In Canada, the federal government has introduced privacy breach notification requirements under the Personal Information Protection and Electronic Documents Act (PIPEDA). With recent legislative initiatives like the European Union's General Data Protection Regulation (GDPR) and California's Consumer Protection Act (CCPA), organizations face increasing needs around data privacy protection and compliance.
Other jurisdictions are looking to follow suit with their own new laws, and with discussions about privacy taking centre stage amid the growing demand for data, people are more aware of their privacy rights than ever before. It’s an issue that goes well beyond concerns about cybersecurity and GDPR compliance.
The changing landscape means privacy and data protection are fundamental business issues, regardless of which jurisdiction an organization is in or where it does business. As concern about privacy becomes a global phenomenon, organizations are collecting and processing large amounts of sensitive personal information, which means they’re at risk of everything from fines and regulatory reviews to loss of confidence and reputation.
Our Privacy advisory offering can help you rise to the challenge of privacy management and compliance. We can help you build, operate and maintain an effective privacy program through our business expertise, technology, tools and ongoing support. As a result, you can focus on your core business, improve your competitiveness and continue to make the best use of your data.
Our approach is a cost-effective option for building your privacy program more quickly than you would be able to create on your own and for managing privacy issues on an ongoing basis. You’ll have access to the resources and trusted adviser you need to make sure you have the right tools, technology and governance in place to handle the full range of privacy issues.
Our services include:
policy management and privacy notices
privacy incident reporting and notification requirements
responding to individual requests for personal data
third-party assessment and remediation
accountability and compliance reporting
data mapping to see data flows throughout the organization
privacy impact assessments
support to create and manage a data inventory
Our experts understand the fast-changing rules and expectations around privacy management. Through our subscription offering, you get access to on-demand operational support without having to build out your own privacy program or hire additional staff.
We support your privacy officer, who retains responsibility for making decisions, with guidance and recommendations to help you with your privacy office functions and meet and stay up to date on heightened rules and expectations. We’re also able to look across our customer base to proactively advise you on privacy issues you may want to address.
Effective November 1, 2018, companies subject to Canada’s privacy law will be required to record and report breaches of security safeguards. The new breach rules may require changes to your breach management and privacy practices.
The EU General Data Protection Regulation (GDPR) takes effect on May 25, 2018, creating challenges—and opportunities—for every organization doing business in the European Union. GDPR may apply to Canadian businesses, since a business doesn’t need to have a physical presence in the European Union to be subject to GDPR.
Partner, PwC Canada
Tel: +1 416 869 2384
Director, Leader Managed Privacy Services, PwC Canada
Tel: +1 416 869 2463