Osler has the largest team of practitioners who focus on privacy and data management in Canada. Our team comprises of acknowledged leaders in the privacy arena and our Group is consistently recognized by industry-leading publications, including a Band 1 ranking in Chambers Canada. We provide advice on the increasingly complex rules and the broad range of privacy and data-governance issues arising from the collection, use, disclosure and management of personal information.
Our fully integrated team is uniquely positioned to provide a comprehensive service offering that includes legal services, online privacy information services and consulting services. Our lawyers work closely with our innovative AccessPrivacy privacy and data management consulting team, which offers clients an integrated suite of consulting, legal and information services, including our CPO (Chief Privacy Officer) Forum’s thought-leadership program, workshops, conferences, Private Sector Source and Public Sector Source online services and our Monthly Privacy Call. Together with a wide range of internal legal talent, we have an unparalleled level of hands-on privacy and data-management experience that allows us to provide timely, collaborative, practical and cost-effective solutions.
Osler is a program partner of the Information Accountability Foundation (IAF) the preeminent global information policy think tank that works with regulatory authorities, policymakers, business leaders, civil society and other key stakeholders around the world to help frame and advance data protection law and practice through accountability-based information governance.
Our clients span a broad range of industries and sectors, including the following:
- Banking and financial services, including insurance
- Business process outsourcing
- Education, including universities, colleges and school boards
- Entertainment and media
- Healthcare, including healthcare service providers and health research
- Retail and consumer products
- Technology and social media
Drawing on our extensive experience, innovative skills and practical solutions, we
- advise clients on compliance with all Canadian federal and provincial privacy and data-management laws
- advise clients on compliance with Canada’s anti-spam legislation (CASL)
- advise and develop policies and guidelines applicable to privacy issues regarding marketing and advertising programs and campaigns, including social media–related marketing, online behavioural advertising, and marketing to children
- address and advise on cross-border privacy issues, including the transfer of data outside Canada
- help clients manage significant privacy information security breaches and regulatory notification issues for individuals
- assist clients with the compliance and data-governance issues associated with data analytics, fraud-detection programs and other emerging data uses
- advise on enterprise-wide privacy information–governance compliance monitoring programs
- advise and respond to investigations and complaints filed with privacy regulatory authorities
- advise clients on privacy issues and requirements on mergers and acquisitions and corporate finance transactions, and negotiate privacy law provisions for business transactions
- address workplace privacy issues, including email and Internet use policies affecting an employee’s expectation of privacy, and identify privacy-compliant practices for handling and using employee data
- advise clients on management of individual requests for access to, and/or correction of, personal information
- develop and perform comprehensive Privacy Impact Assessments (PIAs), privacy and information risk assessments, preparation of data flow maps
- develop and implement data-classification and records-management programs
- develop and implement privacy and data-use and -protection policies and procedures that comply with applicable laws and that maintain business flexibility and public and business partner trust
- develop and implement policies and procedures necessary to meet payment card industry (PCI) standards
- advise clients on training and awareness programs
Recent work performed by our privacy team includes:
- Advising banks and financial institutions, credit retailers and credit reporting agencies on privacy law requirements, jurisdiction and issues arising under Canadian privacy legislation.
- Advising health care, pharmaceutical, pharmacy and medical device companies on requirements of Canadian health information legislation.
- Advising major direct mail marketers, retailers, manufacturers and Internet-based businesses on compliance with Canadian privacy and developing anti-spam legislation.
- Advising a broad range of businesses on Internet-related privacy issues involving collection, use and sharing of personal information.
- Advising on privacy law requirements and negotiating privacy protection provisions in a broad range of merger, share and asset transactions and securitizations involving personal and health information databases, assets and portfolios.
- Providing Canadian privacy law advice in numerous international transfers or outsourcings of financial services, bill payment, employee information and customer database information.
- Advising clients on responding to data breach issues including strategies for mitigating related harm and for complying with data breach notification obligations.
- Representing business in courier, transportation, financial services, credit reporting and high technology sectors in complaints before Privacy Commissioner of Canada.
- Representing numerous clients in Access to Information/Freedom of Information proceedings.
- Advising clients from all sectors on the impact of Access to Information and Freedom of Information and Protection of Privacy laws on agreements and transactions involving governments and the public sector, funding from or providing services to governments and litigation with governments.