Loading…
Loading…
Compliance
Organizations covered by Canada’s PIPEDA must generally obtain an individual’s consent when they collect, use or disclose that individual’s personal information. People have the right to access their personal information held by an organization, and the right to challenge its accuracy.
Personal information can only be used for the purposes for which it was collected. If an organization is going to use it for another purpose, they must obtain consent again. Personal information must be protected by appropriate safeguards.
“PIPEDA, while similar to the EU initiative GDPR, is different in that it adds a challenge for business security to locate and secure private data. Therefore, just as ES Cyber’s Forcepoint DLP rules form an integral part of a client’s GDPR procedures, we leverage PII rules to ensure PIPEDA compliance.”