How to Launch Your Renovation Company in Quebec

In early 2023, new regulations regarding construction site-related affairs came into effect. Among these new rules, one specifically highlights workers' accountability, or more precisely, their active involvement in improving worksite health and safety. In fact, when a worksite is to welcome over 20 labourers simultaneously, at one point or another, the principal contractor must, on top of putting together a prevention plan, form a construction committee as soon as work is set to begin. Why is such a committee necessary, and how can you ensure it’s properly structured? Construction Committee Regulations and Functions Source: Canva The committee is established at the beginning of worksite operations and must remain active to the very end of the construction project. The reasons for requiring employees to meet on a regular basis are as follows: Ensuring the terms of the prevention program and safety standards are met. Making certain that on-site employer workflows are implemented and operational. Receiving worksite health and safety feedback (complaints and suggestions). Reviewing accident reports and submitting recommendations. Examining inspection reports. Keeping a record of meeting minutes. Who’s responsible for the on-site construction committee? Source: Canva First off, the principal contractor, meaning the person responsible for ensuring work is being done according to schedule during a construction project, must put together the committee. To fill vacant seats, a notice should be issued to all employees and employers. If there’s an workers’ association, the principal contractor must ensure the workers name a representative. The Safety Code, as part of the Building Act, lists regulations to follow in terms of structuring a committee: Assign a general contractor or owner representative Assign representative(s) for every employer (manager, superintendent, foreperson) Assign representative(s) for each of the present workers’ associations Assign health and safety representative(s) Assign a health and safety coordinator/officer Besides the general makeup of the committee listed above, equality is another important factor to consider. As such, there must be just as many employer representatives as there are employee representatives. If a construction worksite has more employers present than the maximum amount of representatives allowed by the committee, those who will sit on the board are the ones employing the most labourers. If numerous health and safety coordinators and representatives are elected, due to a high number of active workers, they must all attend committee reunions. Again, if the number of representatives exceeds that of available board seats, the represented associations will have to decide together on which members will attend reunions. What does a health and safety coordinator do? Title holders must have a construction site safety officer certificate or a course certificate as a health and safety coordinator, issued by the CNESST, which is a minimum of 240 hours of training. The appointed health and safety coordinator handles all committee affairs. The individual in question holds a full-time managerial position on the construction worksite, under the direct supervision of the principal contractor. Here’s a more detailed list of their tasks: Inspect the work site and identify potential sources of hazards Help design and update the prevention program Ensure workers are aware of risks and the best trade-specific work practices Investigate past or hypothetical incidents or causes of accidents Accompany the inspector during visits Put together the agenda or schedule for construction committee meetings (however, all committee members can suggest changes) Write up the minutes and keep a record of all worksite health and safety-related elements (must be kept for a month after the project has wrapped) Note that the coordinator can share this list of tasks with the principal contractor. Construction Committee Meetings Source: Canva The employer and principal contractor are responsible for putting together meeting details and schedules. Typically, meetings are held during regular work hours and account for hours worked. Note that the person in charge will have a maximum of 14 days after the project has begun to set the very first meeting. Afterwards, the frequency at which the meetings will be held is determined based on the number of labourers present on the worksite. Under 100, the committee must meet every fortnight. Over 100, they’ll have to plan a weekly meeting. An Effective Construction Committee During the first meeting, if one or more members are first-time members of such a group, it may be useful to provide information regarding their specific role within the committee and the purpose of a construction committee. Prior to meetings, all committee members should receive the agenda to incite participation, as they’ll be able to prepare ahead of time and focus on the matters to be discussed. It goes without saying that a structured plan and comprehensive documents, maybe with annotations, will make the whole process more efficient. A structured agenda should, at the very least, feature the following elements: Follow-up on, and monitor, already discussed matters, if