The Office of the Information and Privacy Commissioner for British Columbia announced new requirements for privacy management programs and data breach reporting under the Freedom of Information and Protection of Privacy Act that entered into force Feb. 1. Covered entities are required to designate "someone responsible for privacy-related matters and the development, implementation and maintenance of privacy policies" and develop processes for privacy impact assessments and complaints. Breach reporting is required for incidents "expected to result in significant harm," as laid out in updated OIPC breach guidance.
British Columbia's privacy management, breach reporting requirements take effect
Related stories
23andMe fined 2.31M GBP after UK, Canada data security probe
EU reaches provisional agreement to speed up cross-border GDPR enforcement
EU lawmakers announce deal on cross-border GDPR enforcement procedures
US officials question 23andMe's ability to navigate data protection during bankruptcy
Ontario's IPC works toward balancing youth safeguards, empowerment
