On Tuesday, April 8, 2014 the Federal Government introduced Bill S-4, the "Digital Privacy Act" which proposes amendments to the Personal Information Protection and Electronic Documents Act ("PIPEDA").
Non-profit organizations are subject to PIPEDA to the extent that they carry out commercial activities, and, as such, will be affected by these proposed changes should they come into force. Most notably, Bill S-4 sets out new requirements for mandatory breach reporting, which means organizations would be required to document and notify the Privacy Commissioner and affected individuals of breaches to security safeguards involving personal information under its control in the defined circumstances, and would be subject to penalties for failing to comply. Furthermore, Bill S-4 would give the Privacy Commissioner additional authority to enter into a compliance agreement with an organization under certain circumstances, and to apply to the court for an order requiring that organization to comply with the compliance agreement.
For more general information on Bill S-4, please refer to BLG's information bulletin at: http://www.blg.com/en/newsandpublications/publication_3702. We will keep you updated on the progress of this bill as more information becomes available.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
