{"id":2406,"date":"2024-08-23T10:04:28","date_gmt":"2024-08-23T14:04:28","guid":{"rendered":"https:\/\/solulan.com\/?p=2406"},"modified":"2024-11-15T10:36:07","modified_gmt":"2024-11-15T14:36:07","slug":"quebecs-law-25-how-to-upgrade-your-business-up-to-standard","status":"publish","type":"post","link":"https:\/\/solulan.com\/en\/quebecs-law-25-how-to-upgrade-your-business-up-to-standard\/","title":{"rendered":"Quebec's Law 25: How to upgrade your business up to standard?"},"content":{"rendered":"

The protection of personal information has become an absolute priority for Quebec businesses. <\/span>Law 25<\/b> is a law modernizing legislative provisions on the protection of personal information. Coming into force on <\/span>September 22, 2022<\/b>, it marks a major turning point in the way organizations must manage and protect sensitive data.\u00a0<\/span><\/p>\n

Solulan, your trusted IT services and cybersecurity partner, supports you in this crucial transition to <\/span>Law 25 compliance<\/b>. Discover our complete guide to understanding the challenges of this law and implementing the necessary measures to ensure the protection of personal information within your organization.<\/span><\/p>\n

 <\/p>\n

What is Law 25 in Quebec?<\/span><\/h2>\n

Law 25 aims to strengthen the <\/span>protection of personal information in Quebec<\/b> by introducing stricter provisions and extending the rights of individuals.<\/span><\/p>\n

It applies to <\/span>all private companies and public bodies<\/b> that collect, use or communicate personal information. Specific new obligations are imposed to ensure compliance with Law 25, guaranteeing that companies and public bodies adequately protect the personal data they manage. This enables more secure and transparent management of sensitive information, while complying with the new legal requirements for the protection of personal information.<\/span><\/p>\n

 <\/p>\n

Informed consent and greater rights<\/span><\/h3>\n

One of the major changes concerns consent. Companies must now obtain explicit, <\/span>informed consent before collecting<\/b>, using or disclosing personal information. In addition, Law 25 grants individuals new rights, such as the right to data portability and, in certain circumstances, the right to forget or <\/span>destroy personal information<\/b>.<\/span><\/p>\n

 <\/p>\n

Mandatory notification of security breaches<\/span><\/h3>\n

Law 25 also requires companies to notify the <\/span>Commission d'acc\u00e8s \u00e0 l'information<\/span><\/a> (CAI) and the individuals concerned in the event of a confidentiality incident <\/span>involving personal information<\/b>. This measure is designed to ensure greater transparency and enable individuals to take the necessary action to protect their interests.<\/span><\/p>\n

 <\/p>\n

Tougher penalties<\/span><\/h3>\n

Failure to comply with Law 25 can result in <\/span>significant financial penalties<\/b>, up to $10 million or 2% of worldwide sales, whichever is greater. These enhanced penalties underline the importance of compliance and encourage companies to take data protection seriously.<\/span><\/p>\n

 <\/p>\n

Request a security audit<\/span><\/a><\/p>\n

 <\/p>\n

 <\/p>\n

Key steps for compliance with Law 25 in Quebec<\/span><\/h2>\n

\"\"<\/p>\n

 <\/p>\n

Compliance with Law 25 is a process that requires <\/span>careful planning<\/b> and a proactive approach.<\/span><\/p>\n

As a reminder, here are the <\/span>key dates<\/b> for compliance with Law 25:<\/span><\/p>\n