Jennifer Brown reports:
Fines are an established punishment for data breaches south of the border and they could soon be coming to Canada.
[…]
Bill S-4, the digital privacy act, introduced earlier this year in the Senate, would amend the Personal Information and Electronic Documents Act. It was introduced in April and is now before the House of Commons. The bill, which is perhaps better known for concerns some have about what it is attempting to address with respect to online privacy, also contains mandatory breach notification provisions.
It would require organizations to notify both individuals and the privacy commissioner, in the event of a breach of security of personal information and keep a record of every breach. Breaches could also incur fines of up to $100,000.
Read more on InHouse.