Main Regulations Affecting Information Security - Canada

GLOBAL: universal regulations or standards, applicable to entities worldwide.

Who's impacted: entities to which the standards or regulations apply.

GLOBAL
Risk Management	Who's impacted?
Basel II The aim of this regulation is to better align bank capital requirements with underlying risks. Banks are required to monitor, mitigate and disclose risk. http://www.bis.org/publ/bcbsca.htm	Global financial services organizations International banks with assets greater than $250 billion or foreign exposures greater than $10 billion.
Payment Card Industry (PCI) Data Security Standard The aim of this standard is to provide a single set of security requirements to be used by all payment organizations. Merchants and service providers should use the standard to assess their security status. https://www.pcisecuritystandards.org/	All members, merchants, and service providers that store, process, or transmit cardholder data.

GLOBAL

Risk Management

Who's impacted?

Basel II

The aim of this regulation is to better align bank capital requirements with underlying risks. Banks are required to monitor, mitigate and disclose risk.

http://www.bis.org/publ/bcbsca.htm

Global financial services organizations
International banks with assets greater than $250 billion or foreign exposures greater than $10 billion.

Payment Card Industry (PCI) Data Security Standard

The aim of this standard is to provide a single set of security requirements to be used by all payment organizations. Merchants and service providers should use the standard to assess their security status.

https://www.pcisecuritystandards.org/

All members, merchants, and service providers that store, process, or transmit cardholder data.

CANADA
Privacy	Who's impacted?
Personal Information Protection and Electronic Document Act (PIPEDA) This act establishes a set of 10 "Fair Information Principles" for the collection, use, and disclosure of personal information by organizations during commercial activities. http://www.privcom.gc.ca/legislation/02_06_01_01_e.asp	All entities in Canada including associations, partnerships, individuals, trade unions, "Brick-and-mortar" businesses and e-commerce businesses.

CANADA

Privacy

Who's impacted?

Personal Information Protection and Electronic Document Act (PIPEDA)

This act establishes a set of 10 "Fair Information Principles" for the collection, use, and disclosure of personal information by organizations during commercial activities.

http://www.privcom.gc.ca/legislation/02_06_01_01_e.asp

All entities in Canada including associations, partnerships, individuals, trade unions, "Brick-and-mortar" businesses and e-commerce businesses.

Retour vers le haut