GDPR Responsibilities of Controllers and Processors
Responsibilities of Controllers and Processors What are controllers and processors under the GDPR? Controllers determine the purpose and means of processing personal data and are usually the collectors of data. They do not necessarily need to be located in the EU. Controllers are additionally responsible for monitoring processors’ compliance. Processors are engaged to protect data…
What Is The GDPR?
What is the GDPR? The GDPR represents new legislation that is destined to replace the General Data Protection Regulation, which has been in place since 1995. The arrival of the digital age means that the way people understand and interact with data is changing rapidly. The GDPR can help to clarify individual rights in the…
Designing Smart Cities – A Design Thinking Approach
Privacy, Data Management, and Risk Mitigation While no clear definition or requirements of a “smart city” exist, the general consensus is that it is an innovative development initiative that combines urban planning with creative digital infrastructure. Areas of focus often include reducing traffic congestion, improving sustainable energy use, and making public spaces more accessible and…
eDiscovery and Audits: The Solution to Unauthorized Access
eDiscovery and Audits: The Solution to Unauthorized Access Electronic medical records (EMRs) contain sensitive personal information that is strongly protected in many jurisdictions. EMRs are protected under the Personal Health Information Protection Act (PHIPA) in Ontario by limiting authorized access to professionals who are currently providing healthcare services to the patient or are otherwise given…
Artificial Intelligence and Privacy: What About?
Inference How AI impacts privacy and security implementaiton? Big Data analytics is transforming all industries including healthcare-based research and innovation, offering tremendous potential to organizations able to leverage their data assets. However, as a new species of data – massive in volume, velocity, variability, and variety – Big Data also creates the challenge of compliance…
Social Media Analytics Drivers
By Aydin Farrokhi and Dr. Wael Hassan Today, the public has remarkable power and reach by which they can share their news, and express their opinion, about any product or services or even react to an existing state of affairs, especially regarding social or political issues. For example, in marketing, consumer voices can have an enormous…
Overcoming the Challenges of Privacy of Social Media in Canada
In Canada data protection is regulated by both federal and provincial legislation. Organizations and other companies who capture and store personal information are subject to several laws in Canada. In the course of commercial activities, the federal Personal Information Protection and Electronic Documents Act (PIPEDA) became law in 2004. PIPEDA requires organizations to obtain consent…
7 Mandatory Breach Reporting Requirements and Examples — Ontario
Mark you calendars , October 1st 2017 Mandatory Breach Reporting Requirements kick in. THERE ARE 7 SITUATIONS WHERE YOU MUST NOTIFY THE ONTARIO PRIVACY COMMISSIONER OF A PRIVACY BREACH Custodians will be required to start tracking privacy breach statistics as of January 1, 2018, and will be required to provide the Commissioner with an annual report…
Bill S-201: The Genetic Non-Discrimination Act
Following a majority vote in the House of Commons passing the bill and a final approval by the Senate, Bill S-201 received royal assent on May 4th. The bill, also referred to as the Genetic Non-Discrimination Act, is a preliminary step towards the amendment of the Canadian Human Rights Act as it aims to prevent…
Cyber Review Consultations Report
“The digital economy increasingly shapes and drives the broader economy. For Canadians to prosper and be confident digital innovators, they need to know that the networks that enable their efforts and safeguard their assets and information are secure. I am committed to making Canada a global centre for innovation – one that creates jobs, drives…
Amendments to the General Regulation (Ontario Regulation 329/04)
The Ministry of Health and Long-Term Care (“ministry”) is proposing amendments to the General Regulation (Ontario Regulation 329/04) under the Personal Health Information Protection Act, 2004 (PHIPA). The purpose of the amendments has largely to do with clarifying the needs for health information custodian reporting of thefts, losses and unauthorized uses or disclosures of personal health information…
Laws for Big Data
What would a law about big data say? After participating with the Privacy Commissioner of Canada’s consultation on consent, and reading about Ontario’s privacy commissioner reflection on the drivers for a legal change. I tell you that it wont be easy. I will be writing about this shortly for now, I will simply ask the question.