Why not visiting?

Bill 64 – Quebec’s newest privacy legislation

On June 12, 2020, the Quebec government introduced a bill to modernize the province’s privacy legislation, which will apply to public bodies and private enterprises established in Quebec as well as any business that has a digital presence in Quebec.

bill64 one pager

Bill 64 will impact how businesses collect and store personal data pertaining to their customers, clients, employees, etc. Any business that has a digital presence in Quebec could be fined if the new Bill 64 requirements are not properly met – especially in the event of a security breach. Businesses could face fines of up to $25 million or 4% of an its previous year’s worldwide turnover. Non-compliance could also damage an organization’s reputation.

WHAT YOU NEED TO KNOW:

Bill 64 proposes a number of new requirements. By default, the person exercising the highest authority within the organization would be responsible to ensure that the organization implements and complies with the Act, once it’s passed. This person can delegate all or parts of that function to a Chief Privacy Officer.

WHAT ARE THE PROPOSED REQUIREMENTS?

Bill 64 proposes several new requirements that apply to all businesses in every industry if they have a digital presence in Quebec:

  • New breach notification requirements: i.e., the timely notification of any confidentiality incident to the Comission d’accès à l’information (CAI).
  • New individual rights: the right to be forgotten, the right to object automated decision-making, the right to de-indexing, etc.
  • New outsourcing requirements: written agreements need to be in place when outsourcing is involved to present the third party’s measures to ensure personal data privacy.
  • Privacy impact analysis: would be required to assess if your projects involve personal data and determine how best to secure said data.
  • More requirements include (but are not limited to): governance policies and practices, data privacy policies, employees and organizational awareness and training, and time constraints.

Learn more about how Bill 64 will impact your business

ARE YOU READY TO COMPLY WITH BILL 64?

Six questions business owners should ask themselves.

  1. Where and how is your organization’s data stored?
  2. What type of personal data is stored or used by your organization?
  3. How many third parties have access to your organization’s personal data?
  4. Do you have personal data protection policies?
  5. What measures are in place at your organization to protect the personal data of your employees and customers?
  6. Do you have efficient practices and internal controls in place to ensure personal data security?

HOW CAN RICHTER HELP?

The compliance process is long, requires many diagnostics, resources and a detailed understanding of the law. Our multidisciplinary experts can assist you in all strategic actions leading to compliance with Bill 64 and with all tactical actions ensuring your business remains compliant going forward.

bill64

Meet our experts

The people behind the expertise.
Yves Nadeau

Yves Nadeau

CPA auditor, CA, CRMA, CFE
An expert advisor recognized by boards of directors, audit committees and senior management, Yves advises his clients on strategic planning, corporate governance, risk management and internal auditing.
Massimo Cecere

Massimo Cecere

CPA, CA, CRMA
Massimo is an expert advisor in business strategy, risk management, governance, CFO advisory and internal audit.
Raymond Vankrimpen

Raymond Vankrimpen

CISA, CISM, CISSP, CRISC
Ray Vankrimpen genuinely enjoys delivering his boutique brand of consulting, implementation and audit expertise in the areas of cybersecurity, privacy, IT risk management and data quality.
David Lachmansingh

David Lachmansingh

CISA, CISSP, CRISC, Splunk Certified Administrator
David is passionate about making sure his clients succeed. An inveterate enthusiast, he helps his clients become more innovative and effective in their operations by evaluating and adopting the right cutting edge technologies to meet their needs.
David Greenham

David Greenham

CISSP, CCSP, CISM, CISA, QSA, SABSA SCF, ISO 27001 Lead Auditor
David Greenham’s commitment to delivering quality work and providing excellence in service is unmatched. With quiet dedication he ensures his clients are cared for and always goes the extra mile to help his colleagues find success.
Asif Mohammed

Asif Mohammed

MBA, CISA, CRISC
Composed, yet infectiously lively, Asif Mohammed is known for sharing his professional insights with passion and vigour.  He always makes a point of developing genuine connections with colleagues, clients, and almost everyone he meets.
Will Xiang

Will Xiang

CPA, CA, CITP, CAMS
Your business, culture, and problems are unique. Therefore, solutions rarely take the form of a one-size-fits-all package. Will prides himself in bringing the proper industry-leading risk management solution to fit your specific short term needs and strategic goals.

Tailor-made solutions