Why are Canadian businesses often caught violating customers’ privacy rights, not protecting personal data they hold and victimized by data breaches?
One answer is they don’t know they have to follow provincial and federal privacy laws. It may be even worse.
“Frankly, judging by some of the phone calls we get, some don’t even know there is privacy legislation,” says Michael McEvoy, British Columbia information and privacy commissioner.
For these reasons McEvoy has announced his office has launched new programs to help the roughly 1 million firms, non-profits, doctor’s offices, trade unions and other organizations there understand their obligations under the provincial Personal Information Protection Act (PIPA).
The campaign, largely aimed at small and medium-sized organizations, will include webinars, animated pop-up online videos, podcasts and guidance documents. It will be officially launched on March 7.
New tools will be published on the first Wednesday of each month throughout 2019 on the OIPC website.
The idea for the campaign started when McEvoy looked at responses to a privacy self-assessment toolkit send randomly to B.C. businesses asking for details about their privacy management program.
“Many of them didn’t really understand the most fundamental aspects under our personal information protection act. We also had the same sense from the kind of calls we receive from businesses. We field thousands of calls a year asking what their legal obligations are under the legislation. All of which pointed to the need for a comprehensive education program for businesses of all kinds.”
This despite the fact…