Site Search
Use small fonts Use medium fonts Use large fonts Email link to page PDF this page


Related people 1
Bernice Karn Bernice Karn
t: 416 869 5721
Email Bernice Karn email


Related people 2
Marco Ciarlariello Marco Ciarlariello
t: 416 869 5334
Email Marco Ciarlariello email


Canada has had municipal, provincial and federal public-sector privacy and freedom of information legislation in place for some time. Prompted by public opinion and developments in other jurisdictions such as the European Union, Canada enacted federal privacy legislation, effective January 1, 2004, known as the Personal Information Protection and Electronic Documents Act (PIPEDA) to cover the private sector. Today, PIPEDA applies in all jurisdictions in Canada. As well, several provinces have enacted similar privacy legislation to govern the treatment of personal information within provincial borders.

At Cassels Brock, we help clients through the myriad of laws and regulations that may apply to them in protecting privacy in electronic data. Some clients we have assisted recently in the area of privacy law include:

  • Retailers with stores in all provinces and territories
  • Pharmaceutical companies and medical device/technology companies
  • Canadian universities
  • Hospitals and health-care institutions
  • Non-profit organizations, including charitable foundations
  • E-commerce companies
  • Call-centre service providers
  • Insurance companies and brokerages

We have the expertise to help clients understand their privacy obligations. Our support includes:

  • Commenting on proposed government privacy laws and regulations
  • Explaining privacy requirements to boards and senior management as well as to the staff that will be implementing the policies related to privacy compliance
  • Conducting audits to assess how an organization collects, uses, retains and discloses personal information, and what consents are needed from individuals to allow the organization to continue these practices
  • Drafting contractual agreements with detailed privacy and security requirements
  • Drafting consent forms for the collection, use and disclosure of personal information
  • Developing workable privacy policies that front-line employees can understand and observe, and helping develop training programs to convey the privacy policy requirements to staff at all levels
  • Designing systems and procedures for clients to meet requirements of federal and provincial regulations
  • Creating procedures to monitor enforcement of privacy policies
  • Assisting Canadian companies with extraterritorial compliance in major markets such as the United States and the European Union
  • Interpreting Canadian privacy rules for U.S. and other foreign companies operating here
  • Providing updates on new privacy trends and advising on cybersecurity issues
  • Advising on government and regulatory affairs involving privacy issues
  • Assisting our clients who possess sensitive personal health information to understand how multiple laws that deal with the privacy and confidentiality of personal health information interact
  • Representing clients in disputes involving privacy and confidentiality