Nearest broker: Searching for a broker nearby…
Nearest broker: Sudbury Phone: (705) 523-2030 Penetanguishene Phone: (705) 549-7437 Ottawa Phone: (613) 733-3312 Parry Sound Phone: (705) 746-2441 Orillia Phone: (705) 325-4234 Kemptville Phone: (613) 258-5991 Eganville Phone: (800) 884-1045 Petawawa Phone: (613) 687-4805 Belleville Phone: (800) 361-0941 Winchester Phone: (800) 487-3706 Wellington Phone: (613) 399-3620 Trenton Phone: (877) 455-0299 Prescott Phone: (877) 504-3569 Picton Phone: (888) 475-2776 Peterborough Phone: (800) 958 2270 Perth Phone: (877) 248-1222 Pembroke Phone: (877) 399-3299 Oshawa Phone: (800) 887-7309 North Bay Phone: (705) 475-0001 Napanee Phone: (613) 354-2152 Morrisburg Phone: (800) 806-0746 Midland Phone: (888) 737-6465 Madoc Phone: (613) 473-5266 Kingston Phone: (800) 590-5422 Gananoque Phone: (800) 932-2131 Embrun Phone: (866) 853-4740 Crysler Phone: (888) 292-7098 Courtice Phone: (888) 761-0443 Cornwall Phone: (844) 463-3616 Cobourg Phone: (800) 895-5902 Carleton Place Phone: (888) 237-9517 Brockville Phone: (888) 345-8663 Brighton Phone: (613) 475-1430 Barry’s Bay Phone: (866) 845-2123 Barrie Phone: (705) 726-3350 Bancroft Phone: (800) 994-0036 Arnprior Phone: (800) 668-7337
Get a Quote
Open Menu
masked person holding laptop

Cyber Insurance Has Never Been More Important

Once upon a time, Cyber Crime was the stuff of Hollywood and Science fiction. But recently it has affected our everyday lives. Did Russia really influence the U.S. election?  Did 1 Billion people’s information get hacked on Facebook? According to the Canadian government, over 70% of Canadian businesses have been victims of Cyber attacks or breaches and the average cost of those attacks was $15,000.

We recently realized from our own client’s experience and claims that anyone who uses a computer for their business needs to think seriously about cyber insurance. The landscape is changing daily with both the cyber attacks and risks that can affect your business and the legislation around what you, as a business owner, need to do when it comes to cyber attacks.

What is Changing Nov. 1st with the New Legislation?

As of November 1st, 2018 the Personal Information Protection and Electronic Documents Act, otherwise known as PIPEDA, is changing. PIPEDA is the federal privacy law for private-sector organizations and it lays out the ground rules for how businesses must handle personal information. Starting Nov. 1st organizations will be required to do three things in the event of a cyber breach of personal information:

  1. Report privacy breaches to the Office of the Privacy Commissioner of Canada.
  2. Notify individuals about privacy breaches.
  3. Keep and maintain records of all privacy breaches.

Meaning, if you are a business operating in Canada, you will have to pay extra attention to safeguarding your data. Should a cyber attack impact your business, cyber insurance is designed to help respond and protect you from future threats.

Reporting Privacy Breaches to the Office of the Privacy Commissioner

If an organization determines that a breach of security has occurred and poses a risk, the organization will be required to report it to the Privacy Commissioner of Canada. In the event of a privacy breach organizations will be required to report the breach in writing and it must contain:

  • A description of the circumstances of the breach and, if known, the cause
  • The day on which, or the period during which, the breach occurred, or if neither is known, the approximate period
  • A description of the personal information that is breached to the extent that the information is known
  • The number of individuals affected by the breach, or if unknown, the approximate number
  • A description of the steps that the organization has taken to reduce the risk of harm to each affected individual resulting from the breach or to mitigate the harm
  • A description of the steps that the organization has taken or intends to take to notify each affected individual of the breach in accordance with subsection 10.1(3) or the Act and
  • The name and contact information of a person who can answer, on behalf of the organization, the commissioner’s questions about the breach.

Notify Individuals About Privacy Breaches

One of the most important aspects of the new legislation is to ensure the individuals affected understand the significance and potential impact of the breach. When notifying an individual you must contain:

  • A description of the circumstances of the breach
  • The day on which, or period during which, the breach occurred, or if neither is known, the approximate period
  • A description of the personal information that is breached to the extent that information is known
  • A description of the steps that the organization has taken to reduce the risk of harm that could result from the breach
  • A description of the steps that the affected individual could take to reduce the risk of harm form the breach or to mitigate that harm
  • Contact information that the affected individual can use to obtain further information about the breach.

Keep and Maintain Records of All Privacy Breaches

Organizations that are aware of a breach of security or cyber attack must keep and maintain a record of the breach. This includes any breach regardless of whether it poses a real risk or not. The records need to be maintained for 2 years after the organization becomes aware the breach or attack has occurred.

Penalties for Failure to Comply

Any organization that knowingly fails to report or maintain records of a breach or cyber attack as outlined by the new legislation will be subject to fines of up to $100,000.

How Will Cyber Insurance Help My Company?

There are several ways to protect your business from a cyber attack or breach. However, it can be difficult to stay ahead of the game and prevent potential attacks from occurring. Assessing your organization and understanding where potential threats may occur and what kind of information you are storing for your clients is important. For more information on how to help prevent a cyber attack checkout these 5 helpful tips. An assessment is a good place to start but adding a cyber insurance policy is the best way to protect what you cannot prevent. Here are a few of the areas a cyber insurance policy will cover:

  • Costs to recover your organizatons data, and get you back up and running
  • Pay ransomware or advise on how to proceed
  • 3rd party costs to assist your clients who may have had their information exposed or stolen
  • Investigating the legitimacy of the event
  • Business interruption

 

Are you in need of a cyber insurance policy or want more information? You can call us directly at 1-800-361-0941 or fill out a quote and have one of our cyber insurance experts make sure you have the proper protection in place.

 

No comments found.
Anonymous User

Leave a Reply

Your email address will not be published. Required fields are marked *

You Might Want to Read

Meet the Dougallers: Rebecca Slaughter
Meet the Dougallers is back with Rebecca Slaughter who is part of our new office in Petawawa! We sat her down to find out a...
Welcome Burr Insurance to the Team!
Burr, is it cold in here? Not anymore, we are heating things up with the addition of Burr Insurance to the McDougall Insurance team! Burr...
McDougall Family Fund 2021!
Our McDougall Family Fund is back! Go to our Facebook Page for full details. What is the McDougall Family Fund Contest? This is our 8th...
Request a Free Quote

It’s simple and won’t take long.

Get a Quote800-361-0941

Person standing, looking down at laptop