White Rapids Books

Modern Bookkeeping · Nanaimo, BC
Legal

Incident Response

Effective date:** June 4, 2026
Last updated:** June 4, 2026

This page describes how White Rapids Books responds to security incidents affecting client information.

1. What we consider an incident

A security incident is any event we identify or are notified of that could compromise the confidentiality, integrity, or availability of information entrusted to us. Examples include unauthorized access to systems or data, loss or theft of equipment, exposure of credentials, or malicious activity on our infrastructure.

2. How we respond

When we identify or are notified of a potential incident we:

  1. Acknowledge the report and begin assessment promptly.
  2. Contain the incident by isolating affected systems and rotating credentials.
  3. Investigate the scope, cause, and the information involved.
  4. Remediate the underlying cause and restore normal service.
  5. Notify affected clients and any required authorities in line with applicable law.
  6. Document findings and apply lessons learned to prevent recurrence.

3. Notification

Where notification is required under applicable law (including PIPEDA's breach-of-security-safeguards reporting obligation and the BC PIPA), we notify affected individuals and the Office of the Privacy Commissioner of Canada (or the Office of the Information and Privacy Commissioner for BC, as applicable) without unreasonable delay.

We also notify clients of incidents that may materially affect their data even where formal notification is not strictly required.

4. Reporting an incident

If you believe a security incident may affect your information held by us, contact us immediately at:

admin@whiterapidsbooks.ca

Please include a brief description of what you observed and any context that may help us respond.

5. Review

We review this plan at least annually and after any material incident.