Support for compliance with Bill 25
Your compliance with Phase 1 of bill 25, supported by our expertise
Ease of compliance
With our turnkey toolkit, you can easily comply with bill 25 requirements.
Automation of your compliance
Thanks to the various document management tools in our toolbox, you will be able to automate the tasks related to your compliance.
Cybersecurity Expertise
Our hours of consultation with a cybersecurity specialist allow you to be advised to protect your precious data.
The turnkey toolbox integrated into Microsoft 365
Our turnkey toolkit integrated into Microsoft 365, developed in collaboration with the Delegatus collective of lawyers, provides you with all the tools you need to comply with Bill 25 Phase 1 compliance requirements.
It also includes an overview of the toolbox for the purpose of training the manager(s) and
5 hours of support with a cybersecurity specialist to ensure that your data is well protected.
Our turnkey toolkit contains a Privacy-Security Incidents SharePoint Site in which you will find the following items:
Our turnkey toolkit integrated into Microsoft 365, developed in collaboration with the Delegatus collective of lawyers, provides you with all the tools necessary to meet the requirements of Law 25.
Privacy-Security Incidents SharePoint Site :
- Reference library with templates:
- Procedure for managing confidentiality incidents involving personal information
- Cybersecurity incident management procedure
- Model notice to notify in writing anyone affected by a privacy incident
- Model notice to the Commission d’accès à l’information (CAI)
- Analysis grid to determine if the incident presents a risk of serious harm
- Model of delegation of the manager and his legal obligations
- Forms form for submitting privacy-security incidents
- Microsoft Lists Registry of Privacy-Security Incidents
- Privacy Training Videos
- Overview of the toolbox for the purpose of training the manager(s)
Our turnkey toolbox includes 5 hours of consultation with our cybersecurity specialists to guide you in the protection of personal information.
Proper management of personal information requires optimal cybersecurity to ensure that no intruder can come and steal your precious data. Our team will be able to advise you on adopting a proactive attitude in the face of the inherent risks.
- Procedure for managing confidentiality incidents involving personal information
- Cybersecurity incident management procedure
- Notice template to notify in writing anyone affected by a privacy incident
- Model notice to the Commission d’accès à l’information (CAI)
- Analysis grid to determine if the incident presents a risk of serious harm
- Model of delegation of the manager and his legal obligations
Through this Forms form, anyone who has reasonable grounds to believe that a confidentiality incident has occurred involving personal information held by the organization can notify the Privacy Officer.
Our collaborators from the Delegatus law collective have created several video capsules to better understand what Bill 25 is about. We discuss the key terms (personal information, confidentiality-security incidents, person responsible for the protection of personal information, etc.) , but also the different phases of Bill 25.
To ensure that you have all the keys in hand to use your new tools, we do an overview of the toolbox with you for the purpose of training the manager(s).
Proper management of personal information requires optimal cybersecurity to ensure that no intruder can come and steal your precious data. Our team will be able to advise you on adopting a proactive attitude in the face of the inherent risks.
For items that require legal support, we can put you in touch with a legal representative from the Delegatus lawyers’ collective.
Why be accompanied by cybersecurity professionals to comply with Bill 25?
Bill 25 modernizes the legislative provisions regarding the protection of personal information. Its purpose is to provide users with better control over their personal information.
To comply with the requirements of this law, organizations must implement several measures gradually.
3 phases are spread out in September 2022, September 2023 and September 2024.
- Getting support to ensure that you comply with all the prerequisites of Bill 25 makes it possible to not miss any of the crucial steps in data protection. We work closely with a legal team to ensure that our actions comply with the legal framework in force.
- Surrounding yourself with cybersecurity professionals to ensure the compliance of your data management is a good reflex. Indeed, our professionals are familiar with the topics of data governance and best practices to preserve the confidentiality of your data. In addition, good management of personal information requires optimal cybersecurity to ensure that no intruder can come and steal your precious data. Our team will be able to advise you on adopting a proactive attitude in the face of the inherent risks.
Our Commitment
Our team of certified cybersecurity professionals will work with you to implement and maintain the IT security solution that meets your needs.
Bernard Després
Security and Audit Practice Manager
Des nouvelles du monde des TI
How can M365 tools help with data protection?
Microsoft 365 (M365) offers many security tools and features that help protect user data. Since the implementation of Law 25 in Quebec on the protection of personal information of users,…
Avoid the risks of phishing
Phishing is a technique used by hackers to try to trick users into clicking on dangerous links or asking them to share sensitive information. Phishing attacks can take many forms,…
What are the different types of phishing
A phishing scam involves tricking the recipient into responding to a request, whether it’s to click on a link, install an attachment, or transfer money. Phishing messages are sent from…
It’s the end of SharePoint 2013, what to do?
On April 11, 2023, Microsoft will stop supporting SharePoint 2013 and providing security patches for this solution. There is no rush to prepare for your migration, but you still need…
Avoid the risks of phishing
Phishing is a technique used by hackers to try to trick users into clicking on dangerous links or asking them to share sensitive information. Phishing attacks can take many forms,…
Three simple and effective strategies for your cybersecurity
Nearly 45% of Canadian SMEs were the target of a cyberattack in 2022 (Source: Journal de Montréal). In addition to being costly, cyberattacks can damage your company’s reputation. Fortunately, there are…