What legal penalties could an organization face if it does not comply with privacy requirements?
In Canada, Europe, and in the United States, class action lawsuits have been filed against organizations whose failure to implement adequate privacy and security protections have led to financial losses or other damage. Damage awards in the millions of dollars have been sought. As incidents of information theft and identity theft are rising across Canada at a rapid rate, organizations are increasingly at risk of facing litigation as a result of any failure to protect the personal information they have collected. Under the privacy legislation applying to private sector and public sector organizations in Canada, the enforcement authority will investigate all privacy complaints received, and has the power to conduct an audit of an organization’s personal information management practices. The enforcement authority may publicly release the results of a complaint investigation or an audit. Recommendations made by an enforcement authority following an investigation or an audit are enforceable
Related Questions
- Apart from legal penalties, what "bottom line" effects is an organization likely to face if it does not adhere to general privacy principles?
- What penalties or sanctions can an H-1B employer face for non-compliance of the H-1B program requirements?
- What legal penalties could an organization face if it does not comply with privacy requirements?
