New Cyber Incident Reporting Rules for Canadian Organizations

​ Effective November 1, 2018, Canadian organizations will be subject to new federal regulations mandating compulsory breach reporting in the event of a cyber security incident which could potentially lead to “real risk of significant harm.”

An amendment to the Digital Privacy Act (DPA) and the Personal Information Protection and Electronic Documents Act (PIPEDA) – the Breach of Security Safeguards Regulations will require all Canadian organizations (or organizations which collect, use or disclose personal information as part of their commercial activity in Canada) to report data breaches both to federal regulators and affected parties.

As a leading national cyber security services provider, MNP is well-equipped to help organizations prepare for this transition. Whether you’re concerned about your resilience to a cyber security threat or need to revise your incident response guidelines to align with new regulations, our team can help you assess, prioritize and implement a practical and effective information security program.

For more information about the Mandatory Breach Notification Reporting guidelines, download our factsheet.

MNP also offers an Ethics Alert Services program which may offer an added level of integrity and reputation management for your business. To learn more, download our factsheet.

Businesses will need to prepare early to satisfy this new federal mandate. Discover how MNP can help you create an effective cyber incident management process. Contact Danny Timmins, National Leader, Cyber Security at 905.607.9777 or [email protected]