• Home
  • Books
  • Democracy Project
  • About
✕

7 Mandatory Breach Reporting Requirements and Examples — Ontario

Privacy

7 Mandatory Breach Reporting Requirements and Examples — Ontario

Wael Hassan September 11, 2017

Mark you calendars , October 1st 2017 Mandatory Breach Reporting Requirements kick in.

THERE ARE 7 SITUATIONS WHERE YOU MUST NOTIFY THE ONTARIO PRIVACY COMMISSIONER OF A PRIVACY BREACH

  1. Use or disclosure without authority :  Looking at a family member, a celebrity, a politician records out of curiosity or for a malicious intent. Limited exceptions: accessing a record by mistake, or mailing a letter to the wrong address.
  2. Stolen Information: Laptop, Tablet, or paper theft or loss.  In addition to being subject to malware or ransomware.
  3. Extended Use or Disclosure: Following a reported breach, a sales company used records to market its products or services.
  4. Pattern or Similar Breaches: Letters are being sent to the wrong address, employees are repeatedly accessing a patient’s record.
  5. Disciplinary action against a college member:  A college member resigns, is suspended, or has their licenses revoked following or combined with a breach.
  6. Disciplinary action against a non college member: Resignation, Suspension, or firing of an employee following or during a breach.
  7. Significant Breach: the information is sensitive, large volume , large number of affected individuals, and more than one custodian or agent is involved.

Custodians will be required to start tracking privacy breach statistics as of January 1, 2018, and will be required to provide the Commissioner with an annual report of the previous calendar year’s statistics, starting in March 2019.

Previous Article

A Lesson to Know: The Unforgiving Culture of Social Media

Next Article

Overcoming the Challenges of Privacy of Social Media in Canada

Latest Posts

Data for Democracy Project

Data for Democracy Project

Implementing Use Control – The Next Generation of Data Protection 6/7

Implementing Use Control – The Next Generation of Data Protection 6/7

Access Control in a Big Data Context, IV

Access Control in a Big Data Context, IV

Books Authored by Dr. Hassan

Monitoring Elections

Privacy in Design

Arba WordPress Theme by XstreamThemes.
Get Support