Learn how Server Cloud Canada met the needs of A Public Health Organization (the name of the organization has been removed for privacy reasons) with an improved disaster recovery solution through the SCC Vault providing secure, fexible, compliant, and fully manageable cloud based DR planning tool.
The Personal Information Protection and Electronic Documents Act (PIPEDA) is Canada’s set of privacy laws that pertain to how commercial entities manage the collection, use, and disclosure of personal information. This multi-part series equips Canadian businesses with the information they need to bring their organization into compliance with the laws. The first segment, Canadian Privacy Laws: PIPEDA and its core Principles in the Cloud, introduced readers to PIPEDA and discussed various concerns that businesses may face regarding the handling of personal information.
The internet has changed the way the world views just about everything, causing the legal system to endure intense scrutiny – particularly privacy laws. As lawmakers have scrambled to keep up with the explosive growth of this technology, an increasing number of Canadian businesses are relying on the internet for the majority of their organizational needs. As they become more and more data driven, they are capitalizing on cloud technology for storage and sharing of information. Many of those that have not yet moved to the cloud are beginning conversations to move in that direction.
The advent of cloud computing and the increase in transborder data flow, or the flow of data across national borders from the source country, has brought a rise in concerns about privacy.
Data, while stored in another country, is subject to that country’s laws and regulations in regards to how data is managed, stored, and most importantly, how it is secured and kept private.
As Canadians, two separate federal privacy laws protect our privacy. These laws govern the information that businesses can collect on other Canadians, as well as how organizations must manage and protect that data.
As of January 1, 2004, PIPEDA applies to every organization that collects, uses or discloses personal information in the course of commercial activities. However, the federal government may offer an exemption organizations and/or activities in provinces deemed to have adopted substantially similar privacy legislation (more on this later).