OPC releases “Guidelines for Processing Personal Data Across Borders”

29 Jan

On January 27th, the federal Privacy Commissioner released a document entitled “Guidelines for Processing Personal Data Across Borders.” The guidelines reflect the OPC’s pragmatic approach to the issue, but seem to put slightly greater emphasis than in prior commentary on the need for organizations to examine local and polictical factors in their due dilligence process:

In the case of outsourcing to another jurisdiction, PIPEDA does not require a measure by measure comparison by organizations of foreign laws with Canadian laws. But it does require organizations to take into consideration all of the elements surrounding the transaction. The result may well be that some transfers are unwise because of the uncertain nature of the foreign regime or that in some cases information is so sensitive that it should not be sent to any foreign jurisdiction.

The Guideline is available here.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: