As Canadian businesses face mounting privacy and cybersecurity regulations, including Bill C-26 and Bill C-27, strong data governance has become a strategic imperative—not just a compliance exercise. In this session, Dean Lancaster, Director in PwC Canada’s Data & AI practice shared how companies can move beyond just “checking the box” and turn compliance into a real competitive advantage.
Top Highlights:
What’s the Difference?
-
Bill C-26 is all about locking the digital doors—cybersecurity and infrastructure.
-
Bill C-27 focuses on how data is used inside the business—privacy, consent, and AI governance.
-
Both carry serious financial penalties if ignored.
Data Governance That Works
-
Build one data governance strategy with two lenses: privacy and cybersecurity.
-
Spread accountability across teams—business leaders, IT/security teams, and internal auditors all play a role.
-
Assign data stewards (focus on business value) and data custodians (focus on compliance) across departments.
Turning Rules into Results
-
Design privacy and security into new systems from the start—it’s cheaper and smarter.
-
Keep only the data you need, and manage it with tools like Collibra, Alation, or Microsoft Purview.
-
Share your wins—privacy transparency can attract customers, investors, and top talent.
Don’t miss our next session on May 21, where Fortinet will dig deeper into Bill C-26 and cybersecurity strategies for Canadian businesses.