Data Privacy Day 2016: Breach Response and Reporting (OIPC Event)

January 28, 2016

McDougall Centre, 455 6th St. SW

This event is now at capacity. Thank you for your interest. We intend to have subsequent breach response and reporting workshops. Stay tuned or contact our office to state your interest in attending a future workshop.


Morning Forum

8:00 a.m.    Registration and Refreshments

8:30 a.m.     Welcoming Comments

8:45 a.m.     Basics of Privacy Breaches

  • Dr. Ken Barker, Faculty of Computer Science, and Dr. Greg Hagen, Faculty of Law, University of Calgary

    Hagen intends to speak about highlights from the federal Digital Privacy Act, including mandatory notification and when one can disclose information without consent. Barker will touch on privacy exposure in our digital world and the threats of big data analytics begging the question, “Is there any hope for privacy?”

9:45 a.m.     Breach Prevention and IT Security

  • Owen Key, Chief Security Officer / Chief Information Security Officer, City of Calgary

    The presentation will describe the basic tenets of IT security, how to maximize expenditure in breach prevention, cyber incident response and forensics, and the scope of the City of Calgary’s infrastructure in relation to information security. 

10:30 a.m.    Refreshment Break

10:45 a.m.    Breach Response and Reporting

  • Mike Tolfree, Chief Privacy Officer and Legal Counsel, Alberta Health Services (AHS)

    This presentation will focus on how AHS investigates and responds to potential breaches of privacy, including how to conduct a risk assessment of a breach. The discussion will also touch on the issues AHS considers before notifying individuals affected by the breach, as well as external stakeholders.

11:45 a.m.    Lunch (on your own)

Afternoon Workshop

1:00 p.m.     Registration

1:15 p.m.     OIPC Breach Response and Reporting Workshop

  • Linda Sasaki and Elaine Fitzgibbon, Senior Information and Privacy Managers, Office of the Information and Privacy Commissioner

    It’s not a matter of if you will have a privacy breach, it’s when. Organizational preparedness is the key to successful privacy breach response. The workshop will provide comments on trends in the type and magnitude of breaches reported to the OIPC. The presenters will give participants practical guidance from a regulator’s perspective, based on successful - and unsuccessful - strategies organizations have used to respond to breaches.  Discussion will include the following:
    • Developing a privacy breach response plan
    • Establishing your breach response team
    • Successful strategies in remediating privacy breaches
    • Issues around identifying affected individuals and notification challenges

3:30 p.m.     Closing Comments


Data Privacy Day 2016