needed Suggestions from worksite labourers and active committee members Incident statistics, investigations, and analyses In-house or outsourced reports of the latest inspections Pinpoint upcoming risks as the worksite is furthering along and changing (new tradespersons involved, new chemical products used, etc.) Changes made to the prevention program to reflect decisions made Naturally, other topics of discussion are tailored to the context and priorities. CNESST Training for Construction Committee Members As of January 1st, 2024, the Regulation respecting prevention programs on construction worksites will mandate that all active members of a construction committee obtain a certificate of training given by the CNESST. This training course, which lasts about an hour, is offered free of charge. Members are entitled to take a leave from work to complete this training, and to do so without a pay cut. Recently, CNESST has also introduced similar online training in collaboration with TÉLUQ University. The topics covered include: Act respecting occupational health and safety on construction worksites Construction worksite-specific prevention and participation program Construction committee regulations and functions Designing and implementing a construction site prevention program Those who already hold a certificate of training as a health and safety coordinator or representative are exempt from this step. Construction Committees in Other Provinces Source: Canva How does it work in neighbouring provinces or territories? For instance, it’s the same concept in Ontario and in Newfoundland and Labrador but is known as Joint Health and Safety Committees (JHSC). Just as it is in Quebec, the committee is shaped by individuals who both represent employers and employees, with the purpose of improving health and safety conditions, including risk assessment. This consultative organizational approach is an integral part of workers’ rights: the right to know, participate, and refuse to undertake unsafe work. The requirements for such a committee are based on the number of active workers on a worksite: 1 to 5 = no obligations 6 to 19 = 1 health and safety officer. JHSC is mandatory if there are regulations pertaining to designated substances 20 to 49 = JHSC of at least 2 members 50+ = JHSC of at least 4 members A committee member is required to inspect the worksite at least once a month. The overall functionings are very much like the ones detailed in this article regarding safety protocols mandated in Quebec. I am a woman, hear me roar! If you’re looking for a position in the construction industry, check out our article Training Programs for Women in Construction to get started! Curious about everything that relates to construction site health and safety? Here are a few other articles that might be of interest: What You Need to Know About Industrial Respirators Assembling Safe and Compliant Scaffolding for Yourself and Your Team Advice for Better Stress Management Mental Health in the Construction Industry

Plastic is a hugely exploited building material since it’s durable, waterproof, supple, and lightweight. However, just like its many other daily uses, it definitely has a bad reputation. Subsequently, several companies are looking to take major steps to reduce its harmful effect on the environment. Though still far from the ideal outcome, governments and scientists are studying methods to improve the conception of plastic materials. As such, they’re establishing certain rules to help reduce biodiversity damage, curb plastics polluting the oceans, minimize waste when recycling, and so on. Single-use plastics are predominantly targeted by such initiatives giving value to renewable and reusable materials. As a construction contractor, on what level can you tackle this problem to make your worksites more eco-friendly? Plastic Use in the Construction Industry Source: Canva Without delving too deep into the scientific details of it all, plastic is a high-molecular compound that’s derived from petroleum, natural gasses, or plants. It can be grouped into two main categories: single-use or reusable. In Canada, the construction industry is a major consumer of all types of plastics since it’s a versatile and affordable product. It’s lightweight and malleable, making its transportation and installation easy. Waterproof, corrosion- and rot-resistant, these definitely slow down its deterioration process. Also, its numerous qualities as well as the substantial savings made are presented as non-negotiables for contractors. However, waste derived from its various uses is, unfortunately, generated throughout its entire process: from manufacturing to demolition, by way of transportation and construction itself. Moreover, some materials are rather difficult to recycle, such as PVC and flame retardant products. Nonetheless, note that it’s mandatory, for safety measures in some cases, that some materials aren’t decomposable or too “green.” Their use isn’t hazardous to the environment, it’s the complete opposite. For example, who would want the polystyrene blocks fitted to the new Champlain Bridge to be biodegradable? On a more serious note, the product’s durability allows for a near-permanent installation, such as pipes, which reduces waste pollution. The Most-Used Plastics in the Renovation and Construction Industry Source: Canva The types of plastics most used in construction are as follows: Polyvinyl chloride (PVC) High-density polyethylene (HDPE) Expanded polystyrene (EPS) There's no way to accurately list the many uses of this popular material in terms of building and renovation work, but here are a few: wiring, piping, joints, doors and windows, insulation, paints, tanks, mouldings and formwork, road signs, filtration, flooring and exterior cladding, etc. Nowadays, wood, glass, and metal are even being swapped for plastic. Ways to Limit Plastic Use on Worksites Source: Canva The biggest challenges remain sorting, reusing, and recycling end-of-life plastics. That's why it's important to embrace good, sustainable, and eco-friendly practices from the get-go. Not only is the planet's health at stake but also your company's reputation. If you're looking to move conscientiously away from the overuse of plastic products, you'll first need to formulate an action plan. For this, you'll need to evaluate the set of measures that are most effective and realistic for you. Focusing solely on biodegradable, bioplastic, and composite products, though it might seem like the most logical and obvious solution, isn't your only option. You have to think globally, on a multi-level, eco-friendly approach, not only in terms of material components and use. Recycling construction waste and developing a circular economy is more profitable long term. A well-thought-out strategy takes into account both advantages and disadvantages of using plastic for such and such. Hence, consider the possibility of swapping it out by weighing its effects, from start to finish (raw material extraction, manufacturing, transportation, function, safety, recycling, disposal, etc.). As such, it’s best to start by implementing simple and easy-to-control actions. You can educate and/or raise awareness among your employees by urging them to bring reusable drinkware and tumblers, properly dispose of their waste, even if they're in a rush, and so on. You can also take it one step further by giving out reusable bottles with the company’s logo on them and having a water refilling station. Lead by example: purchase cleaning products in bulk and ban the use of single-use plastic like straws and utensils during meetings and gatherings. Follow the 3Rs and beyond: Reduce Reuse Recycle (or compost) Value energy recovery Responsible waste disposal Goals Targeted by Limited Plastic Use Source: Canva The expected results consist of improving waste collection, reusing, and recycling plastic waste issued from building industry ventures. You can save by using less expensive, recycled building materials to keep them out of landfills. The entire life cycle of plastics demands change. Solutions must be thought out in terms of economic needs and capacities and should include the province's unique climate conditions. Check out the following for more concrete details. Examples of recycled materials used on building sites 1) Polystyvert, Pyrowave, Polyform, and Groupe Gagnon: Quebec-based companies striving to give a new meaning to polystyrene, a material widely used in the construction industry. 2) A German developer and builder saved 1,613 tons of concrete and 136 tons of CO2 emissions by using recycled plastic to build a residential high-rise. In due part to a patented void-former system, the steel-reinforced air bubbles replaced 35% of the reinforced concrete that would normally have been used for the slabs. 3) A company in the United Kingdom collaborated with clients and suppliers to reduce single-use plastics. One of the collaborators was able to save, what would add up to 40 tons of plastic waste a year among other things, by limiting the use of hazardous packaging. Employees were also provided reusable shoe covers and a closed-loop system for protective plastic sheeting. 4) During a commercial construction project in London, contractor Multiplex swapped out plastic mastic tubes for foil mastic tubes. This initiative led to saving 9,290 single-use tubes as well as reducing the volume of waste that would normally be generated from such a project by 96%. How can I dispose of construction and demolition waste? Whether you outsource waste management to a recycling company or do it yourself, there are plenty of options available to minimize your ecological footprint. Here are a few topics to be discussed as far as “green managing” your waste and construction worksite: Sustainable designs; Bio-based materials; Ecological designs; Selective deconstruction; Converting existing buildings; Advanced framing; LEED certification; Redirecting construction, renovation, and demolition waste to appropriate resources and ecocentres. To learn more about sustainable development and demolition waste, you can: Join CPEG (Quebec Business Council on the Environment), which supplies a lot of information, has several committees, and more. Check out the RECYC-QUÉBEC website, which details what one should do with all types of waste and offers relevant information for companies. Consult the Ecohome website to know how to divert waste and reduce GHGs. Look over carbon material databases and inventories to review the carbon levels present in various forms of plastics.

