• Blackbaud breach – Executive Options in light of Reports to OPC & ICO

    Three Executive Actions to help mitigate further risk If your company leverages Blackbaud CRM – this article will provide you of three actions that will help mitigate risk. Blackbaud a reputable company that offers a customer relationship management system has been hit and paid off ransomware. According to G2, Blackbaud CRM is a cloud fundraising and…


  • Measuring Fear? #Coronavirus

    Disease Sentiment Analysis for Diseases and Pandemics COVID-19 is a global concern. It is affecting communities with over 2500 deaths while the number of cases continues to climb. Canada has issued travel advisory level 3 ( avoid non-essential travel to several countries including China. Thousands of health professionals continue to deal with the risk of infection. Some…


  • Best-Practice Data Transfers for Canadian Companies – III – Vendor Contracts

    PREPARING FOR DATA TRANSFER – CLAUSES FOR VENDOR CONTRACTS A three-part series from KI Design: Part I: Data Outsourcing Part II: Cross-border Data Transfers Part III: Preparing for Data Transfer – Clauses for Vendor Contracts The following guidelines are best-practice recommendations for ensuring that transferred data is processed in compliance with standard regulatory privacy laws. While a…


  • Best-Practice Data Transfers for Canadian Companies – Part II

    CROSS-BORDER DATA TRANSFERS A three-part series from KI Design:  Part I: Data Outsourcing ,  Part II: Cross-border Data Transfers, Part III: Preparing for Data Transfer – Clauses for Vendor Contracts When personal information (PI) is moved across federal or provincial boundaries in the course of commercial activity, it’s considered a cross-border data transfer. Transferring data brings…


  • “False Light” – Canada’s Newest Tort

    A tort recognized by the Ontario Superior Court of Justice last month expands privacy protections for Canadians by adopting a well-established US cause of action. Torts are an essential element of common law. A tort is a wrongful act or injury that leads to physical, emotional, or financial damage to a person, for which another…


  • Should Laws Regulate Online Discourse?

    Most Canadians woke up to news of the #RCMP #GRC launching a probe into hate speech by an Alt-Right group leader who is seeking national party status. The probe came after an Anti Hate group filed a report. The news article was shared hundreds of times. The RCMP probe is timely, because hate online is a virus…


  • Canada’s Digital Charter

    Following the G7 meeting in Paris last week, the government of Canada announced its first-ever Digital Charter. Minister of Innovation, Science and Economic Development, @NavdeepSBains unveiled the 10 principles meant to govern digital communications. During the G7 World leaders and heads of global technology companies have pledged at a Paris summit to tackle terrorist and extremist…


  • Cyber Review Consultations Report

    “The digital economy increasingly shapes and drives the broader economy. For Canadians to prosper and be confident digital innovators, they need to know that the networks that enable their efforts and safeguard their assets and information are secure. I am committed to making Canada a global centre for innovation – one that creates jobs, drives…


  • Bill C-23: Pre-Clearance of Persons and Property

    Quick Summary of Bill C-23 It is no secret that Canada and the United States have one of the most important trading relationships in the World. While the American presidential election has taken the spotlight in terms of politic news, ad of late, the Canadian federal government is proposing to rewrite Canada’s electoral laws. On June…


  • When Apps Claim HIPAA Compliance

    Do health applications advertised as “HIPAA-compliant” offer some legal assurance? Often, the answer is no. HIPAA does not apply to technological applications as such. Rather, it governs personal health information managed by covered entities such as hospitals, physicians, pharmacies, and health insurance companies. Health applications managed by covered entities are subject to HIPAA rules. Consumer…


  • Legal Obligations for Energy Boards

    In this guide you will explore: Obligations of Energy Boards FTC and Fair Information principle requirements Smart Grid Data Protection Requirements Employee Privacy in the Energy Space Federal and state law requirements In recent years, news of massive data breaches has become almost commonplace. We are witnessing an unprecedented increase in cyberattacks, with energy utilities…


  • A Proposal for Privacy Innovation in Canadian Law Technology and Corporate Culture

    Summary Many believe that privacy as we know it is at a crossroads. Can data protection flourish in this brave new world of technological change, or will it decay? Economic, legal, technical, and corporate innovation will all be crucial in helping to direct the future of data protection in Canada.  The OPC’s consultation paper is…