Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
According to Canadian lawyers who specialises in cybersecurity and data protection law, very few Canadian organisations are properly prepared to handle data breaches.
This is substantiated by the fact that the average data breach cost in Canada is the second highest in the world, according to the 2017 IBM and Ponemon Institute report. This consensus of how bad things may be is generally shared by many Canadian lawyers as well, with even the most basic protection models not in place for minimising data breaches.
Bradley Freedman, Vancouver-based law firm partner, said:
“…many Canadian organisations haven’t done some of the basic things that regulatory guidance and best practices suggest to minimise risk of a data breach.”
It seems that in many cases organisations are either not implementing data protection measures at all, or they’ve severely curtailed their desire for protection. Mr Freedman went on to say: “in my view it’s short-sighted and misguided” in terms of how organisations may choose to put resources into other parts of the business as opposed to data protection.
Risk Based Security, a cybersecurity firm, released data that showed Canada to be the third country in the world to have the greatest number of data breaches so far this year. Just falling behind the U.S. and U.K., Canada have reported 59 data breaches so far.
By comparison with other global influencers, China have only reported 22 data breaches, and there were only 19 publicly reported data breaches in Russia.
Of course, this report may not be the best indicator of whether Canada are within the top three countries that have the most data breaches, but it does say a lot as Canada’s data breach reporting apparently isn’t mandatory.
Mandatory data breach reporting will come into effect later this year when Ottawa enforces a rule (Protection of Personal Information and Electronic Documents Act (PIPEDA)) for organisations that come under ‘federal jurisdiction’ to do so. This refers to organisations that are overseen by the government.
Even though there isn’t mandatory data breach reporting in Canada, a failure to notify relevant regulators and organisations may lead to an investigation to find out if the organisation failed to undertake its responsibility to keep personal data safe. Therefore, many Canadian organisations may wish to consider reporting a data breach even if it’s not specifically required by law.
According to the IBM and the Ponemon Institute study, an average data breach costs Canadian companies $5.78 million (£4.44 million). Canada’s average data breach cost was reported to be the second highest in the world, and the cost was above the world average of $3.62 million (£2.78 million).
The study found that Canadian organisations who managed to contain a breach in less than 30 days were able to save $1.79 million (£1.38 million) in costs when compared to organisations who take longer than a month to deal with a breach.
So, the takeaway message here seems to be that those organisations who are proactive in their data breach protection and response approach can drastically reduce their costs.
As many experts say, the view should be ‘when’ data breaches happen, and not ‘if’.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020