How much funding can be received?

The MaLoi25 pathway, specifically, refers to a set of measures, tools, and resources designed to assist businesses and organizations in complying with the new requirements of Law 25. This pathway is intended to provide clear and accessible information on the legal obligations introduced by the law and how entities can adjust their personal information management practices to effectively meet these obligations.

grant_single_labels|projects

The grant MaLoi25 offers support for projects focusing on strengthening cybersecurity and achieving compliance with new regulatory requirements. The activities aim to provide structured guidance and resources to organizations seeking to align with these mandates.

Completion of an online self-diagnostic questionnaire to evaluate compliance with the new law.
Participation in a 2-hour group training session about best practices for cybersecurity and data protection compliance.
Engagement in personalized coaching, including a 2-hour individual meeting and a minimum of 8 hours of virtual coaching, to develop and implement a tailored compliance plan.

grant_single|admissibleProjectsExample

$ 7,500

Develop a compliance action plan and provide formal training for a social economy enterprise

$ 10,000

Strengthening privacy and data security measures for a general partnership firm

$ 10,000

Implement personal data compliance tools and training for a non-profit organization

$ 10,000

Upgrade privacy compliance for a tech startup through targeted training and expert consultations

$ 7,000

Implement comprehensive data compliance initiatives for an educational NPO with autonomous revenue

$ 8,000

Enhancing data protection systems for a financial cooperative through specialized training

grant_single_labels|admissibility

The eligibility criteria for this grant require specific characteristics regarding the organization applying for support.

The organization must be based in Québec, Canada.
The organization must be either a public or private entity.
The organization must have fewer than 500 employees.

grant_eligibility_criteria|who_can_apply

Organizations in Quebec, both public and private, with fewer than 500 employees are eligible to apply for support under the MaLoi25 program. This includes Small and Medium Enterprises (SMEs) and Small and Medium Organizations (SMOs) looking to enhance their cybersecurity measures and comply with the new legal requirements.

grant_eligibility_criteria|who_cannot_apply

Large companies: Companies with 500 or more employees are not eligible.
Organizations outside Quebec: Organizations that are not based in the province of Quebec.
Federal government organizations: Agencies and institutions that report to the Canadian federal government.
International organizations: Companies or institutions based outside Canada.
Individuals: The program is not open to individual applications; it targets organizations only.

grant_eligibility_criteria|eligible_expenses

The MaLoi25 training program is structured to assist small and medium-sized enterprises (SMEs) and small and medium-sized organizations (SMOs) in enhancing their cybersecurity measures and ensuring compliance with Act 25. The training encompasses three complementary stages to address the comprehensive needs of these organizations.

Strengthening cybersecurity infrastructure and protocols for SMEs and SMOs.
Providing compliance assistance and training regarding Act 25 mandates.
Offering continuous support and resources throughout the implementation process of cybersecurity measures.

grant_eligibility_criteria|zone

The MaLoi25 grant program is specifically designed for organizations located within the province of Quebec, Canada. It aims to assist small and medium-sized enterprises in complying with local cybersecurity regulations.

Organizations must be located in Quebec.

grant_single_labels|criteria

Location: The organization must be based in Quebec.
Organization size: The organization must have fewer than 500 employees.
Sector: Applicable to all organizations, both public and private.
Cybersecurity needs: The organization must have identified cybersecurity and Bill 25 compliance needs.
Ability to participate: The organization must be able to actively participate in all stages of the program (self-diagnosis, training, coaching).
Commitment: The organization must commit to following the guidelines and implementing the recommended practices for the protection of personal data.

grant_single_labels|register

Here are the steps to submit an application for the MaLoi25 program:

Step 1: Registration and Initial Contact
Visit the website https://maloi25.ca and complete the registration process.
Once registered, expect to be contacted via email by an assigned expert to plan the execution of the program stages.
Step 2: Complete the Self-Diagnostic Questionnaire
Access the online self-diagnostic questionnaire to assess compliance with Loi 25.
Submit the completed questionnaire to receive a detailed report, which forms the basis for the following steps.
Ensure to keep a copy of the report for sharing with your assigned expert.
Step 3: Participate in Group Training
Attend the 2-hour group training session on best practices in cybersecurity and compliance with Loi 25.
Take notes and align the training insights with your organization’s realities based on the self-diagnostic results.
Complete the online satisfaction questionnaire provided after the training session.
Step 4: Engage in Personalized Assistance
Participate in the personalized 12-hour assistance process, including a 2-hour individual meeting and 8 hours of virtual coaching.
Work with the assigned expert to develop and implement a compliance action plan based on the self-diagnostic report.
Complete any necessary compliance tasks between sessions to meet Loi 25 requirements.
Provide feedback through the satisfaction questionnaire once the assistance phase is completed.

