Excela Associates - Privacy Consultants

Sound management of personal information is not simply a matter of good business. It is also a matter of law. Canada has privacy legislation covering the public and private sectors nation-wide, both federally and provincially. There are few organizations in Canada that are not subject to privacy legislation.

In addition to generic privacy legislation, legislated privacy torts exist in British Columbia, Saskatchewan, Manitoba and Newfoundland and Labrador, allowing individuals to sue for invasions of privacy even if there are no financial repercussions.

Other provinces do not have legislated privacy torts, but in 2011 the Ontario Court of Appeal created a tort of "intrusion upon seclusion" for severe invasions of privacy. This tort has since been recognized in other provinces. 

Effective in May 2018, the EU's General Data Protection Regulation (GDPR) imposes strict privacy requirments on any organization doing business with EU residents.  The reguation, which is more detailed and prescriptive than any other privacy law, requires that subject organizations take specific actions for compliance, which may require modifications to existing business processes.  Excela can assist in planning for GDPR compliance.

Effective November 1, 2018, the breach notification provisions of the Personal Information Protection and Electronic Documents Act (PIPEDA) take effect.  If you are subject to PIPEDA, as of that date it will be mandatory to report breaches to affected individuals and the Privacy Commissioner of Canada "as soon as feasible after an organization determines that a breach has occurred."

Excela Associates provides a full slate of services to assist its clients in planning, developing and implementing effective strategies to manage personal information and comply with privacy legislation. We can identify risks associated with inappropriate information management practices and provide solutions to deal with them. If you need a privacy consultant, you need look no further than Excela Associates.

Among our services are:

  • Policy, procedures and guidelines for privacy, information security and information management.
  • Strategic planning and policy development for all aspects of the management of personal and confidential information.
  • Information risk assessments, including privacy impact assessments and security assessments.
  • Training in privacy, security, and freedom of information.
  • Privacy architecture development.
  • Privacy by design implementations.
  • Privacy officer services.

Excela can advise on any aspect of personal information management. We offer the services of highly qualified experts in privacy, security and information management. Our president and associates are all senior practitioners with many years of experience.