• Facebook
  • LinkedIn
Security Services across the GTA: 1 (905) 415-1112
Wincon Security
  • Services
    • Security Guards
    • Condo Concierge
    • Loss Prevention
    • Mobile Patrol
    • Virtual Monitoring
    • Security Integration
    • Emergency Planning
  • Markets
    • Colleges & Universities
    • Commercial
    • Condominiums
    • Construction Sites
    • Industrial
    • Retail
  • About
    • About Us
    • Contact
    • Testimonials
    • FAQ
    • Locations
  • Wincon News
  • GET A QUOTE
  • Apply Now
    • Winner’s Circle
  • Menu Menu

Posts

Cybersecurity, Security

Why new PIPEDA rules spell opportunity for Ontario businesses

Ontario business owners who spent the last week celebrating the tabling of Bill 47, legislation that promises to repeal most of the controversial Bill 148 (with the implementation of the equally unpopular Pay Transparency Act also due to be delayed and revised, as well), could be forgiven for missing the enactment of another important new law. Only this one comes with significant cyber and physical security implications for organizations across industries.

The Personal Information Protection and Electronic Documents Act (PIPEDA) is new federal legislation that “applies to the collection, use or disclosure of personal information in the course of a commercial activity.” Put simply, if yours is an organization that has clients to whom it sells products or services, it falls under the Act’s jurisdiction. Exemptions exist in provinces that have privacy legislation in line with PIPEDA, but in those cases provincial laws need to be almost identical to the federal counterpart, or else the latter applies. What does this all mean? According to the Office of the Privacy Commissioner of Canada:

“Organizations covered by PIPEDA must obtain an individual’s consent when they collect, use or disclose that individual’s personal information. People have the right to access their personal information held by an organization. They also have the right to challenge its accuracy. Personal information can only be used for the purposes for which it was collected. If an organization is going to use it for another purpose, they must obtain consent again. Individuals should also be assured that their information will be protected by appropriate safeguards.”

Organizations are required to have ‘appropriate’ digital safeguards in place

New disclosure requirements

Perhaps most importantly, the legislation requires Canadian firms to brief customers in the event of a data breach that involves the hacking of personal information. At the same time, organizations must inform the Privacy Commission if they believe the breach carries with it “a real risk of significant harm to an individual.” The language in the new law is notably vague and unspecific. Organizations are required to have “appropriate” digital safeguards in place, even when sharing data between third-party vendors.

Penalties for non-compliance can top $100,000 per violation, so organizations are wise to be proactive and fall in line with the new rules.

PIPEDA a challenge for SMEs

Smaller businesses will likely have more difficulty complying with the law, particularly because they lack full-time IT teams or personnel to help track and protect data. Only now the financial stakes of ensuring adequate cybersecurity are significantly higher. As if the potential brand and bottom-line hit from an incident of data theft wasn’t bad enough, to add insult to injury cash-strapped companies also have to worry about Ottawa levying a steep fine when they’re at their most vulnerable.

While the new PIPEDA rules are obviously focused on the protection of data while promoting cybersecurity vigilance and protection for consumers, this is also about physical security. Why? It’s not uncommon for thieves to steal laptops or servers from an office or retail outlet, for example, then search those devices for everything from sellable business data to credit card information. Whether they actually find anything to peddle is beside the point. Because so many organizations still lack the necessary cloud- or hardware-based back up systems to protect data in case of a physical theft, losing that information to physical burglaries can be just as bad as being hacked by an online malfeasant.

An opportunity to think holistically about security

Here’s the good news: PIPEDA represents an important opportunity for organizations of all sizes and across industries to improve their security infrastructure. Without this legislative impetus, many companies would be happy to keep on carrying on, ignoring potential threats and crossing their fingers that a hacker or burglar won’t one day target their precious customer data.

It’s best to look at PIPEDA as a chance to develop a comprehensive security strategy that looks at both physical and digital security in a holistic way, analyzing potential vulnerabilities and outlining effective tools to help mitigate risk. This would also be the ideal time to consider upgrading security hardware such as monitoring and alarm systems, not to mention the crucial software that protects everything from your property’s entry points to devices such as laptops. These security components should all work in harmony and when one is insufficient, crafty criminals will be sure to take advantage to exploit weaknesses.

Is PIPEDA compliance potentially costly? Yes, but taking a proactive approach is always less expensive than trying to recover from a massive data breach. For that reason, the legislation could be just the nudge that your organization needed to stay safe and secure.

 
Learn More by Requesting a Custom Quote

Winston Stewart, President and CEO

Wincon Security 

November 9, 2018/by Winston Stewart

Archive

  • June 2025
  • May 2025
  • April 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • November 2022
  • September 2022
  • August 2022
  • June 2022
  • May 2022
  • February 2022
  • December 2021
  • September 2021
  • June 2021
  • May 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • August 2020
  • June 2020
  • March 2020
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • June 2019
  • May 2019
  • April 2019
  • February 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • December 2017
  • October 2015
  • August 2015

Categories

  • Business
  • Wincon Careers
  • Campus Security
  • Mobile Security
  • Climate Change Security
  • Construction Sites
  • Commercial Property Security
  • Health & Safety
  • Condominium Security
  • Security Integration
  • Cybersecurity
  • Mixed-Use Facility Security
  • Emergency Preparedness
  • Event Security
  • Home Security
  • News
  • Politics
  • Retail Security
  • Security
  • Venue Security
  • Workplace Security
  • Uncategorized
  • Wincon culture

SERVICES

  • Security Guards
  • Condo Concierge
  • Loss Prevention
  • Mobile Patrol
  • Virtual Monitoring
  • Security Integration
  • Emergency Planning

COMPANY

  • About Us
  • Contact
  • Careers
  • Winner’s Circle
  • FAQ
  • Testimonials
  • AODA
  • Locations

WINCON SECURITY

100 Ironside Crescent Unit 3
Scarborough, ON M1X 1M9

(905) 415-1112
info@wincon-security.com

REQUEST A QUOTE

© Copyright - Wincon Security
  • Facebook
  • LinkedIn
Scroll to top