Valdra·Canadian Privacy Compliance

Valdra/Breach & Incidents

Your complete breach history,
always audit-ready

PIPEDA requires organizations to maintain a breach register for a minimum of 24 months. Ours captures every incident automatically, with all evidence linked and export-ready for OPC review.

Start Free Assessment View all features

comply.canuckt.ai/incidents/INC-2024-043

Incident INC-2024-043

Employee data exposure — HR database

CRITICAL

OPC Notification Required In

47:23:11

Hours : Minutes : Seconds

Incident Timeline

1. Incident Detected

2. Investigation Started

3. OPC Notification

4. Parties Notified

OPC ReportDRAFT

Organization: Acme Corp

Date of breach: Apr 12, 2026

Individuals affected: 847

Data types: Name, SIN, DOB

RROSH assessment: ✓

Built for Canadian businesses

421+Entity Types

95%+F1 Accuracy

0 bytesData Retained

🍁Canadian Servers

PIPEDACertified

72h

OPC notification deadline — now fully automated with Valdra

¹ PIPEDA Breach Regulations s.4(1)

Start Free Assessment

OPC Breach Notification — Draft

47h 23m left

Incident Summary

Unauthorized access to customer database on April 12, 2026. Approximately 1,200 records including names, emails, and account numbers affected.

Records Affected

1,200

Data Types

Name, Email, Account #

Risk Level

Real Risk of Harm

OPC Report

Required

The OPC clock starts at breach, not discovery.

The 72-hour notification window under PIPEDA begins when the breach occurs — not when you realize it happened. Valdra starts the clock automatically and walks you through every required step before the deadline.

Request a demo

OPC Breach Notification — Draft

47h 23m left

Incident Summary

Unauthorized access to customer database on April 12, 2026. Approximately 1,200 records including names, emails, and account numbers affected.

Records Affected

1,200

Data Types

Name, Email, Account #

Risk Level

Real Risk of Harm

OPC Report

Required

Affected Party NotificationTemplate · En/Fr

Subject: Important notice about your personal information

Dear [First Name],

We are writing to inform you of a security incident that may have affected your personal information held by [Company].

What happened: On [Date], we discovered that...

Legally reviewed · Meets OPC plain language standards

Every letter, every document, generated.

OPC notification letters, affected party notifications, and internal incident reports are auto-generated from your incident data. Plain language, legally reviewed templates — done in minutes, not hours.

Request a demo

Additional features

Request a demo

Automatic Breach Logging

Every incident opened in Valdra is automatically added to your breach register with all required PIPEDA fields populated.

24-Month Retention

Enforces the mandatory 24-month retention period for breach records. Alerts you before any record is eligible for destruction.

Required Field Coverage

Captures all PIPEDA breach register requirements: description, date, data types, individuals affected, RROSH assessment, notification actions.

OPC Inspection Export

Export your complete register in OPC-requested format with a single click — formatted for regulatory inspection or litigation discovery.

Status Tracking

Real-time status for each breach: investigation, notified, closed. Filter by date range, severity, regulation, or notification status.

Access Controls

Restrict breach register access to authorized users only. Full audit log of who accessed which records and when.

“
We had a breach on a Friday evening. Valdra had the OPC notification drafted and submitted before Monday morning. That kind of speed is impossible without automation.
RB
Rachel Bourassa
General Counsel · Maple Legal Group