Blackbaud breach – Executive Options in light of Reports to OPC & ICO
Three Executive Actions to help mitigate further risk If your company leverages Blackbaud CRM – this article will provide you of three actions that will help mitigate risk. Blackbaud a reputable company that offers a customer relationship management system has been hit and paid off ransomware. According to G2, Blackbaud CRM is a cloud fundraising and…
Best-Practice Data Transfers for Canadian Companies – III – Vendor Contracts
PREPARING FOR DATA TRANSFER – CLAUSES FOR VENDOR CONTRACTS A three-part series from KI Design: Part I: Data Outsourcing Part II: Cross-border Data Transfers Part III: Preparing for Data Transfer – Clauses for Vendor Contracts The following guidelines are best-practice recommendations for ensuring that transferred data is processed in compliance with standard regulatory privacy laws. While a…
Best-Practice Data Transfers for Canadian Companies – Part II
CROSS-BORDER DATA TRANSFERS A three-part series from KI Design: Part I: Data Outsourcing , Part II: Cross-border Data Transfers, Part III: Preparing for Data Transfer – Clauses for Vendor Contracts When personal information (PI) is moved across federal or provincial boundaries in the course of commercial activity, it’s considered a cross-border data transfer. Transferring data brings…
“False Light” – Canada’s Newest Tort
A tort recognized by the Ontario Superior Court of Justice last month expands privacy protections for Canadians by adopting a well-established US cause of action. Torts are an essential element of common law. A tort is a wrongful act or injury that leads to physical, emotional, or financial damage to a person, for which another…
Cyber Review Consultations Report
“The digital economy increasingly shapes and drives the broader economy. For Canadians to prosper and be confident digital innovators, they need to know that the networks that enable their efforts and safeguard their assets and information are secure. I am committed to making Canada a global centre for innovation – one that creates jobs, drives…
Bill C-23: Pre-Clearance of Persons and Property
Quick Summary of Bill C-23 It is no secret that Canada and the United States have one of the most important trading relationships in the World. While the American presidential election has taken the spotlight in terms of politic news, ad of late, the Canadian federal government is proposing to rewrite Canada’s electoral laws. On June…
When Apps Claim HIPAA Compliance
Do health applications advertised as “HIPAA-compliant” offer some legal assurance? Often, the answer is no. HIPAA does not apply to technological applications as such. Rather, it governs personal health information managed by covered entities such as hospitals, physicians, pharmacies, and health insurance companies. Health applications managed by covered entities are subject to HIPAA rules. Consumer…
Legal Obligations for Energy Boards
In this guide you will explore: Obligations of Energy Boards FTC and Fair Information principle requirements Smart Grid Data Protection Requirements Employee Privacy in the Energy Space Federal and state law requirements In recent years, news of massive data breaches has become almost commonplace. We are witnessing an unprecedented increase in cyberattacks, with energy utilities…
A Proposal for Privacy Innovation in Canadian Law Technology and Corporate Culture
Summary Many believe that privacy as we know it is at a crossroads. Can data protection flourish in this brave new world of technological change, or will it decay? Economic, legal, technical, and corporate innovation will all be crucial in helping to direct the future of data protection in Canada. The OPC’s consultation paper is…