Technological breakthroughs come hand in hand with a host of advantages, including the speed at which data can be compiled and the ease with which multiple pieces of information can be centralized. However, booming IT proficiency and ready access to digital tools also spell greater hacking risks and the need to protect large volumes of sensitive information. As a contractor, you without a doubt regularly collect a lot of personal and professional information, such as client contact information, employee SIN numbers, banking information, and much more. This goes without saying but, you have to ensure the confidentiality of all the aforementioned information. How to Protect a Company’s Personal and Professional Data Source: Canva Firstly, let’s take a closer look at the meaning of the terms used in this blog article. Personal information is defined as follows: Recorded information that can, directly or indirectly, identify an individual (name, date of birth, social insurance number, email address, etc.). A privacy policy is defined as follows: An overview of practices and measures instilled by a company to ensure the protection of an individual’s personal information. This policy is designed to inform the target public of the level of commitment involved in protecting the data collected and to help individuals provide informed consent. The risk of injury is defined as: An act and event that’s likely to harm the concerned individual or their property. This is a situation that could harm their interests, damage their reputation, cause financial losses, harm their credit history, expose them to identity theft, result in their loss of employment, etc. A confidentiality incident is defined as: Unauthorized access, unauthorized use and communication, or loss of personal information. In addition to various scenarios, this could encompass situations where an employee exceeds their authorized rights and responsibilities by snooping or usurping an identity. It could also include inadvertent data leaks, such as an email mistakenly sent to the wrong recipient, instances of cyber-attacks, or the loss or theft of a USB key containing a sensitive database, among other potential incidents. How to Legally Harvest Personal Information Canadian companies must maintain complete transparency when collecting personal data from individuals. You must: Explain how data is collected (telephone numbers, software, quotes, forms, etc.). Provide information about how data will be used (communication, contracts, newsletters, exclusive discounts, payments, etc.). Gather only information relevant and justifiable in relation to objectives. (For example, there’s no need to obtain a client's banking information for in-person payments or their date of birth for promotional email subscriptions.) Avoid disclosing the information to any third party without explicit consent from the concerned individual, and clearly state the purpose for which the information is being disclosed. (For example, a construction contractor has to provide a client’s information to a field expert to carry out plumbing or electrical work.) State that the individual can withdraw consent for the use of their information. Highlight the rights of access and rectification granted by law. Retain data only for a period that’s reasonably necessary. How to Write a Privacy Policy While specific regulations may not explicitly outline requirements in this matter, it’s best to have an easily accessible privacy policy that’s readily available to your clients. It should be written in straightforward language that’s easy to understand. It should include the following elements: A short description of your company’s activities and services. Include the name and contact information of the company responsible for collecting data (most likely your company but could also include a referral platform like ours). The name and contact information of the person(s) responsible for protecting personal information. Numbers 1-2-5-6-7 of the aforementioned list. The duration for which the collected data will be retained. The security measures implemented to protect information. The date the policy took effect and when it was last updated. What are the mandates imposed by Law 25? Source: Canva Since September 22, 2022, Quebec's Law 25 has modernized the legislative provisions concerning personal data protection, imposing new obligations on all individuals conducting business activities. Additional security regulations are set to be introduced in September 2023 and 2024. Since September 2022, you must: Appoint a data protection officer to oversee your company’s personal information protection and publish their contact information on your website (or any other media readily available if you don’t have a website). In the event of a privacy-related incident, promptly notify the Commission d'accès à l'information du Québec and all relevant parties, while maintaining an accurate and current log of such incidents. Obtain consent from the concerned individual prior to using their information for research, statistical analysis, commercial transactions, or any advertising and promotional purposes. As of September 22, 2023, you’ll need to: Apply policies regarding the governance of personal information, and state them in plain language on your website (or other communication methods). Write and publish a clear and concise privacy policy, particularly if you’re harvesting personal data through technology. Inform concerned individuals when they’re solely making a decision based on an automated process and when identification, location, or profiling technologies are employed. Destroy or render anonymous all personal information that’s no longer of use. Assess privacy factors when the law requires it and abide by new communication conditions, prior to divulging personal information outside of the province of Quebec, for example. Adhere to the latest regulations regarding obtaining consent for the collection, disclosure, or use of personal