Sept 2018 Charity & NFP Law Update
On November 1, 2018, Division 1.1 of the Personal information Protection and Electronic Documents Act (“PIPEDA”), establishing mandatory data breach reporting and recordkeeping requirements, together with the accompanying Breach of Security Safeguards Regulations: SOR/2018-64 (the “Regulations”), which provide additional details about these obligations, will come into force. On that date, organizations subject to PIPEDA, potentially including certain charities and not-for-profits, will be required to comply with the notification, reporting and recordkeeping obligations set out under the new mandatory breach regime. As, in some situations, charities and not-for-profits could be subject to PIPEDA, they should be aware of these new requirements.
For the balance of this Bulletin, please see Charity & NFP Law Bulletin No. 429.