Privacy policies have been in turmoil for a while in Canada. With the introduction of the GDPR (General Data Protection Regulation) of the European Union, evident inconsistencies have been noted with the provincial and federal regulations associated with public and private sector privacy.
Even though Alberta, British Columbia (BC), and Quebec had already developed their own private sector privacy laws and are now moving quickly to update them to better align with the GDPR, however, where does that leave Ontario?
Federal Law Amendments
With the recent introduction of Federal Bill C-11 in November 2020, new guidelines laid out under the Consumer Privacy Protection Act focus exclusively on compliance, enforcement, and a complete overhaul of the preceding laws and standards. A few of these amendments take account of:
- A new fine framework under which organizations may be penalized up to 5% of their global revenue or $25 million (whichever is greater) for serious wrongdoings
- Privacy Commissioner gets full order-making powers
- New transparency requirements associated with automated decision-making
- Providing Canadians with the freedom to securely transfer their information from one organization to another
- Establishing the Personal Information and Data Protection Tribunal
Provincial Law Amendments
While Bill C-11 does provide clearer guidelines associated with consumer privacy regulations, it is possible that Ontario may follow suit with Quebec, Alberta and British Columbia, by developing their own private sector privacy laws. The Province consulting on this last year! In the meantime, Quebec is on the edge to pass sweeping new privacy legislation and British Columbia and Alberta may not be far behind as they review their own legislation.
Are you interested in what Ontario’s policy may soon look like? Take a quick look at some of the existing privacy law amendments or consultations being projected by Ontario:
- Emphasized in recent consultations, Ontario proposes augmented transparency for individuals
- Improved consent provisions that would permit individuals to cancel their permission at any time
- Permit individuals to request their personal data be erased
- Individuals have the right to obtain their data in a standard and portable digital format
- Enhance enforcement powers for the Information and Privacy Commissioner
- Spread out the scope of the law to include non-commercial organizations, such as political parties, trade unions, non-profits, and charities
How will this have an effect on you?
As privacy regulations continue to focus on more stringent data consent, management, and secure destruction, aligning yourself with a secure data disposal service will make sure your organization remains compliant with ever-changing data privacy regulations.
For more information on the ways TechReset can assist you with your secure data destruction needs with professional and certified Secure Data Erasure services, feel free to give us a call at 905 510 8969 or drop us an e-mail at firstname.lastname@example.org today!