CAN/CIOSC 109-2:20XX (D2)
Privacy - Part 2: Canadian Information Privacy Protection Framework
This Draft Standard specifies minimum requirements for organizations that collect, use, retain, and disclose personal information in Canada, and offers any benefit or consideration regardless of monetary exchange for such benefit or consideration.
The Draft Standard aims to provide a baseline framework for organizations seeking to harmonize conformance to the various provincial/territorial, federal, and international legislation and treaties.
The Draft Standard is not intended to prescribe how an organization should implement controls. Rather, the standard will guide organizations using jurisdictional and technological agnostic approaches due to differences across industries/sectors. The Standard is also not intended to replace existing standards, certifications, policies or processes which presently allow organizations to conduct business at the national and global level.
This Draft Standard applies to all industries/sectors, including public and private companies, government entities, and not-for-profit organizations.
Date posted: February 25, 2021
Comment due date: March 25, 2021