A privacy incident occurs when there is unauthorized access, disclosure, or use of personal information (e.g., social insurance number, date of birth, health status, insurance premium), or when such information is lost or stolen.
Cyber incidents can occur as a result of human error, an external attack or a technical failure. They must be reported quickly to limit the impact and allow the compliance or IT security team to respond.
Below are some concrete examples of cyber incidents:
- Opening a phishing email
- Infection by malware
- Unauthorized access to electronic files or systems
- Loss or theft of a device containing professional data
Reporting cybersecurity incidents
Rapid reporting of cybersecurity incidents is essential to limit potential impacts. It allows us to act without delay to protect those affected, comply with our regulatory obligations, and implement appropriate corrective measures.
As a reminder, since June 12, you can report cybersecurity incidents directly from the Advisor Centre home page:
By reporting cybersecurity incidents in this way, an immediate notification will be sent to our team, ensuring that there are no delays in the information being passed on to our IT Security Operations department.
We believe this new process will significantly improve our cybersecurity posture and incident response capabilities. Thank you for your cooperation and commitment to maintaining the highest security standards.
For more information, please contact your Compliance Officer.
