Data Transfers from EU to US “unlawful”; EU Signals Enforcement Actions Possible After January, 2016

The re-posting of this article is part of a cross-posting agreement with CyberLex. On Friday, October 16, 2015, the Article 29 Working Party (“WP29”) released a statement on the decision of the Court of Justice of the European Union (“CJEU”) in the case Schrems v Data Protection Commissioner (C-362-14), the landmark decision which invalidated the […]

How to Discipline Cyber-Snooping Employees

The re-posting of this article is part of a cross-posting agreement with CyberLex. In a digitized world, it can be all too easy for unauthorized employees to access confidential information in the workplace, as recent breaches at the Saskatchewan Cancer Agency and some Ontario hospitals have shown. Employers should be prepared to take appropriate disciplinary […]

U.S. Federal Financial Institutions Examination Council (FFIEC) Releases Cybersecurity Assessment Tool

The re-posting of this article is part of a cross-posting agreement with CyberLex. On June 30, 2015, the FFIEC released its cybersecurity assessment tool designed to assist U.S. financial institutions and regulatory examiners identify inherent cybersecurity risks and determine preparedness level of financial institutions.  The cybersecurity assessment tool and other resources can be found here.

Businesses Should Re-evaluate Approach to Privacy with Passage of Digital Privacy Act

The re-posting of this article is part of a cross-posting agreement with CyberLex. The Digital Privacy Act (Bill S-4) passed into law yesterday, introducing (among other things) significant fines and mandatory breach notification (not yet in force) into the Personal Information Protection and Electronic Documents Act (PIPEDA). Organizations which handle personal information in the course […]