Privacy & Data Management

With the growth of electronic/mobile commerce and data storage, privacy, cybersecurity and data management issues have become major factors of doing business in Canada and globally.

Torkin Manes’ multidisciplinary Privacy, Cybersecurity & Data Management Group concentrates on giving clients timely, balanced and practical advice with respect to compliance with the Canadian private sector, public sector and the health industry privacy landscape. We work with our Canadian and international clients to develop and operationalize privacy compliance programs, which may include data breach management and privacy training. We have extensive experience advising national and international clients on privacy and data related issues in the course of corporate transactions and negotiations, trans-border data transfers, and intra-corporate data transfers.  

Our Group has special expertise in health-related privacy issues. We routinely advise clients, including long-term care and retirement facilities, insurers, and employers, on compliance with applicable privacy legislation in Canada, including how to respond to requests for disclosure of personal health information. Our practice is cross-disciplinary. We regularly work closely with our clients to ensure their marketing and advertising programs are aligned with the privacy laws, anti-spam laws, and other applicable laws. We also counsel emerging and well-established companies with respect to the design and implement new and existing data-driven products and services. We advise how to leverage data at each stage of its lifecycle to ensure compliance while maximizing value.

We represent clients in matters related to breach of privacy, intrusion upon seclusion, and other privacy claims.

Some of our many Privacy and Data Management services include:

• Managing data breaches
• Preparing data transfer agreements
• Drafting privacy policies, procedures, and operational manuals to assist clients in ensuring that policies and procedures are compliant with applicable privacy legislation
• Preparing access to information requests and responses
• Developing data mapping of personal information processing
• Providing customized privacy training to clients and their employees (including privacy officers)
• Advising on CASL compliance (including auditing client organization’s current marketing and communications practices for CASL compliance) and developing CASL compliant processes and procedures for clients
• Representing clients before the Canadian Radio-television and Telecommunications Commissioner in the context of proceedings under CASL
• Managing privacy compliance across borders, including intra-company data processing and transfer agreements
• Crafting data management policies, data retention policies and privacy policies
• Advising on online/social media privacy issues
• Conducting privacy due diligence
• Advising on issues around the collection, use, and disclosure of health information
• Representing clients before privacy commissioners, whether provincial or federal, in the context of complaints, inquiries and investigations
• Representing clients before the courts in applications for judicial review from decisions of privacy commissioners
• Representing clients before the courts in privacy related matters
• Advising on workplace privacy related issues
• Advising on issues related to the processing of personal information for use by artificial intelligence technologies and other innovative technologies