New Cyber Incident Reporting Rules for Canadian Organizations

July 25, 2018

New Cyber Incident Reporting Rules for Canadian Organizations

3 Minute Read

MNP can help organizations prepare for new cyber gecurity regulations governing mandatory breach reporting, effective November 1, 2018.

Effective November 1, 2018, Canadian organizations will be subject to new federal regulations mandating compulsory breach reporting in the event of a cyber security incident which could potentially lead to “real risk of significant harm.”

An amendment to the Digital Privacy Act (DPA) and the Personal Information Protection and Electronic Documents Act (PIPEDA) – the Breach of Security Safeguards Regulations will require all Canadian organizations (or organizations which collect, use or disclose personal information as part of their commercial activity in Canada) to report data breaches both to federal regulators and affected parties.

As a leading national cyber security services provider, MNP is well-equipped to help organizations prepare for this transition. Whether you’re concerned about your resilience to a cyber security threat or need to revise your incident response guidelines to align with new regulations, our team can help you assess, prioritize and implement a practical and effective information security program.

For more information about the Mandatory Breach Notification Reporting guidelines, download our factsheet.

MNP also offers an Ethics Alert Services program which may offer an added level of integrity and reputation management for your business. To learn more, download our factsheet.

Preparation Starts Now

Businesses will need to prepare early to satisfy this new federal mandate. Discover how MNP can help you create an effective cyber incident management process. Contact Danny Timmins, National Leader, Cyber Security at 905.607.9777 or [email protected]


  • Confidence

    September 21, 2021

    Payment service providers and AML compliance in Canada

    Payment service providers face regulatory risk if they don’t have an anti-money laundering program in place – find out why and how to follow best practices.

  • Performance

    How forensic soundness helps get your data into court

    The treatment of digital forensic evidence in the courts is a complex process. Find out the four key criteria Canadian courts look for to ensure your evidential data is admissible in court.

  • Confidence

    September 14, 2021

    Uncovering – and preventing - intellectual property theft

    Intellectual property theft can rob your business’ future. Make sure your evidence is solid with these steps – and tips on prevention – from MNP’s Forensics team.