Skip to content
  • Our Experts
  • Client Space
Our Experts
Contact us

Protection of personal information

To comply with Law 25, your business must establish a governance program that protects the personal information you collect.

Québec’s Act to modernize legislative provisions as regards the protection of personal information (Law 25), which came into force on September 22, 2021, requires that organizations that collect, use or store personal information have a governance program to ensure the protection of this information.

To achieve this, covered entities must adopt policies, methodologies, procedures, as well as data capture and data management tools to implement this governance program.

Your organization’s obligations towards the protection of personal information

You must identify a person in charge of the protection of personal information so as to fulfil your obligations under Law 25. These include:

  • Assessing whether a privacy incident may cause a risk of serious harm to the individuals involved;
  • Ensuring compliance of all processing activities;
  • Responding to access requests from individuals involved, within the timeline prescribed by Law 25, while making sure to establish their identity.

Governance solutions

Our experts know the ins and outs of Law 25 and will assist you in drafting the required policies, methodologies and procedures.

In addition, they will guide you towards technological solutions for automating the creation of personal information files and controlling your processing activities.

Our unique approach combines technology and professional expertise without the additional cost of an internal resource.

You may
also like

  • loi 25 | Protection des renseignements personnels | Décisions automatisées
    Insights

    Law 25: the Issue of Automated Decisions

    Does your organization make decisions based exclusively on automated information processing? Law 25 provides advice and guidelines regarding these practices.

    Risk management consulting
    Law 25: the Issue of Automated Decisions… Read more
  • Loi 25 | Protection des renseignements personnels | Entreprises Québec
    Insights

    Law 25: Are You Ready for the Next Step?

    Law 25 on the protection of personal information has just been enhanced with the right to data portability. Is your organization in(…)

    Risk management consulting
    Law 25: Are You Ready for the Next Step?… Read more
  • Loi 25 | Protection des renseignements personnels | Raymond Chabot Grant Thornton
    Insights

    Law 25 | How Does it Impact Your Organization?

    Updated on May 31, 2024 Your organization is required to comply with Law 25 and implement an information governance program. What exactly(…)

    Risk management consulting
    Law 25 | How Does it Impact Your Organization?… Read more
View more

Contact us