Federal data breach regulations set to take effect Nov. 1 will require mandatory reporting of security breaches that pose a “real risk of significant harm,” but give businesses flexibility about how that’s done.
Ottawa has rolled out the long-awaited requirements in a notice in the Canada Gazette that indicates the government wanted to protect consumers without overburdening private-sector organizations with excessive costs or complexity.
