ClearBreach
Get early access

In an active breach right now?

Each guide below is a scannable checklist for use during an incident. Use ClearBreach to run your formal assessment and generate required documents.

Get early access now →

Quick reference guides

Breach response by scenario

Immediate steps, checklists, and deadlines — structured for use during an active incident. Not for background reading. Each guide assumes you are responding right now.

Want the full background on a scenario? Read the educational playbooks →

PIPEDAAB PIPABC PIPAAll sectors

What ClearBreach Generates

ClearBreach generates six required breach documents from one assessment — RROSH verdict, OPC breach report, provincial submissions, and notification letter.

Open guide →

PIPEDAAB PIPABC PIPAAll sectorsTypical verdict: RROSH

Phishing & BEC — Quick Reference Guide

Immediate steps for phishing and BEC — account containment, audit log review, access assessment, and PIPEDA, Alberta PIPA, and BC PIPA reporting obligations.

Open guide →

PIPEDAAll sectors

Ontario Data Breach Reporting Requirements

PIPEDA governs Ontario private-sector data breach reporting. Learn the RROSH threshold, OPC report obligations, individual notification, and how to comply.

Open guide →

PIPEDAAB PIPABC PIPAAll sectorsTypical verdict: RROSH — unless confirmed encryption and verified no access

Lost or Stolen Device — Quick Reference Guide

Immediate steps, checklists, and reporting deadlines for Canadian organizations responding to a lost or stolen device under PIPEDA, Alberta PIPA, and BC PIPA.

Open guide →

AB PIPAAll sectors

Alberta PIPA Breach Notification for SMEs

Alberta PIPA requires reporting to OIPC Alberta and notifying individuals when RROSH is present. Both obligations are mandatory. See the full requirements.

Open guide →

BC PIPAAll sectors

BC PIPA Breach Reporting Requirements for SMEs

BC PIPA requires notifying individuals when RROSH is present. OIPC BC reporting is voluntary — not mandatory. Check your obligations under BC privacy law.

Open guide →

PIPEDAAB PIPABC PIPAAll sectors

Data Breach Response Checklist — Canada

Canadian data breach response guide — containment, RROSH assessment, OPC reporting, individual notification, and record-keeping under PIPEDA and PIPA.

Open guide →

PIPEDAAll sectors

PIPEDA Breach Reporting Requirements

Understand PIPEDA breach reporting — RROSH threshold, OPC report requirements, individual notification obligations, and the 24-month record-keeping rule.

Open guide →

PIPEDAAB PIPABC PIPAAll sectors

What Is RROSH? The Breach Reporting Threshold

RROSH — Real Risk of Significant Harm — triggers mandatory breach reporting under PIPEDA, Alberta PIPA, and BC PIPA. See how to apply the four factors.

Open guide →

PIPEDAAB PIPAAll sectorsTypical verdict: RROSH

Ransomware Attack — Quick Reference Guide

Immediate steps, checklists, and reporting deadlines for Canadian organizations responding to a ransomware attack under PIPEDA and Alberta PIPA.

Open guide →