Would you then say that this approach taken by B.C. that leaves this really in the hands, in your case, of the broker, but let's say of the business that's so affected, and that places the onus on them to do the assessment, determine who was affected by this breach, and then implement some notification procedure would be quite acceptable and quite workable?
