MaLoi25: Subsidized Compliance Program
MaLoi25 is a program designed and administered by In-Sec-M, Canada's cybersecurity cluster, in collaboration with the Ministère de l'Économie, de l'Innovation et de l'Énergie (MEIE), to help companies comply with Bill 25. This program provides concrete assistance to SMEs and SDAs, enabling Quebec experts to support them in their cyber resilience and their application of Law 25. This program will be available until March 31st, 2025.
Law 25: Understanding the new privacy provisions
Since coming into force in Quebec, Law 25 has introduced significant changes to the governance of personal information. This law - which modernizes legislative provisions - aims to protect the confidentiality of personal information, while guaranteeing transparent and equitable access to personal information collection, information and privacy policies.
Protection of personal information: responsibilities and obligations
Law 25 imposes clear obligations on organizations holding personal information. Organizations are now responsible for ensuring that the personal information they hold is adequately protected throughout its life cycle. This includes the collection, use, disclosure and destruction of personal information, in accordance with privacy legislation.
Compliance and consent
Organizations must obtain the consent of the person concerned before collecting or communicating personal information, except in cases provided for by law. In addition, the communication of personal information outside Quebec is subject to strict rules to ensure adequate data protection.
Management and transparency
Law 25 also emphasizes transparency and accountability in the governance of personal information. Organizations must be able to demonstrate compliance with the law and effectively manage privacy incidents, should they occur. In addition, they are required to clearly communicate to individuals how their personal information is used and disclosed.
Implications and penalties
Organizations that contravene Law 25 are liable to severe penalties, up to $25 million. It is therefore imperative for companies to understand and comply with the requirements of this law to avoid any risk of non-compliance and financial damage.
How does it work?
Our Three-Step Process for training on Bill 25
01
Initial assessment
Analyze your current personal information management situation and identify your needs.
02
Training and Implementation
Participate in training sessions tailored to your needs. Implement Bill 25 compliance programs, policies and processes.
03
Follow-up and Updates
Receive ongoing support to maintain compliance and update your practices in line with legislative developments.
Get your Law 25 funding
Ready to strengthen your company's compliance and security? Contact us today for a free consultation and find out how we can help you achieve your compliance and data protection goals.
Our certifications
Explore our comprehensive range of recognized certifications that attest to our expertise in data protection and compliance. Each certification reflects our commitment to providing industry-leading solutions, ensuring that your processes meet the highest standards of security and data management.
