Thank you, Mr. Chair.
It's great to see that we're having all of the privacy commissioners from different jurisdictions. If there's anything that we know about data these days, it's that it tends to migrate across borders, not just provincially, but internationally.
My first question is to each of the three attendants here. Clause 9, on the Consumer Privacy Protection Act, would require that each organization subject to the act would maintain a privacy management program that includes the policies, practices and procedures that it has in place to meet obligations under the act.
I'll start with Madam Poitras.
Are provincial organizations already required to develop a privacy management program? How is that monitored?