Frequently Asked Questions

Why should a small or medium-sized business bother with being compliant with privacy laws?
Small and medium-sized businesses are more vulnerable and at risk of a privacy breach because they:
  • lack awareness and knowledge of privacy laws and requirements;
  • are more likely to be using free or low-cost technology tools;
  • rely on third-parties to protect personal information;
  • are less likely to allocate human and financial resources to risk prevention; and,
  • lack access to privacy professionals
How much does it cost for you to do a Privacy Management Program for me?

Typical costs for us to develop a Privacy Management Program for our clients run anywhere between $5,000 for a small non-profit company and up to $25,000 for a medium-sized for-profit company.

How much does it cost for me to take the courses to develop my own Privacy Management program?

Each development course is $350. If you buy all the first three  (3) courses in the bundle, the cost is $900 (saves you $150).

All of the courses include support and consulting time, so we can answer any questions you may have, review the documents you’ll be creating and make sure that you complete and implement your privacy management program in a timely manner. 

Do you recommend a compliance review as the first step for an organization to take towards meeting compliance?

This depends on whether the organization has a privacy program already in place. If it does, we can review what’s in it to identify gaps.

If you are just getting started on meeting compliance, we recommend developing your privacy management program first, since the same gaps and issues will be identified that you’d find in a review – and you’ll be further ahead.

What are the risks related to not being compliant with applicable privacy laws?

The internal risks are:

  • Increased risk of data breaches, due to lack of policy, practices & training;
  • Poor decision-making, when privacy is not considered and included in risk assessment; and,
  • Diminished employee and customer trust resulting in damage to reputation and brand.
The external risks are:
  • Cyber attacks;
  • Increased potential for complaints as public awareness of privacy issues grows and a regulator investigation from a complaint;
  • Third-party application and service provider risk; and,
  • Impending privacy law updates with stricter requirements and large fines.
What kinds of costs can be incurred if a personal information breach happens?
  1. Business interruption
  2. Revenue loss
  3. Legal advice
  4. Credit monitoring
  5. Compliance with regulator orders, recommendations and decisions
  6. Fines (Quebec, British Columbia and Alberta)
  7. Reputation management
  8. Loss of employee/customer/donor/volunteer trust
Do you have discounted rates for non-profits and charities?

Yes. We offer a discount of 20% off our regular consulting rates for non-profits and charities.

What are the benefits of compliance?
  1. Identifies vulnerabilities and risks related to privacy
  2. Supports and complements IT programs to proactively prevent theft, weaknesses or lapses in security
  3. Demonstrates accountability through establishing and maintaining a privacy management program
  4. Develops a strong privacy culture
  5. Protects the organization and brand reputation
  6. Improves employee/customer loyalty and increases organizational trust
Can you work with us remotely?

Yes. Through the COVID-19 pandemic, we’ve worked with our clients remotely. Meetings have been held on line, with communication and  documents exchanged through TitanFile, which we use with our clients for information and file security. 

How soon can you start if we are ready to get your help?

This depends on what you need help with and the urgency. If it is urgent, we’ll assess the situation with you under our hourly rate and if we can’t help you from there, we’ll connect you to someone who can.

We help the majority of our clients develop their privacy management programs to use as a risk management tool. Depending on the organization, some fast-track the development, while others need more time due to staff availability and support. For privacy management program development, we can usually get a new client started within 30 days. 

Have a new question?

12 + 15 =


Victoria, BC  


M-F: 9am – 5pm
S-S: Closed

Call Us

(250) 888-3073

© 2022 PrivacyOffice.ca