information belonging to minors or legal adults. Configure default settings to enforce the highest level of confidentiality and privacy. Comply with current personal information disclosure regulations to ease the grieving process. As of September 2024, you’ll need to: Provide all personal data collected through technology at the request of the concerned individual. The above-mentioned obligations regarding the protection of personal information apply regardless of the size of your company. Whether you employ 700 individuals, operate as a sole proprietorship, joint-stock company, or general partnership, all physical or artificial persons must adhere to their responsibilities by establishing and implementing best practices in terms of data protection. What’s cybercrime? Cybercrimes target your company’s confidential information and can manifest as the following: Malware that’s installed in incognito mode through apps or websites with the purpose of allowing a thief to access the content of your computer. Ransomware that blocks access to your computer and attempts to convince you to pay a sum of money to recover important data before it’s sold. Phishing uses more conventional methods, such as bogus emails or computerized calls intended to trick you into willingly providing personal information. Denial-of-service (DoS) attacks considerably increase the traffic on your website, making it virtually impossible for your clients to access. It’s a money-making technique that either asks you to pay to restore accessibility or sells you a bogus repair service. Rainbow tables access your server to get ahold of everyone’s information at once, then analyze password algorithms and gain access to an entire server. How to Protect Your Company’s Data Below are some valuable tips to help prevent cyber attacks. Regularly check your software Ensure that your operating system, software, and firewall are up to date, that your antivirus software is of the highest quality, and that your Wi-Fi network is secure. Identify any gaps in your data management and protection, and fine-tune your approach. If necessary, consult experts to find the right tools for your situation, and resolve any problems or potential cyber-security loopholes. Secure data internally Unfortunately, the threat of an untrustworthy individual within your immediate circle or company is a possibility. While countering such adversaries can be challenging, you have to establish effective measures to minimize the risk of data breaches. You could, for example, impose restrictions on computer access in your absence, prohibit USB keys, frequently reset passwords, deny former employees access to internal websites, and install software that logs who had access to what and when that occurred, etc. Furthermore, when hiring new talent, don't be shy about having them sign an ethical code and non-disclosure agreement (NDA). Educate yourself about data protection Train your employees about the risks of using technology outside a highly secure network. For example, logging on to a public network to find client information in your database or clicking on a pop-up ad aren’t recommended, nor is leaving your computer unattended in the presence of your children when you're getting ready to send a confidential email, and so on. Establish a cybersecurity protocol First, outline the steps to be taken, and identify whom to contact in the event of a security breach (police, banks, clients, suppliers, etc.). Then, systematically backup documents on the Cloud and an external hard drive. Likewise, all folders containing personal information should be encrypted, and their encryption keys kept off servers. Get cyber insurance Such insurance could prevent financial losses and crisis management issues, while also putting you in touch with a variety of experts (IT security experts, legal advisors, public relations specialists, etc.). This insurance could cover legal or mediation fees, partially refund your business operating losses, finance a client credit monitoring service, and even contribute to hiring a public relations firm if you require media communication. How to Protect Against Data Breaches Source: Canva As soon as you have reason to believe or are aware that your company's and/or your clients' personal data has been compromised, and that the situation involves a risk of significant injury, you must report it to the Privacy Commissioner of Canada and to the Commission d'accès à l'information du Québec. You should also inform all those concerned, and immediately log the incident in a database for a period of 5 years. Subsequently, put into practice measures to minimize the extent of the leak and prevent such an event from happening again. For example, you could recover or require the complete destruction of stolen personal information, then fine-tune your security methods and correct any shortcomings identified at the time of the incident. How to Provide Government Services with a Written Notice Include the following information: Company name and NEG (Quebec Enterprise Number). Name and contact information of the individual to contact in regard to the breach. Description of personal information involved. Circumstances of the incident, if possible. Date or period during which the breach occurred and when your company took notice. The number of individuals involved in the breach. List the elements that led you to believe that there was a serious risk of injury. Measures put in place to inform affected persons. Measures taken or planned to minimize the risk of a breach occurring to mitigate the impact of a breach and prevent your company's data protection from being jeopardized by another breach. How to Provide Those Involved with a Written Notice Include the following information: Name and contact information of the individual to contact in regard to the breach. Description of personal information involved. Circumstances of the incident, if possible. Date or period during which the breach occurred and when your company took notice. Advise provided by your company suggesting ways in which the affected person can reduce the risk of injury. Measures taken or planned to minimize the risk of a breach occurring to mitigate the impact of a breach and prevent your company's data protection from being jeopardized by another breach. Last but not least, besides the embedded links we've provided, here are a few other articles about construction IT that may be of interest: Construction Contractor: Why You Should Optimize Your Profile How to Create a Good Website for Your Home Renovation Company Renovation Contractor: Choosing an Estimation Software 6 Apps to Help You Run Your Renovation Business Contractors: Acquiring News Clients Through Social Media How to Use Artificial and Augmented Reality in Construction Industry

Technological breakthroughs come hand in hand with a host of advantages, including the speed at which data can be compiled and the ease with which multiple pieces of information can be centralized. However, booming IT proficiency and ready access to digital tools also spell greater hacking risks and the need to protect large volumes of sensitive information. As a contractor, you without a doubt regularly collect a lot of personal and professional information, such as client contact information, employee SIN numbers, banking information, and much more. This goes without saying but, you have to ensure the confidentiality of all the aforementioned information. How to Protect a Company’s Personal and Professional Data Source: Canva Firstly, let’s take a closer look at the meaning of the terms used in this blog article. Personal information is defined as follows: Recorded information that can, directly or indirectly, identify an individual (name, date of birth, social insurance number, email address, etc.). A privacy policy is defined as follows: An overview of practices and measures instilled by a company to ensure the protection of an individual’s personal information. This policy is designed to inform the target public of the level of commitment involved in protecting the data collected and to help individuals provide informed consent. The risk of injury is defined as: An act and event that’s likely to harm the concerned individual or their property. This is a situation that could harm their interests, damage their reputation, cause financial losses, harm their credit history, expose them to identity theft, result in their loss of employment, etc. A confidentiality incident is defined as: Unauthorized access, unauthorized use and communication, or loss of personal information. In addition to various scenarios, this could encompass situations where an employee exceeds their authorized rights and responsibilities by snooping or usurping an identity. It could also include inadvertent data leaks, such as an email mistakenly sent to the wrong recipient, instances of cyber-attacks, or the loss or theft of a USB key containing a sensitive database, among other potential incidents. How to Legally Harvest Personal Information Canadian companies must maintain complete transparency when collecting personal data from individuals. You must: Explain how data is collected (telephone numbers, software, quotes, forms, etc.). Provide information about how data will be used (communication, contracts, newsletters, exclusive discounts, payments, etc.). Gather only information relevant and justifiable in relation to objectives. (For example, there’s no need to obtain a client's banking information for in-person payments or their date of birth for promotional email subscriptions.) Avoid disclosing the information to any third party without explicit consent from the concerned individual, and clearly state the purpose for which the information is being disclosed. (For example, a construction contractor has to provide a client’s information to a field expert to carry out plumbing or electrical work.) State that the individual can withdraw consent for the use of their information. Highlight the rights of access and rectification granted by law. Retain data only for a period that’s reasonably necessary. How to Write a Privacy Policy While specific regulations may not explicitly outline requirements in this matter, it’s best to have an easily accessible privacy policy that’s readily available to your clients. It should be written in straightforward language that’s easy to understand. It should include the following elements: A short description of your company’s activities and services. Include the name and contact information of the company responsible for collecting data (most likely your company but could also include a referral platform like ours). The name and contact information of the person(s) responsible for protecting personal information. Numbers 1-2-5-6-7 of the aforementioned list. The duration for which the collected data will be retained. The security measures implemented to protect information. The date the policy took effect and when it was last updated. What are the mandates imposed by Law 25? Source: Canva Since September 22, 2022, Quebec's Law 25 has modernized the legislative provisions concerning personal data protection, imposing new obligations on all individuals conducting business activities. Additional security regulations are set to be introduced in September 2023 and 2024. Since September 2022, you must: Appoint a data protection officer to oversee your company’s personal information protection and publish their contact information on your website (or any other media readily available if you don’t have a website). In the event of a privacy-related incident, promptly notify the Commission d'accès à l'information du Québec and all relevant parties, while maintaining an accurate and current log of such incidents. Obtain consent from the concerned individual prior to using their information for research, statistical analysis, commercial transactions, or any advertising and promotional purposes. As of September 22, 2023, you’ll