Bill 64: Are You Ready?

On September 22, 2022, the first set of amendments from Bill 64, specifically to Quebec’s Act respecting the protection of personal information in the private sector (Quebec Privacy Act) will come into force. Although most amendments will come into force in September 2023, we wanted to highlight some key new obligations for all enterprises who do business across Canada and use personal data in the process of doing business.

PRIVACY OFFICER DELEGATION
“3.1. Any person carrying on an enterprise is responsible for protecting the personal information held by the person.

Within the enterprise, the person exercising the highest authority shall see to ensuring that this Act is implemented and complied with. That person shall exercise the function of person in charge of the protection of personal information; he may delegate all or part of that function in writing to a personnel member.

The title and contact information of the person in charge of the protection of personal information must be published on the enterprise’s website or, if the enterprise does not have a website, be made available by any other appropriate means.”

Now, by default, the person exercising the highest authority within the enterprise, for example the Chief Executive Officer, as the “person in charge of the protection of personal information.”

The role and activities of the “person in charge of the protection of personal information” can be delegated to any person, in-house or an outside privacy professional. Be sure to put this in writing.

The title and contact information of the person in charge of the protection of personal information must also be published on the organization’s website or, if the organization does not have a website, by any other appropriate means.

MANDATORY REPORTING OF “CONFIDENTIALITY INCIDENTS”
Sections 3.5 through 3.8 include a requirement to document a Confidentiality Incident Reporting Plan and train all employees in theses policies and procedures.

Read the Full article at Newport Thomson