The New Mandatory Data Breach Reporting Regimes: Four Key Elements
On October 15, 2018 Statistics Canada published the results of a survey on cyber-security revealing that more than one in five Canadian businesses has been targeted by a cyber-attack, and that in 2017 they spent $14 billion to prevent and/or deal with the consequences of such security incidents. As a general rule, businesses have no legal obligation to report a cyber-attack to government authorities unless personal information is involved and applicable legislation imposes a mandatory reporting regime.