17 August 2017 07:00
The companies that deal with personal information in the course of their business activities are now publicly disclosing the breach of data security at the Office of the protection of the privacy of Canada and to the people concerned.
Fines of up to $ 100,000 may be sent to companies that did not report that the personal information of their customers have been compromised.
«The regulations of reporting will undoubtedly be in effect in the fall of 2017. This will cost additional for companies that are victims of security breaches of their information, » says Derrick Hughes, vice-president, reinsurance, of The Company, Inspection and Insurance Boiler and Machinery of Canada, also known by its English acronym BI&I.
Mr. Hughes also quotes data from a report from thePonemon Institute to support his claims. This body of research considers that a breach of security will cost about 255 $ per record lost or stolen in Canada and 108 of $ are awarded to the reporting and resolution.
Mr. Hughes puts companies on guard that the standard fonts of business insurance and liability does not cover losses incurred by the data breach. «The companies use now a rider for the data breach, it can add to the basic fonts, alongside protections for property, liability, fire, and the volume of The insurance against the violation of the data covers the costs of response and of reporting, and alert services fraud to the individuals concerned and the case management process of restoration of identity. «
The Law on the protection of personal information in digital also contains provisions regarding the parameters of assessment and management of risks, forcing companies to keep a register on infringements of data security, otherwise they might be forced to pay a fine of up to $ 100,000 per offence.
In addition, the Act imposes more stringent standards as regards the consent to the collection, use and disclosure of personal information of children or the elderly. Companies could be forced to review their policies on the respect of private life for that it includes a simple language to ensure that people who are more «vulnerable» to understand the possible consequences of the disclosure of their information, explained to the canadian government, in a notice.