Incident playbooks
What to do when a breach happens
Scenario-specific guidance for Canadian SMEs and MSPs. Each playbook walks through your assessment obligations, reporting deadlines, and required documents for a common breach type.
Cloud Storage Misconfiguration — What Canadian Organizations Must Do
A misconfigured cloud storage bucket triggers PIPEDA and PIPA obligations even without evidence of unauthorized access — exposure alone is enough.
Read playbook →
Physical Records Breach — What Canadian Organizations Must Do
When paper records are lost or improperly destroyed, PIPEDA and PIPA treat it the same as a digital breach — notification obligations apply.
Read playbook →
Website or Database Compromise — What Canadian Organizations Must Do
A website or database compromise triggers PIPEDA and PIPA obligations from the moment you discover it — not after the investigation concludes.
Read playbook →
Unauthorized Employee Access — What Canadian Organizations Must Do
An employee who accesses personal information beyond their authorization has caused a breach — PIPEDA and PIPA obligations apply regardless of intent.
Read playbook →
Vendor or Third-Party Breach — What Canadian Organizations Must Do
When your IT provider, SaaS platform, or payroll processor is breached, your PIPEDA and PIPA accountability does not transfer to them.
Read playbook →
Accidental Email Disclosure — What Canadian Organizations Must Do
When personal information is sent to the wrong recipient, PIPEDA and PIPA breach obligations apply — how to assess and who to notify.
Read playbook →
Phishing and Email Compromise — What Canadian Organizations Must Do
When phishing compromises an employee email account, PIPEDA and PIPA breach obligations apply immediately — how to assess and respond.
Read playbook →
Lost or Stolen Device — What Canadian Organizations Must Do
A lost or stolen device triggers PIPEDA and PIPA obligations that depend heavily on encryption status — how to assess and respond.
Read playbook →
Ransomware Attack — What Canadian Organizations Must Do
Ransomware is treated as a confirmed breach under PIPEDA and PIPA — exfiltration does not need to be proven. How to assess and respond.
Read playbook →
Need to assess your breach now?
ClearBreach generates your assessment report and all required documents automatically.
Get early access