2022

Today
Today

Managing cyber-risk

  • April 13, 2018
  • Shan Alavi

Risks, when left unchecked, can wreak havoc on unsuspecting individuals and organizations. This is particularly true with cyber-risk, but given the nascent cyber-risk insurance industry in Canada, the legal sector must learn to manage that risk by using various forms of insurance and risk mitigation strategies.

Privacy and Access

Privacy breach litigation: Understanding the consequences for your organization

  • July 04, 2017
  • Howard Simkevitz and Danielle Wolfenden

Most organizations in the Digital Age find themselves the custodians of an increasing amount of personal information and/or personal health information. At the same time, privacy breaches are on the rise, and there is a growing number of potential plaintiffs seeking to recoup damages through what is an evolving area of tort law. Not surprisingly, therefore, privacy has become a hot topic on many organizations’ risk management agendas.

Privacy and Access

Words truly matter

  • April 10, 2017
  • Gary Dickson

A recent investigation report issued by the Saskatchewan Information and Privacy Commissioner draws attention again to the sloppy use of terminology in health organization policies and procedures. The Investigation Report 269-2016 & 303-2016 underscores a recommendation made by that oversight office in an earlier report relating to reliance on the non-statutory term “circle-of care” when discussing the collection, use and disclosure of personal health information.

Privacy and Access

CSA guidance for the disclosure of cyber security risks and incidents

  • March 09, 2017
  • Roland Hung and Corinne Xu

Staff from the British Columbia Securities Commission, the Ontario Securities Commission, and the Autorité des marchés financiers recently reviewed disclosure documents provided by 240 issuers of the S&P/TSX Composite Index.

Privacy and Access

Intrusion upon seclusion: The camera in the boudoir

  • February 02, 2017
  • Roland Hung and Lucas Versteegh

On Dec. 9, 2016, the Ontario Superior Court of Justice released Patel v. Sheth, the latest in a series of cases sprouting from the 2012 recognition of a tort of intrusion upon seclusion in Jones v. Tsige.

Privacy and Access

Privacy enforcement over borders

  • November 29, 2016
  • Gary Dickson, Q.C.

It has long been apparent that, given the ease with which data moves over borders, privacy enforcement must contemplate enforcement action that goes beyond any single state’s borders. The office of the Privacy Commissioner of Canada has been an effective leader in promoting greater international cooperation.

Privacy and Access

Personal information in the sharing economy

  • November 21, 2016
  • Sujoy Chatterjee

Some of the largest figures in the sharing economy, such as Uber and Airbnb, have been in existence for close to a decade. Governments have been slow to regulate these industries, particularly with regard to privacy and data protection.

Privacy and Access