Person pressing a security lock button

New Cyber Incident Reporting Rules for Canadian Organizations

New Cyber Incident Reporting Rules for Canadian Organizations

Synopsis
3 Minute Read

MNP can help organizations prepare for new cyber gecurity regulations governing mandatory breach reporting, effective November 1, 2018.

Read more
Insight
Fact Sheet Digital Services
Effective November 1, 2018, Canadian organizations will be subject to new federal regulations mandating compulsory breach reporting in the event of a cyber security incident which could potentially lead to “real risk of significant harm.”

An amendment to the Digital Privacy Act (DPA) and the Personal Information Protection and Electronic Documents Act (PIPEDA) – the Breach of Security Safeguards Regulations will require all Canadian organizations (or organizations which collect, use or disclose personal information as part of their commercial activity in Canada) to report data breaches both to federal regulators and affected parties.

As a leading national cyber security services provider, MNP is well-equipped to help organizations prepare for this transition. Whether you’re concerned about your resilience to a cyber security threat or need to revise your incident response guidelines to align with new regulations, our team can help you assess, prioritize and implement a practical and effective information security program.

For more information about the Mandatory Breach Notification Reporting guidelines, download our factsheet.

MNP also offers an Ethics Alert Services program which may offer an added level of integrity and reputation management for your business. To learn more, download our factsheet.

Preparation Starts Now

Businesses will need to prepare early to satisfy this new federal mandate. Discover how MNP can help you create an effective cyber incident management process. Contact Danny Timmins, National Leader, Cyber Security at 905.607.9777 or [email protected]

Related Content

  • Agility
    July 04, 2025

    Modernizing the core How energy and utilities can move on from legacy finance and billing systems

    Legacy platforms are expiring. Discover how energy and utilities organizations can choose the right finance, billing, and customer systems to reduce risk and unlock long-term value.

    Read more

  • July 03, 2025

    Cyber security on the farm: The gap between concern and preparedness

    Many farmers are concerned about cyber attacks — but few are prepared to respond to an incident. How can you bridge the gap between concern and preparedness?

    Read more

  • Progress
    May 28, 2025

    Why the cloud should matter to your energy company (and how to get it right)

    The energy and utilities sector is facing increasing pressure to modernize, and the cloud offers a way to do this without risking downtime.

    Read more

Insights

View all
  • Agility

    July 04, 2025

    Modernizing the core How energy and utilities can move on from legacy finance and billing systems

    Legacy platforms are expiring. Discover how energy and utilities organizations can choose the right finance, billing, and customer systems to reduce risk and unlock long-term value.

    Read more

  • Agility

    July 03, 2025

    Capital Regional District

    The Capital Regional District faced challenges with outdated IT systems, a siloed department, and fragmented project management processes.

    Read more

  • July 03, 2025

    Cyber security on the farm: The gap between concern and preparedness

    Many farmers are concerned about cyber attacks — but few are prepared to respond to an incident. How can you bridge the gap between concern and preparedness?

    Read more