The Office of the Privacy Commissioner of Canada new Privacy Guide for Businesses

The Office of the Privacy Commissioner of Canada has published the new Privacy Guide for Businesses available here.

This is a comprehensive guide which explains basic principles under the Personal Information Protection and Electronic Documents Act (PIPEDA) such as be accountable, identify the purpose, obtain valid and informed consent, limit collection,limit use, disclosure and retention and others. It also explains how the PIPEDA applies, what is not covered under the Act and what businesses’ responsibilities under the PIPEDA are. It contains the OPC’s guidelines for obtaining meaningful consent.

It also covers the topic of dealing with data breaches and provides more details on how to determine the real risk of significant harm and what should a breach report contain.

As individuals may complain to the Commissioner, the Guide contains information on the process, early resolution of complaints and in which cases the OPC may refuse to investigate the complaint.

Canada’s anti-spam legislation (CASL) sets out pretty clear obligations on organizations engaging in marketing activities, as it protects consumers and businesses from the misuse of digital technology, including spam and other electronic threats. It also aims to help businesses stay competitive in a global, digital marketplace. The Guide refers to the most important points under the CASL.

Before diving into PIPEDA and other privacy legislation read the Guide first, as it can provide a pretty good overview of privacy laws with useful references and guidance.

Photo by Kelly Sikkema on Unsplash.