ClearBreach

Incident playbooks

What to do when a breach happens

Scenario-specific guidance for Canadian SMEs and MSPs. Each playbook walks through your assessment obligations, reporting deadlines, and required documents for a common breach type.

PIPEDAAB PIPABC PIPA

Cloud Storage Misconfiguration — What Canadian Organizations Must Do

A misconfigured cloud storage bucket triggers PIPEDA and PIPA obligations even without evidence of unauthorized access — exposure alone is enough.

Read playbook →

PIPEDAAB PIPABC PIPA

Physical Records Breach — What Canadian Organizations Must Do

When paper records are lost or improperly destroyed, PIPEDA and PIPA treat it the same as a digital breach — notification obligations apply.

Read playbook →

PIPEDAAB PIPABC PIPA

Website or Database Compromise — What Canadian Organizations Must Do

A website or database compromise triggers PIPEDA and PIPA obligations from the moment you discover it — not after the investigation concludes.

Read playbook →

PIPEDAAB PIPABC PIPA

Unauthorized Employee Access — What Canadian Organizations Must Do

An employee who accesses personal information beyond their authorization has caused a breach — PIPEDA and PIPA obligations apply regardless of intent.

Read playbook →

PIPEDAAB PIPABC PIPA

Vendor or Third-Party Breach — What Canadian Organizations Must Do

When your IT provider, SaaS platform, or payroll processor is breached, your PIPEDA and PIPA accountability does not transfer to them.

Read playbook →

PIPEDAAB PIPABC PIPA

Accidental Email Disclosure — What Canadian Organizations Must Do

When personal information is sent to the wrong recipient, PIPEDA and PIPA breach obligations apply — how to assess and who to notify.

Read playbook →

PIPEDAAB PIPABC PIPA

Phishing and Email Compromise — What Canadian Organizations Must Do

When phishing compromises an employee email account, PIPEDA and PIPA breach obligations apply immediately — how to assess and respond.

Read playbook →

PIPEDAAB PIPABC PIPA

Lost or Stolen Device — What Canadian Organizations Must Do

A lost or stolen device triggers PIPEDA and PIPA obligations that depend heavily on encryption status — how to assess and respond.

Read playbook →

PIPEDAAB PIPABC PIPA

Ransomware Attack — What Canadian Organizations Must Do

Ransomware is treated as a confirmed breach under PIPEDA and PIPA — exfiltration does not need to be proven. How to assess and respond.

Read playbook →

Need to assess your breach now?

ClearBreach generates your assessment report and all required documents automatically.

Get early access