Canadian Data Protection Laws

In Canada there are more than 25 federal, provincial and territorial privacy statutes that govern the protection of personal information in the private, public and health sectors. Although these statutes vary in scope, requirements, and enforcement, there are similar provisions covering the collection, use and disclosure of personal information.

The primary federal data protection statute is the Personal Information Protection and Electronic Documents Act (PIPEDA) which applies to organizations who collect, use and disclose personal information in the course of a commercial activity, including banks, financial services organizations, telecommunications companies, airlines, railways, and other inter-provincial organizations.

Data Protection Requirements:

Most of the Canadian Privacy Statutes contain safeguarding provisions designed to protect personal information. These require organizations to take reasonable technical, physical, and administrative measures to protect personal information against loss or theft, unauthorized access, disclosure, copying, use, modification, or destruction.

Breach Notification Requirements and Exemptions

Currently, Alberta’s Personal Information Protection Act (PIPA) is the only province with breach notification requirements. However, proposed amendments to the Personal Information Protection and Electronic Documents Act (PIPEDA) would require notice of material breaches be made to the Office of the Privacy Commissioner of Canada (OPC) and, in certain circumstances, to the individuals affected.

CipherCloud Enables Compliance with Canadian Data Protection Law with:

  • Strong encryption and tokenization for cloud data, meeting compliance standards for data protection
  • Encryption keys controlled exclusively by customers, meeting “pseudonymization” requirements
  • Exemption from breach notification requirements by effectively anonymizing data
  • Technology specifically called for to meet Privacy by Design and Default principals
  • Dramatic reduction in audit scope by removing data exposure to cloud providers

Questions? We'll put you on the right path.

Ask about CipherCloud products, pricing, implementation, or anything else. Our knowledgeable reps are standing by, ready to help.

OR CALL 1-855-524-7437