I'm just trying to understand the role of government with something like PharmaNet. They hold themselves apart from government; they are not part of government, and yet the Government of British Columbia—or nationally, if we're doing PIPEDA—sets the rules regarding, when a breach happens, when a company with something like personal medical information has to tell the public that this has happened.
You're suggesting that there isn't a breach notification.