Data Security and Integrity. 1. Canada shall implement regulatory, procedural or technical measures to protect PNR data against accidental, unlawful or unauthorized access, processing or loss. 2. Canada shall ensure compliance verification and the protection, security, confidentiality, and integrity of the data. Canada shall: (a) apply encryption, authorization, and documentation procedures to the PNR data; (b) limit access to PNR data to authorized officials; (c) hold PNR data in a secure physical environment that is protected with access controls; and (d) establish a mechanism that ensures that PNR data queries are conducted in a manner consistent with Article 3. 3. If an individual's PNR data is accessed or disclosed without authorization, Canada shall take measures to notify that individual, to mitigate the risk of harm, and to take remedial action. 4. Canada shall ensure that the Canadian Competent Authority promptly informs the European Commission of any significant incidents of accidental, unlawful or unauthorized access, processing or loss of PNR data. 5. Canada shall ensure that any breach of data security, in particular leading to accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, or any unlawful forms of processing, is subject to effective and dissuasive corrective measures which might include sanctions.
Appears in 2 contracts
Sources: Agreement on the Transfer and Processing of Passenger Name Record Data, Agreement on the Transfer and Processing of Passenger Name Record Data