Toronto, ON, Following recent public breaches in the private and public sectors in Canada, Alberta’s announcement of the arrival of a breach notification law is a welcome one. The recent BC privacy breach of 1400 social assistance accounts was compounded by the failure to notify the victims for seven months. This type of failure to notify the public should be prevented by new Alberta and BC laws requiring public and private organizations to disclose security and privacy breaches.
According to Canadian security and privacy expert Claudiu Popa: “The lack of breach notification legislation in Canada has been, for the past few years, a key point of divergence in the mature adoption of security and privacy best practices. With nonexistent requirements for disclosing security and privacy breaches, we have had a lax climate of security awareness and technology adoption here in Canada, leading to events that have almost always been more serious than they needed to be”. Claudiu Popa is a certified security and privacy consultant, and president of Toronto-based Informatica Security Corporation. He is also the author of the Canadian Privacy and Security Toolkit, published by the Canadian Institute of Chartered Accountants and a trusted media resource:
“Our own research no doubt mirrors what Privacy Commissioners have been supporting all along, and that is the fact that accountability and awareness of privacy and security breaches can be effectively catalyzed by effective notification requirements”
Popa recommends that businesses prepare for these changes well ahead of time and incorporate the following best practices based on proven, globally-accepted standards:
1.Implement and test an enterprise-wide incident management plan
2.Adopt regular, verifiable security awareness training
3.Ensure that policies are communicated and understood
4.Perform regular security assessments at different operational risk layers
5.Appoint the right people in key security and privacy roles, and support them
For more information or to request an interview, contact Claudiu Popa.
About Informatica Security Corporation
Informatica Security offers IT and security governance solutions that span the entire range of information risk best practices.
Founded in 1989, Informatica Security and Privacy is a leading information risk management consulting firm focused on providing unmatched expertise to enable client organizations to control and mitigate information security risks, meet compliance challenges, alleviate the effects of wrongsourcing and adopt proven standards and best practices for exceptional governance. The firm’s FlexSecure™ risk assessments and professional audits, FlexProtect™
For additional information, please visit www.PrivacyImpact.com and www.PrivacyImpactAssessment.com.
Informatica Security and Privacy, Informatica Education, Informatica Research, the Informatica logo, FlexSecure™, FlexProtect™
For media enquiries and enterprise engagements contact: Claudiu Popa, CISSP, PMP, CISA, CIPP, CRMP, President & CSO, Informatica Corporation, 416-431-9012, Info@InformaticaSecurity.com
On the web: LinkedIN.ClaudiuPopa.com, Twitter.ClaudiuPopa.com, Book.ClaudiuPopa.com, Blog.ClaudiuPopa.com
Contact:
Claudiu Popa
Informatica Corporation Information Security/Risk Management
Toronto, ON
416-431-9012
Info@InformaticaSecurity.com
http://www.informaticasecurity.com/