need to: Apply policies regarding the governance of personal information, and state them in plain language on your website (or other communication methods). Write and publish a clear and concise privacy policy, particularly if you’re harvesting personal data through technology. Inform concerned individuals when they’re solely making a decision based on an automated process and when identification, location, or profiling technologies are employed. Destroy or render anonymous all personal information that’s no longer of use. Assess privacy factors when the law requires it and abide by new communication conditions, prior to divulging personal information outside of the province of Quebec, for example. Adhere to the latest regulations regarding obtaining consent for the collection, disclosure, or use of personal information belonging to minors or legal adults. Configure default settings to enforce the highest level of confidentiality and privacy. Comply with current personal information disclosure regulations to ease the grieving process. As of September 2024, you’ll need to: Provide all personal data collected through technology at the request of the concerned individual. The above-mentioned obligations regarding the protection of personal information apply regardless of the size of your company. Whether you employ 700 individuals, operate as a sole proprietorship, joint-stock company, or general partnership, all physical or artificial persons must adhere to their responsibilities by establishing and implementing best practices in terms of data protection. What’s cybercrime? Cybercrimes target your company’s confidential information and can manifest as the following: Malware that’s installed in incognito mode through apps or websites with the purpose of allowing a thief to access the content of your computer. Ransomware that blocks access to your computer and attempts to convince you to pay a sum of money to recover important data before it’s sold. Phishing uses more conventional methods, such as bogus emails or computerized calls intended to trick you into willingly providing personal information. Denial-of-service (DoS) attacks considerably increase the traffic on your website, making it virtually impossible for your clients to access. It’s a money-making technique that either asks you to pay to restore accessibility or sells you a bogus repair service. Rainbow tables access your server to get ahold of everyone’s information at once, then analyze password algorithms and gain access to an entire server. How to Protect Your Company’s Data Below are some valuable tips to help prevent cyber attacks. Regularly check your software Ensure that your operating system, software, and firewall are up to date, that your antivirus software is of the highest quality, and that your Wi-Fi network is secure. Identify any gaps in your data management and protection, and fine-tune your approach. If necessary, consult experts to find the right tools for your situation, and resolve any problems or potential cyber-security loopholes. Secure data internally Unfortunately, the threat of an untrustworthy individual within your immediate circle or company is a possibility. While countering such adversaries can be challenging, you have to establish effective measures to minimize the risk of data breaches. You could, for example, impose restrictions on computer access in your absence, prohibit USB keys, frequently reset passwords, deny former employees access to internal websites, and install software that logs who had access to what and when that occurred, etc. Furthermore, when hiring new talent, don't be shy about having them sign an ethical code and non-disclosure agreement (NDA). Educate yourself about data protection Train your employees about the risks of using technology outside a highly secure network. For example, logging on to a public network to find client information in your database or clicking on a pop-up ad aren’t recommended, nor is leaving your computer unattended in the presence of your children when you're getting ready to send a confidential email, and so on. Establish a cybersecurity protocol First, outline the steps to be taken, and identify whom to contact in the event of a security breach (police, banks, clients, suppliers, etc.). Then, systematically backup documents on the Cloud and an external hard drive. Likewise, all folders containing personal information should be encrypted, and their encryption keys kept off servers. Get cyber insurance Such insurance could prevent financial losses and crisis management issues, while also putting you in touch with a variety of experts (IT security experts, legal advisors, public relations specialists, etc.). This insurance could cover legal or mediation fees, partially refund your business operating losses, finance a client credit monitoring service, and even contribute to hiring a public relations firm if you require media communication. How to Protect Against Data Breaches Source: Canva As soon as you have reason to believe or are aware that your company's and/or your clients' personal data has been compromised, and that the situation involves a risk of significant injury, you must report it to the Privacy Commissioner of Canada and to the Commission d'accès à l'information du Québec. You should also inform all those concerned, and immediately log the incident in a database for a period of 5 years. Subsequently, put into practice measures to minimize the extent of the leak and prevent such an event from happening again. For example, you could recover or require the complete destruction of stolen personal information, then fine-tune your security methods and correct any shortcomings identified at the time of the incident. How to Provide Government Services with a Written Notice Include the following information: Company name and NEG (Quebec Enterprise Number). Name and contact information of the individual to contact in regard to the breach. Description of personal information