We had the benefit of some recommendations from the Privacy Commissioner in his last annual report on exactly this issue and that office's concerns about the varying numbers of breaches reported. Often, the institutions up that decision about what to do and what not to do. I think institutions are working in good faith on that, but we want to be doing some work over the next two years.
We're developing a two-year action plan. We've shared it with the Office of the Privacy Commissioner, because we want their input before it's finalized, and we'll be working in partnership with them to deploy it.
It will be focusing on increasing awareness about the nature of personal information, what a breach is and how to report a breach. Also, at the recommendation of the Office of the Privacy Commissioner, we're focusing a lot of those efforts on the IT and security community, because they are the people on the front lines when there could be a compromise or information could be lost. Therefore, we want to make sure they have the instinct to say that personal information was involved in this.
We have a small team working on this in partnership with government institutions. We're hoping we'll be able to make a difference on that front over the course of the next two years.
Thank you.