Report a privacy breach at your organization
A privacy breach is the loss of, unauthorized access to, or disclosure of, personal information. Breaches can happen when personal information is stolen, lost, or mistakenly shared.
Which organizations must report privacy breaches to the OPC?
The following organizations may be required to report a privacy breach to the Office of the Privacy Commissioner of Canada (OPC), depending on the situation and their obligations under law:
- Federal institutions subject to the Privacy Act
- Businesses subject to the Personal Information Protection and Electronics Document Act (PIPEDA)
Our Office only accepts breach reports directly from the organizations subject to the Privacy Act or PIPEDA.
Report a privacy breach to the OPC
Report a privacy breach at your federal institution
Guidelines and online form for federal institutions to report a breach to the OPC.
Report a privacy breach at your business
Information and online form for businesses to report a breach to the OPC.
- Date modified: