• First Reference
  • About us
  • Contact us
  • Blog Signup 📨

First Reference Talks

Discussions on Human Resources, Employment Law, Payroll and Internal Controls

  • Home
  • About
  • Archives
  • Conference
  • Resources
  • Buy Policies
You are here: Home / Privacy / Strengthen personal data security; avoid the Sony experience

By Marie-Yosie Saint-Cyr, LL.B. Managing Editor | 3 Minutes Read May 4, 2011

Strengthen personal data security; avoid the Sony experience

isyourdatasecureCustomers and employees entrust their personal information to businesses on a daily basis and expect that these businesses will treat that information with the care and respect it deserves by implementing the proper safeguards to keep it safe. However, just recently (and this is far from the only instance of organizational data breach), users of Sony’s PlayStation Network (PSN) online gaming platform have had their bank or credit card details stolen in two serious breach of the electronic giant’s security in less than a week. The company warned that more than 12,000 users worldwide have had their credit or debit card details compromised.

The company also said that names, addresses, emails, birthdates, phone numbers and other information from 24.6 million PSN accounts may have been stolen from its servers as well as from an “outdated database”.

The incidents are under investigations and lawsuits have been filed against Sony. Closer to home, a proposed class-action lawsuit has been filed in Ontario on behalf of about one million Canadian PSN and Qriocity (another Sony online media network) users for breach of privacy. The lawsuit claims damages in excess of $1 billion, which includes having Sony pay the costs of credit monitoring services and fraud insurance coverage for two years.

The statement of claim alleges:

Sony “failed to adequately safeguard certain personal information, financial data and usage data”.

“The defendants delayed notifying the proper law enforcement agencies and delayed in notifying and/or warning the plaintiff and other class members of the potential theft of their personal information and/or financial data”.

The representative plaintiff in the action stated in a press release, “If you can’t trust a huge multinational corporation like Sony to protect your private information, who can you trust?”

Clearly, keeping private information private has become increasingly difficult.

In the wake of such data breaches, the federal, Alberta and British Columbia Privacy Commissioners launched, on May 3, 2011, a new online self-assessment questionnaire to help organizations better protect customers’ and employees’ personal information.

Securing Personal Information: A Self-Assessment Tool for Organizations is a detailed questionnaire and analysis tool that will help businesses assess how well they are complying with private-sector privacy laws. Under all of these laws, organizations that collect or hold personal information must take steps to protect the information from unauthorized access, collection, use, disclosure, copying, modification, disposal and destruction.

The tool can be used by any private-sector organization, particularly small and medium-sized businesses.

“Cleaning up after a data breach can be very costly for business,” warns BC Privacy Commissioner Elizabeth Denham. “In addition to the time and energy that needs to be diverted in order to mitigate the damage, a breach can also harm an organization’s reputation, and that can be much costlier than investing in better information-security practices in the first place.”

Moreover, businesses should take the time to find out if there are any gaps in their information-security processes and implement corrective measures to prevent or reduce the risk of costly data breaches.

Once you’ve assessed your workplace, take a look at First Reference’s Protecting employee and customer privacy, a how-to guide for private-sector organizations on compliance with privacy laws and protecting personal information. The guide will help you understand the “why”, “what” and “how” of privacy legislation and what you need to implement. For more information on how to purchase the guide, click here.

Yosie Saint-Cyr
First Reference Human Resources and Compliance Managing Editor

  • About
  • Latest Posts
Follow me
Marie-Yosie Saint-Cyr, LL.B. Managing Editor
Managing Editor at First Reference Inc.
Marie-Yosie Saint-Cyr, LL.B., is a trained lawyer called to the Quebec bar in 1988 and is still a member in good standing. She practiced business, employment and labour law until 1999. For over 20 years, Yosie has been the Managing Editor at First Reference. She manages the PolicyPro Human Resources and Internal Controls editions, The Human Resources Advisor editions, PaySource and the HRinfodesk news service as well as the blogs. Marie-Yosie (a.k.a. Yosie) is a recognized and respected author, with an extensive background in human resources, employment and labour across the country.
Follow me
Latest posts by Marie-Yosie Saint-Cyr, LL.B. Managing Editor (see all)
  • First Reference annual holiday donation, season’s greetings and holiday break - December 24, 2021
  • Ontario extends the COVID-19 period and paid IDEL period - December 8, 2021
  • Impact of September 30th federal holiday - September 14, 2021

Article by Marie-Yosie Saint-Cyr, LL.B. Managing Editor / Privacy / Alberta, British Columbia, class action lawsuit, data breaches, employment law, identity theft, law, lawsuit, Notice, ontario, personal data security, personal information, PlayStation, PlayStation Network, privacy legislation, privacy safeguards, private-sector privacy laws, protect personal information, PSN, Qriocity, Securing Personal Information, Securing Personal Information: A Self-Assessment Tool for Organizations, serious breach of the electronic security, Sony, unauthorized access

Share with a friend or colleague

Get the Human Resources Advisor™ Free for 30 Days

Get the Latest Posts in your Inbox for Free!

About Marie-Yosie Saint-Cyr, LL.B. Managing Editor

Marie-Yosie Saint-Cyr, LL.B., is a trained lawyer called to the Quebec bar in 1988 and is still a member in good standing. She practiced business, employment and labour law until 1999. For over 20 years, Yosie has been the Managing Editor at First Reference. She manages the PolicyPro Human Resources and Internal Controls editions, The Human Resources Advisor editions, PaySource and the HRinfodesk news service as well as the blogs. Marie-Yosie (a.k.a. Yosie) is a recognized and respected author, with an extensive background in human resources, employment and labour across the country.

Footer

About us

Established in 1995, First Reference is the leading publisher of up to date, practical and authoritative HR compliance and policy databases that are essential to ensure organizations meet their due diligence and duty of care requirements.

First Reference Talks

  • Home
  • About
  • Archives
  • Conference
  • Resources
  • Buy Policies

Main Menu

  • About First Reference
  • Resources
  • Contact us
  • 1 800 750 8175

Stay Connected

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

We welcome your comments on our blog articles. However, we do not respond to specific legal questions in this space.
We do not provide any form of legal advice or legal opinion. Please consult a lawyer in your jurisdiction or try one of our products.


Copyright © 2009 - 2022 · First Reference Inc. · All Rights Reserved
Legal and Copyright Notices · Publisher's Disclaimer · Privacy Policy · Accessibility Policy