In October 2021, the province of British Columbia announced proposed updates to the Freedom of Information and Protection of Privacy Act (FOIPPA) to make several significant changes to the privacy legislation governing public bodies.
On November 25, 2021, amendments to BC’s FOIPPA were passed under Bill 22-2021 to deliver better and more inclusive services to people, businesses, and public-sector organizations.
According to Lisa Beare, Minister of Citizens’ Services: “The COVID-19 pandemic changed the way we live, work, connect with loved ones, and access the services we need. Today, people can safely talk to their doctor via Zoom, learn online and do business faster. These amendments help people continue to access the services they need faster while ensuring their privacy is protected. We’re making changes today to keep pace with advancements in technology and provide the level of service that people expect in the digital era.”
Highlights of the proposed amendments include:
- Updating FOIPPA’s data-residency provisions so public bodies can use modern tools while continuing to protect personal information;
- Enhancing public-sector privacy protections and increasing accountability by implementing mandatory privacy-breach reporting;
- Introducing a modest application fee for non-personal freedom of information (FOI) requests; and
- Demonstrating the Province’s commitment to diversity, inclusion, reconciliation, and equity by increasing information sharing with Indigenous Peoples, adding Indigenous cultural protections, and removing non-inclusive language.
These new data-residency requirement changes bring BC in line with other provinces by removing restrictions that prevented public bodies to disclose and store personal information outside of Canada. Up till now, public bodies had to store and access personal information in Canada which limited them in terms of digital tools and cloud services. This bill now allows public sector organizations to access a broader range of digital tools and technologies to deliver a better user experience to British Columbians.
That being said, public sector organizations should also take this as an opportunity to revisit their cybersecurity and data-privacy plans as well as ensure they have a solid data breach recovery plan in place that details the actions that need to be taken at the first sign of a breach.
Softlanding has been working with major British Columbian Public Sector organizations and can assist you in modernizing your IT environment and strengthening your security posture.
Contact us for more information.