Act 25 compliance: MaLoi25 is an aid program subsidized by the Government of Québec

MaLoi25 is designed and administered by In-Sec-M, the Canadian cybersecurity cluster, in collaboration with Québec’s Ministry of Economy, Innovation and Energy (MEIE). This program subsidized by the Government of Quebec provides concrete assistance to SMEs and SMOs so that Quebec experts can support them in their cyber resilience and compliance with Act 25.

Discover our training

Act 25: Understanding the new provisions in personal information protection

Since its enactment on September 22, 2023, in Quebec, Act 25 has introduced significant changes in the governance of personal information. This law, which modernizes legislative provisions, aims to protect the confidentiality of personal information in the private sector while ensuring transparent and equitable access to the collection of personal information, information, and privacy policies.

Personal information protection: responsibilities and obligations

Act 25 imposes clear obligations on organizations holding personal information. Organizations are now required to ensure that the personal information they hold is adequately protected throughout its lifecycle. This includes the collection, use, disclosure, and destruction of personal information, in accordance with legislative provisions on protection.

Compliance and consent

Organizations must obtain the consent of the individual concerned before collecting or disclosing personal information, except in cases provided by law. Furthermore, the disclosure of personal information outside Quebec is subject to strict rules to ensure adequate data protection.

Management and transparency

Act 25 also emphasizes transparency and accountability in the governance of personal information. Organizations must be able to demonstrate compliance with the law and effectively manage confidentiality incidents, where applicable. Moreover, they are required to clearly communicate to the concerned individuals how their personal information is used and disclosed.

Implications and sanctions

Organizations that violate Act 25 are subject to severe penalties, which can go up to $25 million. Therefore, it is imperative for businesses to understand and respect the requirements of this law to avoid the risk of non-compliance and financial damage.

In conclusion, Act 25 on the protection of personal information represents a crucial step in preserving the privacy of individuals in Quebec. By complying with its provisions, organizations can not only protect the rights of their clients and employees but also strengthen public trust in the responsible management of personal data.

Quality expertise on Act 25

Cybersecurity is a field that is constantly evolving, requiring advanced knowledge and constant updating of skills. This is why it is crucial to call on experts recognized for their know-how and commitment. Our MaLoi25 program takes advantage of this expertise by relying on a network of meticulously selected suppliers. These professionals, mandated by In-Sec-M, work rigorously to ensure that you benefit from start of the art advice, tools and strategies, all aligned with the specific requirements of Act 25 with regards to personal information protection.

Discover our experts

An advantageous price

Cybersecurity, while essential, can be costly for many organizations, especially those with limited resources. However, with the financial support of the Government of Québec, our MaLoi25 program makes it possible to offer high quality solutions at significantly reduced costs. These subsidized rates provide a unique opportunity for assistance and support to confidently navigate the complex cybersecurity landscape.

What is the MaLoi25 training?

The MaLoi25 training is a structured approach to meeting the assistance needs of SMEs and SMOs in 4 complementary stages aimed at strengthening their cybersecurity and complying with Act 25.

Discover our training

All Quebec SMOs are eligible

Awareness and support services are offered to any for-profit or non-profit organization with its head office in Quebec and with less than 500 employees.

Improve your cyber resilience

A webinar for your members

Do your members need help to comply with Act 25?

In-Sec-M offers groups of SMEs and SMOs the opportunity to learn more about the protection of personal information and the subsidized MaLoi25 program thanks to a free webinar.


Need of information?
You want to register?

Request a webinar

We are the national cybersecurity cluster

In-Sec-M was founded in 2017 at the suggestion of the National Research Council of Canada (NRCC) which wanted to bring together Canadian companies with expertise in cybersecurity so that they could better distinguish themselves in the major national and international cybersecurity markets.

In 2023, 2,000 Canadian companies benefited from the expertise of an In-Sec-M partner.

A bridge between supply and demand

In-Sec-M is a non-profit organization that brings together key players in the cybersecurity ecosystem. We play the role of intermediary between organizations that have cybersecurity needs and those that have the solution. We also work to promote Canadian cybersecurity services and solutions to major Canadian and international decision-makers.

Tailor-made training

In partnership with various provincial or federal departments, In-Sec-M ensures the design and delivery of cybersecurity programs, initiatives and services intended to help organizations and communities acquire stronger cybersecurity. Our training courses are developed in collaboration with Canadian companies that are among the most experienced in the country.

 

Learn more