The accountability guidance assists organizations in considering
the following essential elements of demonstrating accountability
under privacy legislation in Canada. In particular, privacy
legislation in Canada is typically interpreted as requiring:
Privacy Officer. The appointment of a
designated person to oversee compliance with Canadian privacy
legislation. In larger organizations, this may require a privacy
group or office.
Policies & Education. The establishment of
privacy policies and processes for training and on-going training
of employees with respect to those policies.
Governance of Third-Party Processors. The
inclusion of privacy guarantees and audit rights with respect to
the organization's third-party processors of personal
Inquiries & Complaints. Systems to
identify requests for access and correction of personal information
or complaints regarding the collection, use, retention or
disclosure of personal information and trained staff to respond to
those requests and complaints. This also requires organizations to
understand what personal information they have collected and who
has custody of it.
Risk Assessment. Organizations are responsible
for engaging in risk assessment in all aspects of the life-cycle of
personal information – collection, uses, new uses,
retention, disclosure and destruction of information –
and to demonstrate risk-minimization strategies through
administrative, physical and technological procedures.
Breach Response Procedures. Organizations
should have breach detection and response protocols that are
compliant with general privacy principles and any applicable
mandatory breach notification requirements.
About Fraser Milner Casgrain LLP (FMC)
FMC is one of Canada's leading business and litigation law
firms with more than 500 lawyers in six full-service offices
located in the country's key business centres. We focus on
providing outstanding service and value to our clients, and we
strive to excel as a workplace of choice for our people. Regardless
of where you choose to do business in Canada, our strong team of
professionals possess knowledge and expertise on regional, national
and cross-border matters. FMC's well-earned reputation for
consistently delivering the highest quality legal services and
counsel to our clients is complemented by an ongoing commitment to
diversity and inclusion to broaden our insight and perspective on
our clients' needs. Visit:
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Join our partners Karen Martin and Ryan Chalmers at the Pacific Business & Law Institute’s program, where they will be presenting a session titled "Procurement: Compliance with AIT, NWPTA, TILMA, NAFTA, TPP, CETA and the Statutes." This forum assembles leading government advisors to provide insights on key issues in local government today.
Employee turnover is an unavoidable reality for nearly all businesses. In addition to creating a number of financial and logistical difficulties, employee turnover also raises a number data security issues.
The Office of the Privacy Commissioner of Canada has ruled that the collection and use of a plaintiff's personal information for the purpose of defending against a civil lawsuit is not a "commercial activity" and, ...
While corporate executives are increasingly becoming aware of their obligation to be informed of cybersecurity threats and the steps being taken by their company to prevent data breaches, it is equally important for executives to ensure that the employees are educated with respect to cyber threats.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).