Oh Canada, we’ve got your cloud compliance checklist checked.
In fact, simply by choosing Sync your organization will meet all federal and provincial data privacy laws and data residency regulations. From British Columbia’s FIPPA to New Brunswick’s PHIPAA (and every province and territory in between) Sync’s got your Canadian cloud storage compliance fully and completely covered.
Why choose Canadian?
- Ensure your organization meets federal and provincial data privacy compliance laws
- Ensure your data is always stored in Canada
- Ensure your data is stored securely, with appropriate safeguards and encryption
- Ensure your data is not subject to foreign law (like the US Patriot Act)
- Keep all personally identifiable health information (PII and PHI) safe, secure and private at all times
Why choose Sync?
Sync is 100% Canadian owned and operated. Your files are always stored on Canadian soil (we operate multiple data centres in Toronto, Ontario) and our data privacy policy is purposely modelled after Canada’s Personal Information Protection and Electronic Documents Act, or PIPEDA.
Furthermore, tens of thousands of Canadian businesses already use Sync to keep their files safe. Canadian healthcare providers, educators, law firms, government agencies, engineering firms, marketers, and small businesses of all shapes and sizes currently benefit from our commitment to deliver super-secure cloud storage.
Whether you’re collaborating on sensitive files with co-workers, storing personally identifiable client information in the cloud, or syncing and sharing confidential documents, your organization will always be safe, secure and in compliance with Sync.
Data is stored in Canada @Sync – HIPAA, PIPEDA, PIPA, FIPPA, ATIPPA ** Be still my heart! ** https://t.co/0MuyZB4Oom
— Steven McCartney (@StevenMcCartney) May 8, 2015
Our PIPEDA checklist:
The Personal Information Protection and Electronic Documents Act is a Canadian federal law that governs how organizations collect, use and disclose personally identifiable information. Everything we do here at Sync is based on meeting PIPEDA compliance:
| Accountability | Sync has a designated privacy officer who manages all compliance issues. | |
| Identifying Purposes | Sync will always explain why we need your information before or when we collect it, and Sync will never share personally identifiable information with third-parties. | |
| Consent | Sync will collect, use and disclose your personal information only with your knowledge and consent (except where permitted or as required by law). | |
| Limiting Collection | Sync limits collection of personal information to information required for the proper functioning of Sync. | |
| Limiting Use, Disclosure, and Retention | Sync will not use or disclose your personal information other than for the purposes for which it was collected unless we receive your consent or unless we are required or permitted to by law.
|
|
| Accuracy | Sync will maintain accurate, complete and up-to-date personal information as required for the identified purposes associated with its collection. | |
| Safeguards | Sync protects the personal information in our possession and control by using security safeguards appropriate to the sensitivity of the information.
|
|
| Openness | Sync’s policies regarding personal information are available to the public right here, and should we change any of our privacy practices,we will post such change for 30 days before such changes go into effect. | |
| Individual Access | Upon your written request, and subject to exceptions as permitted or mandated by law, Sync will inform you of the existence, use and disclosure of your personal information and will give you access to that information. | |
| Challenging Compliance | Sync maintains procedures for addressing and responding to all inquiries or complaints from its customers about Sync’s handling of personal information. | |
| Breach Reporting | New for 2015 – Sync will notify you, and the Office of the Privacy Commissioner of Canada, and affected individuals immediately, of any breach of security safeguards. |
Our provincial checklist:
By choosing Sync, your organization will immediately comply with the myriad of provincial data privacy rules and regulations that also govern cloud storage. Here’s our provincial compliance rundown:
| Alberta | Freedom of Information and Protection of Privacy Act Health Information Act Personal Information Protection Act |
|
| British Columbia | Freedom of Information and Protection of Privacy Act Personal Information Protection Act E-Health (Personal Health Information Access and Protection of Privacy) Act |
|
| Manitoba | Freedom of Information and Protection of Privacy Act Personal Health Information Act |
|
| New Brunswick | Personal Health Information Privacy and Access Act Right to Information and Protection of Privacy Act |
|
| Newfoundland and Labrador | Personal Health Information Act Access to Information and Protection of Privacy Act |
|
| Northwest Territories | Access to Information and Protection of Privacy Act | |
| Nova Scotia | Freedom of Information and Protection of Privacy Act Privacy Review Officer Act |
|
| Nunuvat | Access to Information and Protection of Privacy Act | |
| Ontario | Personal Health Information Protection Act Freedom of Information and Protection of Privacy Act |
|
| Prince Edward Island | Freedom of Information and Protection of Privacy Act | |
| Québec | Act Respecting the Protection of Personal Information in the Private Sector | |
| Saskatchewan | Freedom of Information and Protection of Privacy Act Health Information Protection Act |
|
| Yukon | Access to Information and Protection of Privacy Act |
Want to learn more about the various provincial data privacy rules and regulations? Have a look at a couple of our past Blog posts: Canadian Data Privacy Laws – the Private Sector, and Canadian Data Privacy Laws – the Public Sector.
Still have questions?
We’re here to help! For specific answers regarding data privacy compliance and acceptable Canadian cloud storage locations, please contact our sales team or privacy officer today.
