Nearest broker: Searching for a broker nearby…
Nearest broker: , Edmonton, AB Phone: 780.755.0110 5020 Lac St Anne Trail N, Onoway, AB, T0E 1V0 Phone: 780.967.2282 , Edmonton, AB Phone: 825.467.5631 206 Pembina Rd, Sherwood Park, AB, T8H 0L8 Phone: 780-732-8616 10060 Jasper Ave, Edmonton, AB, T5J 3R8 Phone: 780-435-3632 , Calgary, AB Phone: 403-532-4882 322 Avenue C S, Saskatoon, SK, S7M 1N4 Phone: 639-398-4170 5317 50 Ave, Taber, AB, T1G 1V3 Phone: 403-223-2377 110a McLeod Ave, Spruce Grove, AB, T7X 2H8 Phone: 780-571-1144 496 Marquis Rd, Prince Albert, SK, S6V 8B3 Phone: 306-970-8080 335 Hwy Avenue N, Picture Butte, AB, T0K 1V0 Phone: 403-732-6023 2201 Box Springs Blvd NW, Medicine Hat, AB, T1C 0C8 Phone: 403-487-5132 550 Wt Hill Blvd S, Lethbridge, AB, T1J 4Z8 Phone: 403-394-1123 734 13 St N, Lethbridge, AB, T1H 2T1 Phone: 403-328-9114 5 St SE, High River, AB Phone: 403-652-4104 9904 103 St, Fort Saskatchewan, AB, T8L 2C9 Phone: 780-998-0881 201-4271 23 Ave NW, Edmonton, AB, T6L 5Z8 Phone: 780-466-2136 3908 97 St NW, Edmonton, AB, T6E 6N2 Phone: 780-465-6900 8170 50 St NW, Edmonton, AB, T6B 1E6 Phone: 780-469-9378 52 Ave, Drayton Valley, AB Phone: 780-621-1707 1331 Macleod Trail SE, Calgary, AB, T2G 0K3 Phone: 403-278-1050 1331 Macleod Trail SE, Calgary, AB, T2G 1E1 Phone: 403-255-2252 234-7 Westwinds Crescent NE, Calgary, AB, T3J 5H2 Phone: 403-775-2100 , Calgary, AB, T3K 0S8 Phone: 403-719-9995 5114 2 St, Boyle, AB, T0A 0M0 Phone: 780-689-3946 50 Ave, Bonnyville, AB Phone: 780-826-3147 12931 20 Ave, , AB, T0K 0E0 Phone: 403-562-2191 2903 Kingsview Blvd SE, Airdrie, AB, T4A 0C4 Phone: 403-945-8885

PIPEDA Reporting Requirements and How This Impacts Your Business

Business Insurance

By Samantha Lemna | November 8, 2018

Effective November 1, 2018, there are updates to the Personal Information Protection and Electronic Documents Act (PIPEDA) that will affect your business. The reporting requirements have been changed and it’s important to understand how a data breach would affect your clients and your company. We will discuss these reporting updates as well as the support your business insurance can provide you in the event of a data breach.

PIPEDA Reporting Requirement Updates

The federal government has updated PIPEDA reporting requirements as follows:

If a data breach occurs and has the risk of causing significant harm you must:

  • Report the breach to the Office of the Privacy Commissioner of Canada as soon as possible.
  • Notify the individuals affected preferably directly (in person or by phone email or mail).
  • Notify organizations such as banks and law enforcement if they can help mitigate harm.

In Alberta, this action is taken by the provincial authorities.

Companies are responsible for third-party breaches. This includes documentation even if a contract states the third party is responsible for covering costs associated with a breach.

You must also keep records of every breach for a period of 24 months. This includes:

  • Date of the breach (or estimated date)
  • General description of circumstances of the breach
  • Nature of the information involved in the breach
  • General description of what has been done since the breach was discovered
  • Risk of harm analysis
  • Legal analysis
  • If the breach was reported; if not provide an explanation as to why

There is no need to include personal details unless necessary to explain the circumstances of the breach.

What is considered significant harm?

Significant harm includes bodily injury personal injury (including humiliation damage to reputation or relationships loss of employment) damage to or loss of property identity theft financial loss negatively impacted credit record and more.

The best practice is to report. You do not have to have all the details beforehand – you can provide updates as you learn of the nature and extent of the breach.

Penalties for Failure to Uphold PIPEDA

Failure to follow the 3 step process above can result in up to $100 000 in fines as well as lawsuits and class-action lawsuits.

Notification of Individuals Affected by a Data Breach

Direct notification in person or by phone email or mail is preferred. However indirect notification by public announcement or notice is acceptable if it is to the direct benefit of those impacted (i.e. can be communicated to them quicker or is less cost-prohibitive).

The notification must include the following:

  • Description of the circumstances surrounding the breach
  • When the breach occurred
  • Description of the steps taken to reduce the risk of harm since the breach was discovered
  • Description of the steps the individual can do to reduce the risk or mitigate harm
  • Contact information for further details

Please visit more details.

Data Breach Insurance

Data breach insurance (sometimes known as cyber liability or cybersecurity insurance) can help you deal with a data breach incident. This coverage can be included in your business insurance (usually as an endorsement or add-on) and some companies offer it as a standalone product.

Prevention and preparation are emphasized with this type of coverage; you generally get access to resources that will allow you to learn how to protect your business from a data breach and how to prepare a plan of action in the event one does occur. You will also receive support to respond to a breach.

This type of coverage will also generally cover litigation and regulatory matters. Claims include invasion of privacy economic harm emotional distress and more.

Keep in mind that you must follow the law when it comes to privacy protection security and reporting. If you fail to do so you may not be covered. Remember to talk to your broker about your coverage’s exclusions and limits as understanding your policy is an important part of your success in risk management.

Get A Quote From A-WIN

Get the best insurance deals and stay on budget.

Get A Quote

Life Events - It's Time to Reassess Your Insurance

Whether it’s heading off to university or deciding to start your own business,...


Rogers Insurance and CapriCMW merge to become Acera Insurance.

A-WIN Insurance is part of the Rogers Insurance Group.

Click to learn more about how this merger will impact A-WIN Insurance. Our branches will remain independently owned and operated.