Tag archives: GDPR

Data privacy in M&A: new reporting and notification requirements

It is time for organizations to think ahead and prepare for new requirements imposed under the Digital Privacy Act (formerly known as Bill S-4). The new requirements, which will result in significant amendments to the Personal Information Protection and Electronic Documents Act (PIPEDA), will come into force on November 1, 2018.

The new requirements impose mandatory reporting and notification for data breaches. Once in force, organizations subject to PIPEDA will be required to notify the Privacy Commissioner of Canada (the Commissioner) and affected individuals in the event of a data breach. Organizations must do so if the … Continue Reading

Legal update: new European data privacy law comes into force on May 25, 2018

On May 25, 2018 the European Union’s General Data Protection Regulation (GDPR) will come into force. The GDPR will create new requirements for Canadian companies that handle the personal information of European individuals. The GDPR also allows for heavy penalties to be imposed on organizations that fail to comply with this new regulatory regime. Based on this, Canadian companies who are involved in M&A transactions should be sure to determine whether the GDPR applies to a target and carefully consider the risks associated with non-compliance.

The GDPR regulates the processing by an individual, a company or an organization … Continue Reading

Data privacy in M&A: looking forward into 2018

With an ever-growing public awareness of the implications of data privacy (or rather, lack of data privacy), increased emphasis on best data practices is likely to influence mergers and acquisitions (M&A) in 2018 and beyond. Different jurisdictions have opted for varying kinds of regulations, each of which may affect transactions in unique ways. In particular, the European Union (EU) is preparing to implement new, strengthened data privacy regulations in 2018.

Looking ahead, the EU is now poised to implement the General Data Protection Regulation (GDPR). Implementation is expected to occur on May 25, 2018. … Continue Reading

LexBlog