this website. Gowling WLG professionals will be pleased to discuss resolutions to specific legal concerns you may have.

Related Tech, Cyber Security & Data Protection Law, Canadian privacy laws: New rules for a new era