Privacy, Data Governance and Cybersecurity

The lawyers in Miller Thomson’s Privacy, Data Governance and Cybersecurity Group can help you face these challenges and meet these goals with the assistance of their actionable, hands-on advice, calling on a diverse set of experience gained in private practice and in-house environments, both in Canada and abroad.

We act on a range of matters, including commercial transactions and M&A activities, emerging businesses and innovation, artificial intelligence, marketing and promotional campaigns, technology procurement and technology design projects, data sharing, research collaborations, workplace privacy, and operational compliance matters.

Our Offering

Transactional privacy due diligence: In today’s interconnected economy, it’s not enough just to worry about your own data security practices. When you purchase a company or contract with a vendor, you want to know that your commercial partner will treat your digital assets with the same care as you do. Our team negotiates and reviews agreements to manage the privacy risks associated with the deal. We also negotiate targeted data sharing and data processing agreements for commercial transactions that are centered on data.

• Proactive and programmatic compliance: Our team develops and reviews internal and external policies, procedures, template agreements and training, as well as a wide range of related regulatory support regarding the collection, storing, process, transmission and other handling of personal information.
• Comprehensive cybersecurity assistance: Cybersecurity should never start with a data breach. Our team takes a proactive approach to the issue, helping clients minimize the chance of a successful data theft or ransomware attack via robust policies, procedures and training or arranging tabletop exercises to ensure they are prepared for an incident. When the worst does happen, our full life-cycle incident response and breach coaching services provide the calm, steady guidance that the crisis demands. Our team co-ordinates the cross-functional response effort, advising on legal requirements, coordinating with forensics, communications, and other service providers, and liaising with law enforcement and regulators/privacy commissioners/data protection authorities, as well as internal and external stakeholders. We also regularly represent our clients in regulatory proceedings and litigation matters arising out of a cybersecurity incident.
• Innovation project support: Future-thinking businesses can’t afford to wait for laws and regulations to catch up before taking advantage of rapidly evolving technologies. Our privacy and data protection team can assess the risks your business faces when incorporating tools such as artificial intelligence, the blockchain and autonomous vehicles into your operations and keep you on the right side of a moving line.
• Public sector expertise: Our team advises hospitals, regional health authorities and other health service providers, technology and medical device companies, and other organizations on all aspects related to use and protection of personal health information, health information sharing and digital health initiatives. We also have specialized expertise with access to information statutes and the unique issues that arise in the Education, Municipal and Health sectors.
• Cross-Canada service: With our network of 10 offices stretched across five provinces – including Quebec – we have made a name for ourselves as the ideal legal partner for foreign-owned companies looking to bring their services to Canada, and we are well placed to help tech start-ups and data heavy businesses as they seek to navigate this country’s unique legal and regulatory landscape.