11:30

  • Activating The Incident Response Plan
  • Moving in accordance with policies, protocols, processes and procedures that guide how incidents are detected, reported, assessed, and responded to
  • Key regulatory developments and trends
  • Determining the source of the breach and whether threshold for notification has been reached
  • New breach notification rules
  • Examining the breach reporting legal threshold for determining “real risk of significant harm”
  • Assessment tools/ the privacy breach tool kit
  • How can the test be made more objective and more robust?
  • Obligation to report “as soon as feasible” – what does this mean?
  • Obligation to maintain accurate, complete and current records of an incident and decisions made with respect to response
  • Description of incident containment and investigation re specific risks
  • Obligation to keep records of all breaches so the Commission can assess compliance with the law as required – what does it entail?
  • Handling multiple jurisdictions
  • Determining content of communications to commission and customers/clients – direct versus indirect notice
  • Tension between legal and communications about what should be released
  • Media and public relations
  • Setting out strategies for maintaining legal privilege with respect to communications and documentation relating to the incident
  • Court cases, class actions and penalties for data security breaches
  • Who’s doing what out there and how do you compare?
  • Are you over or under cautious?
  • Post-incident analysis
  • Engaging with law enforcement