Law 25
Compliance
In force since September 2024, Law 25 imposes new personal-information obligations on Quebec organizations. DUBÉ LATREILLE guides you toward compliance.
At your service for Law 25 compliance
Law 25 — the Act to modernize legislative provisions as regards the protection of personal information — came fully into force on September 22, 2024. It heralds major changes for Quebec's business community.
It imposes new obligations on private and public organizations: appointing a person responsible for the protection of personal information, establishing governance rules, disclosing confidentiality incidents, and obtaining free and informed consent before any collection. It also creates new rights for individuals: the right to information, to withdraw consent, to access and rectification, and to erasure.
At DUBÉ LATREILLE, we guide our clients through this complex landscape so their businesses can benefit from technological progress while minimizing their risks.
Our services
Each case is unique. Our lawyers will guide you through every step, from preventive advice to the final judgment.
Compliance Audits
The audit process is important because it is the first step toward a company's compliance.
Confidentiality Incident Response Plan
DUBÉ LATREILLE is ready to support your organization in both preparing for and responding to a confidentiality incident.
Contracts
An organization may have good cybersecurity governance rules, but that is not always the case for the parties it does business with.
Counsel (Breach Coach)
In the event of a cyber incident/data breach, it is important to be able to rely on the advice of counsel.
Governance
Governance is a set of internal rules and policies intended to coordinate an organization's efforts toward the achievement of a goal or objectives.
Insurability
Cyber insurance is the foremost means of mitigating the costs and risks associated with cyberattacks and incidents involving data compromise, because it allows an organization to transfer potential (and substantial) financial risks to an insurance mechanism.
Online Compliance
Through their online services, businesses collect personal information to provide their services and, invariably, various data about users (via cookies and other mechanisms) to improve their services — but also for other purposes such as marketing, research, and so on.
Privacy Officers
Law 25 sets out a set of new binding obligations for businesses to ensure better control and protection of personal information.
Training and Awareness
Discover the various training sessions DUBÉ LATREILLE offers in the areas of cybersecurity and cyber threats.
Lawyers in
Law 25 Compliance
Each case is unique. Our lawyers will guide you through every step, from preventive advice to the final judgment.
Our lawyers are ready to assist you.