Privacy and Security Resources

Resource Library

Privacy Horizon insights into all things privacy and security.

All

Data Breaches

Industry Trends

Regulatory Compliance

Privacy and Security

Conducting an artificial intelligence Privacy Impact Assessment (PIA)

Artificial intelligence is reshaping healthcare, but it also raises serious privacy risks. This article explores how Privacy Impact Assessments help healthcare organizations evaluate AI systems, manage patient data responsibly, and stay aligned with Canadian privacy obligations.

The Role of a vCISO in Building a Scalable Security Program

How a vCISO builds a scalable security program: priorities, standards, assessments, incident readiness, and proof for growth.

Security in Healthcare

What healthcare security really requires: common weak points, priorities, and the assessments that clarify next steps.

Security in HealthTech

High-ROI security basics for HealthTech teams, plus when to run a TRA or penetration test.

Privacy in Healthcare

Healthcare privacy basics, common pitfalls, and how to build privacy into operations without slowing delivery.

What is HIPAA?

HIPAA explained for Canadian companies: when it applies and what “HIPAA-ready” looks like in practice.

Privacy Compliance for HealthTech

The HealthTech compliance essentials—data flows, vendor boundaries, access control, retention, and incident readiness.

What is Privacy Compliance?

Privacy compliance in practical terms: what it really means and the core pieces most teams need.

The Top 5 Privacy Risks Canadian SMEs Overlook

The most overlooked SME privacy risks—data sprawl, vendors, access, retention, and incident readiness—with simple fixes.

How to Know if Your Company Needs a Security Assessment

Key signs you need an assessment—and how to choose between a TRA, penetration test, or privacy review.

Privacy vs. Security: What’s the Difference (and Why It Matters for Compliance)

The difference between privacy and security, why it matters for compliance, and how to avoid common gaps.

Understanding PIPEDA: Canada’s Core Privacy Law Explained Simply

A plain-English guide to PIPEDA: what it covers, when it applies, and what compliance looks like day-to-day.

What is PHIPA?

PHIPA explained simply—who it applies to in Ontario and what organizations need to do in practice.

What Is a Virtual Chief Information Security Officer (vCISO) and When Should You Hire One?

What a Virtual CISO does, when you need one, and how they bring structure and clarity to security decisions.

What Is a Virtual Privacy Officer (VPO) and When Should You Hire One?

What a Virtual Privacy Officer does, when to hire one, and how it keeps privacy from falling off your roadmap.

How to Build a Privacy Program from Scratch: A Step-by-Step Guide for Small Businesses

A practical step-by-step privacy program for small teams: ownership, data mapping, vendors, policies, and a simple cadence.

What is a Threat and Risk Assessment (TRA)?

A simple breakdown of TRAs: what they cover, what you get, and how they help prioritize security fixes.

What Is a Privacy Impact Assessment (PIA) and Why Every Healthtech Startup Needs One

What a PIA is, when you need one, and how it reduces risk while speeding up trust with enterprise buyers.

Key Privacy and Security Trends to Watch in 2025

Discover the privacy and security trends shaping 2025.

Navigating Regulatory Compliance in 2025: Key Changes and Challenges

Stay ahead of evolving regulatory compliance changes in 2025.

2025 Privacy and Data Security Trends: What You Need to Know

Explore key privacy and data security trends shaping 2025.

Understanding Data Breaches: How They Happen and How to Protect Yourself

Learn how data breaches happen and how to protect your personal information.