PIPEDA & Compliance

B

On January 1, 2004, the Personal Information Protection and Electronic Documents Act (PIPEDA) came into force across Canada governing all commercial transactions in the country except intra-provincial commercial activities of organizations in a province where the province has enacted substantially similar legislation to the Federal Act. To date, three provinces have substantially similar legislation in place: British Columbia, Alberta and Quebec.

On June 18, 2015, the Digital Privacy Act became law, amending PIPEDA to include a business transaction exemption, mandatory breach notification requirements, enhanced powers for the Privacy Commissioner, and various other updates.

As of November 1, 2018, organizations across Canada subject to the PIPEDA will be required to provide notice of certain privacy breaches. The Breach of Security Safeguards Regulations (“Regulations”) were published on April 18, 2018.

Member Guides

Blogs & Member Bulletins

Presentations & Webinars

CMA Submissions to Government

Government Resources

CMA Research

Data Privacy Study: What the Canadian Consumer Really Thinks

To better understand Canadian consumer perspectives, the CMA recently participated in a global study conducted by Foresight Factory in 10 countries.

Read More
Report & Findings

Canadians want user-friendly information about privacy policies

In a study commissioned and guided by the Canadian Marketing Association (CMA)’s Privacy and Data Advisory Committee, it was found that consumers want to read privacy policies, but they have to be user-friendly.

Read More
Media Release
Additional Information & Analysis
CMA Blog & Analysis
Report & Findings