grant_single_labels|otherInfo

Here are additional relevant details for this grant:

Post-program support is available through a form to request cybersecurity assistance for deploying solutions or increasing cybersecurity maturity levels.
An online satisfaction questionnaire is provided after both the group training and the personalized coaching to gather feedback for program optimization.
Participants are strongly advised to keep a copy of the self-diagnostic report as it is crucial for personalizing the compliance journey, and In-Sec-M cannot retrieve it if lost.
The program is operationalized by In-Sec-M and supported by service providers who focus on personal information protection expertise.
If services are initiated and not completed by March 31, 2025, fees are non-refundable; however, full refunds are provided if no service has been started before this deadline.

grant_single_labels|contact

loi25@insecm.ca

Apply to this program

Enhancing Cybersecurity Compliance for SMEs and SMOs

The MaLoi25 Training Program offers a structured roadmap to help small and medium-sized enterprises (SMEs) and small and medium-sized organizations (SMOs) bolster their cybersecurity measures while ensuring compliance with Canada's Act 25. This program is designed to provide comprehensive assistance through three complementary stages, each aimed at incrementally improving and securing the digital infrastructures of businesses and organizations.

In-Depth Understanding of the MaLoi25 Training Program

The MaLoi25 Training Program is meticulously crafted to address the ever-growing cybersecurity needs of SMEs and SMOs in Canada, offering a pragmatic path towards effective digital protection and legal compliance. As businesses increasingly rely on digital platforms, the associated risks have multiplied, necessitating robust measures to protect sensitive data against cyber threats. This program acknowledges these challenges and delivers a structured approach through its three-stage training process, which is aligned with the legal requisites outlined in Act 25.

In the first stage of the MaLoi25 Training Program, businesses undertake a comprehensive assessment of their current cybersecurity posture. This evaluation is critical as it identifies existing vulnerabilities and potential threats that could compromise their IT systems and data integrity. By understanding these weaknesses, businesses can develop tailored strategies aimed at mitigating risks effectively, thereby ensuring foundational cybersecurity fortification.

The second stage focuses on implementing the necessary technical and administrative cybersecurity safeguards. This phase involves deploying cutting-edge security solutions, such as advanced firewall configurations, encryption technologies, and multifactor authentication systems. Additionally, it emphasizes the importance of establishing a cybersecurity policy framework to manage and govern IT practices efficiently. By embedding these security measures, SMEs and SMOs can not only enhance their defense mechanisms but also ensure they meet the stringent criteria set by Act 25.

The final stage of the program is dedicated to maintaining cybersecurity resilience through continual monitoring and improvement. Recognizing that cybersecurity is an ongoing process rather than a one-time effort, this stage equips businesses with the skills and tools necessary for regular system audits and updates. It involves training personnel on the latest cybersecurity threats and response strategies to ensure swift action when incidents occur. Furthermore, the MaLoi25 program encourages establishing a culture of cybersecurity awareness across the organization, fostering a proactive approach to emerging digital threats.

Beyond merely complying with legal standards, participating in the MaLoi25 Training Program offers several strategic advantages. By strengthening cybersecurity measures, SMEs and SMOs not only shield themselves against potential cyberattacks but also gain critical trust from clients and partners who value data integrity. This trust translates into competitive advantages, positioning businesses as secure and reliable entities in the marketplace. Moreover, as organizations demonstrate their commitment to cybersecurity, they also pave the way for innovation and growth, exploiting new opportunities without the hindrance of security concerns.

Overall, the MaLoi25 Training Program is an indispensable resource for any SME or SMO keen on safeguarding their digital assets and maintaining compliance with Canadian legislative standards. By systematically enhancing cybersecurity through its three carefully designed stages, businesses can confidently navigate the complexities of today's digital ecosystem and emerge as market leaders in secure operations.