Insights on breach notice,Canada

breach notice, Canada, data protection law, EU Data Protection Directive, Mexican, Mexico, PIPEDA, Security, transborder data flows

Mexico's New Data Protection Law

By W. Scott Blackmer on July 28, 2010

Mexico has joined the ranks of more than 50 countries that have enacted omnibus data privacy laws covering the private sector. The new Federal Law on the Protection of Personal Data Held by Private Parties (Ley federal de protección de datos personales en posesión de los particulares) (the "Law") was published on July 5, 2010 and took effect on July 6. IAPP has released an unofficial English translation. The Law will have an impact on the many US-based companies that operate or advertise in Mexico, as well as those that use Spanish-language call centers and other support services located in Mexico.

Read more

assessment, audit, Breach, breach notice, Cloud, cloud computing, Computing, contracting, contracts, Contracts Breach, forensics, incident, incident response, liability, notice, privacy, provider, Regulation, response, schedule, Security, security assessment, security breach, security schedule, service, service provider, service provider liability

What's in Google's SaaS Contract with the City of Los Angeles? Part Three.

By InfoLawGroup LLP on June 23, 2010

This blogpost is the third (and final) in our series analyzing the terms of Google's and Computer Science Corporation's ("CSC") cloud contracts with the City of Los Angeles. In Part One, we looked at the information security, privacy and confidentiality obligations Google and CSC agreed to. In Part Two, the focus was on terms related to compliance with privacy and security laws, audit and enforcement of security obligations, incident response, and geographic processing limitations, and termination rights under the contracts. In Part Three, we analyze what might be the most important data security/privacy-related terms of a Cloud contract (or any contract for that matter), the risk of loss terms. This is a very long post looking at very complex and interrelated contract terms. If you have any questions feel free to email me at dnavetta@infolawgroup.com

Read more

Alberta, breach notice, British Columbia, Canada, Ontario, Quebec

Security Breach Notices for Canadian Data

By W. Scott Blackmer on March 19, 2010

Notice of significant security breaches involving personal information is recommended under federal Privacy Commissioner guidelines and legally required for custodians of personal health information in Ontario. Albert's new Bill 54, not yet in force, sets a new standard for mandatory notification to the provincial Privacy Commissioner, who can determine whether and how individuals must be notified.

Read more

agreements, breach notice, certification, compliance, confidentiality, contracts, incident response, indemnification, information security, insurance, liability, risk management, standards

Information Security Clauses and Certifications - Part 1

By W. Scott Blackmer on January 17, 2010

Service contracts that involve protected personal information should include provisions allocating responsibility for protecting that information and responding to security breaches. Increasingly, this means incorporating specific references to applicable laws and information security standards, and often certifications of conformance.

Read more