Page 13 - CCCA61_2010
P. 13
CCCA_V4No1_Dept-Technology-FIN.qxd:CCCA_V1No2_Dept-CrossBdr-V1.qxd 2/3/10 11:38 AM Page 13 Technology “ It’s a more economic way of managing data, but there’s definitely a loss of control ” in the process. Lisa R. Lifshitz, Gowling Lafleur Henderson LLP the absence of key representations their personal information has been and warranties, indemnities, etc. compromised.“Many U.S. jurisdic- It’s corporate counsel’s job to help remind them of these impor- tions have mandatory breach notification requirements,” says tant issues during negotiations and help resolve them.” Lifshitz.“It’s coming to Alberta [the amended Personal Information Furthermore, Lifshitz says that “it’s incumbent for companies to Protection Act was passed on Nov. 26, 2009] and Ontario has it for put safeguards in a contract because we cannot assume that what’s health-care information under the Personal Health Information adequate in the U.S., for example, is adequate in Canada.You need Protection Act.” to take protective steps to ensure that standards are consistent with, At the federal level, adds Gratton,“there’s no law but there’s a and sufficient, from a Canadian perspective… [because] there are guide; this will likely change.There are hints that things are going still differences between the U.S. and Canada in the areas of priva- to go this way.” cy and data protection.” But regardless of where data is heading,it must be accurately pro- Pablo Fuchs is aToronto-based business writer. tected, says Ryk Edelstein, a partner with Montreal-based Converge Net Inc., a firm that specializes in helping companies secure the flow of information,in and outside of the organization, so that they meet their regulatory objectives.He notes that the first step you must take in such a process is identifying what is confi- dential data and what isn’t; then, you have to build a policy to ensure that confidential data is safe; and, finally, you have to enact and protect that policy by adopting the necessary technologies. “You have to build technology models with pervasive encryption [because] any information that’s transferred between clouds or companies and subject to compliance must INSOLVENCY ADVISORS be protected,” he says. “You want to ensure that data is providing innovative legal solutions encryptable and uninterceptable.You can either encrypt a file to critical financial problems and send it, or create secure channels, or you can do both.You want to build processes that are pervasive.” Although the IT department is responsible for much of data Philippe Lalonde protection, corporate counsel must get involved too. Being Calgary Office knowledgeable in compliance issues, it is their job to ensure 403.260.1465 that everybody in the organization is on the same page, says plalonde brownleelaw.com Edelstein, reminding companies that data “must be protected www.litigationlawblog.ca because information is as valuable as any real asset. [But] each environment is different.You have to understand it, understand the data and what you need to do to protect it.” Dan Peskett The role of corporate counsel in handling such concerns will Edmonton Office continue to grow as the world becomes more and more digitized 780.497.4875 and as governments continue to ramp up regulatory require- ments. Increasingly,governments will require that companies that dpeskett brownleelaw.com have suffered a data breach must publicly notify customers that www.brownleelaw.com PRINTEMPS 2010 CCCA Canadian Corporate Counsel Association 13 CCCA61_013.indd 1 2/4/10 3:46:20 PM
