Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
British Columbia: OIPC publishes new mandatory breach requirements for public bodies and related guidance documents
The Office of the Information and Privacy Commissioner for British Columbia ('OIPC') published, on 1 February 2023, a mandatory breach reporting and privacy management program requirements for public bodies. In particular, the OIPC detailed that the new requirements, which were among amendments to the Freedom of Information and Protection of Privacy Act ('FIPPA'), enacted in November 2021, came into force on 1 February 2023. Moreover, the OIPC explained that public bodies are now required to notify affected individuals and the OIPC of privacy breaches that could reasonably be expected to result in significant harm, without unreasonable delay, and to develop privacy management programs that are 'commensurate with the volume and sensitivity of the personal information in the public body’s custody or under its control.'
Lastly, the OPC published, on 31 January 2023, the following guidance documents on privacy breaches:
- Privacy breaches: tools and resources for public bodies;
- Privacy breach checklist for public bodies;
- Accountable Privacy Management in British Columbia's Public Sector;
- Privacy breaches: tools and resources for the private sector; and
- Privacy breach checklist for private organisations.
You can read the press release here, and access the guidance documents here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
