In the digital age, businesses, hospitals, clinics, universities, and almost all other large and small organizations must ensure they proactively mitigate the risk of a potential data breach and must be able to adequately respond to such a breach if one does occur. Cybersecurity attacks and data breaches are becoming increasingly prevalent.
If you are a business or an organization and require legal guidance and assistance with responding to a data breach, contact the Toronto cybersecurity lawyers at Milosevic Fiske LLP. We understand the importance of immediate action where there has been a data breach and can help our clients act quickly to mitigate their risk, protect themselves from further breaches, and comply with their requirements to disclose the breach.
Institutions governed by the Freedom of Information and Protection of Privacy Act and the Municipal Freedom of Information and Protection of Privacy Act should have proactive measures in place to prevent a privacy breach from occurring.
Where a breach does occur, the institution must immediately identify the scope of the breach and take active steps to contain it. It must also notify all affected individuals as soon as possible. Once these immediate steps are taken, the institution must conduct an internal investigation, including reviewing the circumstances of the breach and the containment measures that were taken, reviewing the adequacy of policies and procedures in place to address breaches, and developing recommendations to prevent future breaches.
Under the Personal Health Information Protection Act, health information custodians must take reasonable steps to ensure that personal health information that is in their custody or control is protected against theft, loss, unauthorized use, and disclosure.
Custodians are also obligated to notify the Information and Privacy Commissioner of Ontario about certain privacy breaches and must also notify the individuals whose privacy has been breached.
After late 2018, all Canadian companies will be required to inform the Privacy Commissioner as well as consumers when the personal information of consumers has been compromised.
The notification will have to come directly to the affected individuals through email, mail, phone, or in person, except in certain limited circumstances where the company can issue an indirect notification.
At Milosevic Fiske LLP in Toronto, our lawyers are proud to be at the forefront of this developing and still evolving area of law. We have been ahead of the curve on many novel issues and are deeply passionate about helping businesses and organizations who face data breach and other cybersecurity issues.
We can advise and provide guidance on:
At Milosevic Fiske LLP, our cybersecurity lawyers regularly assist clients in the following sectors:
If you would like to proactively manage your cybersecurity risk and quickly respond to any potential data breaches, contact the Toronto cybersecurity lawyers at Milosevic Fiske LLP. To set up a consultation, call us at 416-916-1387 or contact us online.
Phone: (416) 916-1387