The European Union’s General Data Protection Regulation (GDPR), enforced as of May 25, 2018, harmonizes data protection requirements for data controllers and processors in the EU as well as those who offer goods or services to EU residents, or monitor their behaviour. Because of this, Canadian organizations may be required to comply. Infringements can result in fines of 20 million Euro or 4 per cent of total annual worldwide turnover of the business.

There is a need to raise awareness in Canada of this new regulation and provide guidance to Canadian organizations, including small and medium-sized enterprises. Many Canadian organizations impacted by the regulation have asked SCC for guidance on addressing their obligations under the GDPR. In response, SCC created the Canadian Advisory Committee on GDPR as a national forum with the mandate to share relevant information and recommendations and to increase Canadian participation in data privacy, data protection and GDPR-related standardization activities. It has partnered with the private sector, academia and provincial and federal partners such as Innovation, Science and Economic Development.

In this way, the Canadian Advisory Committee on GDPR can help Canadian organizations address their GPDR obligations as well as gain a competitive advantage and seize new business opportunities. As such, the committee has identified key resources accessible on SCC’s website, which has become a go-to toolbox for Canadian organizations.