Because confidentiality incident reporting is mandatory in almost every Canadian province, most private and public sector organizations have some form of incident response strategy – either a formal written process or an ad hoc set of steps to follow. Whatever form it takes, such a strategy is intended for incidents in which information about an identified or identifiable individual (“personal information”) under the organization’s control is lost or accessed, used, or disclosed without…
By: Stikeman Elliott LLP
By: Stikeman Elliott LLP
