Recent developments in privacy law, both globally and in Canada, as well as increasing stakeholder expectations and demands for protection of their personal information, should change how Canadian charities and non-profits understand and manage their obligations around privacy, transparency and accountability.
A report from statistics Canada has shown that the number of police-reported cybercrimes in Alberta has more than doubled over a four-year period and there is no sign those numbers will improve any time soon. Alberta’s numbers have rose dramatically since 2014 when there were just 1,638 reported crimes.
Statistics from Volunteer Alberta has shown that, one third of registered charities and nonprofits in Alberta provides various health and social service programs and therefore bounded by the Health Information Act (HIA) of Alberta. In 2018, the Office of the Alberta Information and Privacy Commissioner (OIPC) reports also indicated a rapid surge in privacy breaches in Alberta. The Canadian Centre for Cyber Security has identified over 1,500 websites posing as Government of Canada COVID-19 pages designed to scam Canadians. It also states that, criminals have been exploiting a vulnerability in Word to spread malware and AZORult since at least 2016, including for downloading ransomware that can lock victims out of their systems. A typical example is the 2019 ransomware attack on Nunavut government.
In light of this, CFIE wants to develop a Platform As A Service (PAAS) network hub embedded with an effective record and security management system which would be delivered to various nonprofits and charity organizations within Alberta at a very low monthly cost. Our goal is to provide cybersecurity protection for various charities and non-profits who can’t afford to build an in-house server with high-security features to protect their assets and electronic documents. Our Electronic document management system will be easy to use, scalable, client-server document management software system that can manage tens of thousands or millions of documents. It can store practically any type of file and directly integrate with the Microsoft Office suite of products or Microsoft SharePoint. With a workflow module, routed AP invoice approvals, expense reports, intrusion detection, and prevention system, our system would be able to monitor and automatically prevent and track cyber attacks of various organizations that we would be serving.
We would also use our created platform as IT network security training centre for newly graduated black immigrants. Freshly graduated black immigrants from the various colleges would have internship opportunities to practice and gain the necessary on-the-job experience, which they can add on their resumes. Our projects proof of delivery feature can be used to send documents securely in a controlled environment. With both the workflow module and Courier, all transactions are tracked and audited for full privacy compliance therefore protecting the non-profit and charities that we serve. The interns would also have the opportunity to network with the charities we serve so they can easily transition to those organizations for full time jobs, after their internships.