MaLoi25

• The program MaLoi25 is subsidized by the Ministry of Economy, Innovation, and Energy.
• The subsidy for this program is valid until March 31, 2025, after which services will no longer be provided.
• If a participant has not commenced any steps of the program, all service and registration fees will be fully reimbursed.
• If a participant starts but does not complete a service, In-Sec-M cannot refund the service and registration fees.
• In-Sec-M commits to trying to communicate with participants beforehand to avoid non-commencement situations.

The eligibility criteria for this grant require specific characteristics regarding the organization applying for support.

• The organization must be based in Québec, Canada.
• The organization must be either a public or private entity.
• The organization must have fewer than 500 employees.

Who is eligible?

Organizations in Quebec, both public and private, with fewer than 500 employees are eligible to apply for support under the MaLoi25 program. This includes Small and Medium Enterprises (SMEs) and Small and Medium Organizations (SMOs) looking to enhance their cybersecurity measures and comply with the new legal requirements.

Who is not eligible

• Large companies: Companies with 500 or more employees are not eligible.
• Organizations outside Quebec: Organizations that are not based in the province of Quebec.
• Federal government organizations: Agencies and institutions that report to the Canadian federal government.
• International organizations: Companies or institutions based outside Canada.
• Individuals: The program is not open to individual applications; it targets organizations only.

Eligible expenses

• Costs related to a 2-hour group training to reinforce cybersecurity and compliance with Law 25.
• Personalized support fees of 12 hours for the development and implementation of a compliance plan.

Eligible geographic areas

The MaLoi25 grant program is specifically designed for organizations located within the province of Quebec, Canada. It aims to assist small and medium-sized enterprises in complying with local cybersecurity regulations.

• Organizations must be located in Quebec.

• Location: The organization must be based in Quebec.
• Organization size: The organization must have fewer than 500 employees.
• Sector: Applicable to all organizations, both public and private.
• Cybersecurity needs: The organization must have identified cybersecurity and Bill 25 compliance needs.
• Ability to participate: The organization must be able to actively participate in all stages of the program (self-diagnosis, training, coaching).
• Commitment: The organization must commit to following the guidelines and implementing the recommended practices for the protection of personal data.

Here are additional relevant details for this grant:

• Post-program support is available through a form to request cybersecurity assistance for deploying solutions or increasing cybersecurity maturity levels.
• An online satisfaction questionnaire is provided after both the group training and the personalized coaching to gather feedback for program optimization.
• Participants are strongly advised to keep a copy of the self-diagnostic report as it is crucial for personalizing the compliance journey, and In-Sec-M cannot retrieve it if lost.
• The program is operationalized by In-Sec-M and supported by service providers who focus on personal information protection expertise.
• If services are initiated and not completed by March 31, 2025, fees are non-refundable; however, full refunds are provided if no service has been started before this deadline.