PIPEDA COMPLIANCE: PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT

Organizations covered by Canada’s PIPEDA must generally obtain an individual's consent when they collect, use or disclose
that individual's personal information. People have the right to access their personal information held
by an organization. They also have the right to challenge its accuracy.


Personal information can only be used for the purposes for which it was collected. If an organization is going to use it for another purpose, they must obtain consent again. Personal information must be protected by appropriate safeguards.

  • ES Cyber Solutions

    "PIPEDA, while similar to the EU initiative GDPR, is different in that it adds a challenge for businesses security to locate and secure private data. Therefore, just as ES Cyber Solutions’ Forcepoint DLP Rules form an integral part of a client’s GDPR Procedures, we leverage PII Rules to ensure PIPEDA Compliance."