Canadian Data Privacy Laws
Do you know the data laws for your business in Canada?
Many Canadian companies rely on storing data in the cloud for the majority of their organizational needs.
Cloud storage offers many benefits to both the consumer and the business, such as increases efficiencies, reduced IT costs and improved network storage capabilities by allowing on-demand access to networks, servers, applications and services.
In Canada, data is subjected to federal and provincial data legislation. Therefore, even if you technically own your data, federal and provincial governments have control over data privacy within their areas of jurisdiction.
Canadian Privacy Laws
For businesses looking to store their data digitally, it is important to be aware of local privacy laws and understand how they will impact you.
There are two federal privacy acts enforced in Canada:
1. Privacy Act
The Privacy Act governs how the public sector, such as federal government departments and agencies deal with an individual’s personal information. Under the Privacy Act, individuals have the right to access and request correction of personal information about themselves. Every province in Canada has its own public sector privacy legislation.
2. Personal Information Protection and Electronic Documents Act (PIPEDA)
PIPEDA governs how private sector organizations collect, use and disclose personal information in commercial activities. All organizations engaged in commercial activity throughout Canada (with some exceptions) are required to comply with this act and are responsible for monitoring their own compliance.
PIPEDA stipulates that organizations are not allowed to use the information that they collect for any purposes other than what was agreed upon at the time of collection. This also means that the information cannot be shared with any third-parties unless express consent is obtained.
The provinces of British Columbia, Ontario, Quebec, New Brunswick, Nova Scotia, and Newfoundland have laws in place that are similar to PIPEDA. However, when organizations are dealing with federal works, undertakings or business, PIPEDA will be applicable over the provincial law.
Data Residency Matters
By keeping your data stored on Canadian servers, you are only subject to Canadian privacy laws.
Storing information on a web-based platform that is located in another country can have serious implications for your business and subject you to international privacy laws.
For this reason, it is very important to take data residency into consideration when transitioning your Canadian business to a web-based document storage and management platform.
Octacom adheres to high-security standards while working with our clients’ documents.
Octacom is a PIPEDA (Personal Information Protection and Electronic Documents Act) and PHIPA (Personal Health Information Protection Act) compliant organization with designated privacy officers, written privacy policies and a staff privacy training program.
We understand the confidential nature of our client’s records and the issues surrounding the protection of the personal information of which our clients may entrust us as agents.
Octacom’s OdissTM Software is developed, supported and maintained by Octacom and strictly follows industry-specific guidelines and policies in order to maintain the utmost security and discretion in every sector and are compliant with all data laws in Canada.
Contact us to learn more about our secure solutions for your business.