What Expert Says On New Canadian Privacy Law

The introduction of Canada’s proposed Digital Charter Implementation Act continues the trend toward tighter governmental regulation of businesses handling and processing consumers’ private and sensitive data. Steeper fines only add to the incentive for companies to comply with data privacy mandates, joining other negative outcomes such as tarnished brand reputation and loss of trust in the offending business. The move should serve as a strong reminder to businesses located or operating in Canada that data security is paramount to doing business in the country. Each organization should rethink how they protect sensitive data throughout its entire lifecycle, including knowing where this data is within their infrastructure, the level of sensitivity, and the right way to protect sensitive information. Data-centric security measures such as tokenization and format-preserving encryption are far more effective than perimeter-based methods, facilitating data freedom of movement that businesses need in order to use that information effectively while complying with strong data privacy regulations such as this proposed act.  Read Less