Since September 2022, businesses with activities in Quebec or handling the information of its residents have had to progressively adhere to Law 25, Quebec’s newest standard for privacy and data protection.  Quebec’s Law 25 is an amendment to the former ‘Act Respecting the Protection of Personal Information In The Private Sector’, and introduces new guidelines […]

Most companies ignore the costs of non-compliance until they face the consequences: difficulty to close deals  struggling to enter and sell in new markets, or being subjected to regulatory fines. This happens either due to ignorance towards local regulations and responsibilities, or because they’re too focused on growing, to the point where they leave compliance […]

Quebec’s privacy and data security arena is transforming, and organizations are already racing against time to adapt. Mirroring the advanced privacy benchmarks set by Europe’s General Data Protection Regulation (GDPR), Quebec’s National Assembly unanimously passed Law 25, also known as The Privacy Legislation Modernization Act, on September 21st, 2021. The regulation’s rollout consists of three […]

Accelerated tech transformation amidst the post-pandemic shift to remote work has expanded the attack surface and made organizations more vulnerable to cyber threats. Over six million data records were leaked in worldwide data breaches only in early 2023, with costs reaching an all-time high of $4.5 million. This makes ISO 27001 an invaluable certificate, as […]

If you’re building a healthcare compliance program, this resource will help you preserve patients’ privacy and safeguard the security of their medical information to build a posture of HIPAA compliance. The Health Insurance Portability and Accountability Act (HIPAA) requires any organization receiving, storing, transmitting, or processing protected health information (PHI) to keep that information private […]

PCI DSS is short for Payment Card Industry Data Security Standard, and it involves a specific set of requirements intended to ensure that all businesses that store, transmit, or maintain any cardholder data maintain a secure environment. Organizations such as merchants, issuers, acquirers, and processors all fall under the umbrella. Basically, if you accept payment […]

Today, all businesses handling customer data are responsible for ensuring its safety. Compliance standards serve as widely respected frameworks in data security, helping organizations establish robust security programs and mitigate risks for customers when engaging with new vendors.  ISO 27001 and SOC 2 are among the most globally recognized compliance standards around and your potential […]

Is your company starting its security compliance journey? Are you interested in obtaining an SOC 2 audit report?  We’ve put together the following Checklist to help provide an overview of the process.

Essentially, both SOC 2 reports and Security Questionnaires serve the same purpose. They each demonstrate your security posture to potential partners and clients. So, what do they have in common, how do they differ, and what happens when a potential partner or client makes the request?    SOC 2  Established by the American Institute of […]

Requiring lengthy and complicated compliance processes and with potential fines in the millions of dollars, Law 25 is something businesses dealing with Quebecers’ personal information can no longer ignore.  Here’s what you need to know to make sure you aren’t found to be noncompliant.