involved. Circumstances of the incident, if possible. Date or period during which the breach occurred and when your company took notice. The number of individuals involved in the breach. List the elements that led you to believe that there was a serious risk of injury. Measures put in place to inform affected persons. Measures taken or planned to minimize the risk of a breach occurring to mitigate the impact of a breach and prevent your company's data protection from being jeopardized by another breach. How to Provide Those Involved with a Written Notice Include the following information: Name and contact information of the individual to contact in regard to the breach. Description of personal information involved. Circumstances of the incident, if possible. Date or period during which the breach occurred and when your company took notice. Advise provided by your company suggesting ways in which the affected person can reduce the risk of injury. Measures taken or planned to minimize the risk of a breach occurring to mitigate the impact of a breach and prevent your company's data protection from being jeopardized by another breach. Last but not least, besides the embedded links we've provided, here are a few other articles about construction IT that may be of interest: Construction Contractor: Why You Should Optimize Your Profile How to Create a Good Website for Your Home Renovation Company Renovation Contractor: Choosing an Estimation Software 6 Apps to Help You Run Your Renovation Business Contractors: Acquiring News Clients Through Social Media How to Use Artificial and Augmented Reality in Construction Industry

Adopting sustainable building practices in Quebec means aligning with the ongoing global evolution. Makenzie Lystrup, director of NASA’s Goddard Space Flight Center, emphasized this vision by taking an oath on Carl Sagan’s book, reminding us that our planet is but a small pale blue dot amidst the vastness of the universe. To safeguard our planet, proactive initiatives are essential—and one of these is green building—a significant step towards making a difference. Why opt for sustainable building in Quebec? Source: Canva Opting for green building in Quebec means actively contributing to limiting greenhouse gas emissions. In residential areas, it accounts for 10.1% of the province’s total emissions. Hence, green building is, more than ever before, necessary. School networks, municipal bodies, as well as companies are venturing into sustainable building. In the healthcare sector, 88% of institutions strive for energy efficiency. Nearly a third of all bids now include eco-friendly criteria. Ensuring the quality of the environment is paramount, but so is safeguarding its occupants. Companies functioning within the construction industry are no longer operating with blinders; they’re now prioritizing sustainable, high-performing, and safe building materials. What are the environmental standards for sustainable buildings? Source: Canva In Quebec, numerous organizations oversee green buildings. However, they, first and foremost, come up with assessment tools, guidelines, and handbooks, instead of standards, strictly speaking. The Government of Quebec brings to the forefront 6 organizations or handbooks to guide you into sustainable building practices: LEED Home CSA standard Z782-06 BOMA BEST Green Globes The Environmentally Responsible Construction and Renovation Handbook Guide des options écolos (Guide to Eco-Friendly Options) These initiatives all stem from Great Britain’s 1990 assessment, BREEAM (Building Research Establishment Environmental Assessment Method), the pioneering tool used to evaluate and certify buildings based on their environmental impacts. LEED Home This globally recognized certification program stands for Leadership in Energy and Environmental Design. It concerns: Building design Sustainable materials Buildings’ high-performing status This certification program operates on a points system awarding buildings with a platinum, gold, or silver rating. For existing buildings, the certification is valid for a period of 3 years, while new constructions are without an expiration date. CSA Standard Z782-06 This standard states the guidelines for design disassembly and adaptability in buildings. Its purpose is to encourage companies to minimize the environmental and social impact caused by their actions by promoting a circular system that reprocesses end-of-life materials. As a result, it mainly targets waste management. The guidelines established by this standard rely on the understanding of building performance in relation to environmental issues by construction industry stakeholders. It mainly targets: Architects Managers Property owners CSA standard Z782-06 doesn’t grant certifications. BOMA BEST This program is presented as a collection of standards and practices focused on making commercial buildings eco-friendlier. Hence, they aren’t legal standards, per se. As a matter of fact, BOMA Canada isn’t a branch of the Government of Quebec, but rather a national association representing commercial real estate agents. Companies are invited to participate on a voluntary basis. Its goal is to facilitate the assessment of buildings’ energy efficiency, as well as environmental management, by property owners and administrators. It’s intended for the following buildings: Commercial centres Office buildings Retail locations Healthcare institutions Residential buildings Light industry Program participation grants one of 5 BOMA BEST certifications. In Canada, 2,740 buildings have already been certified, of those, 410 are in Quebec. This certification is valid for 5 years but is lowered to 3 years for single-family dwellings. Green Globes Green Globes is a web-based assessment tool that’s primarily used in Canada and in the United States, and is organized into two distinct parts: New constructions Sustainable designs It mainly covers the following: Commercial buildings Institutions Residential buildings Schools Healthcare institutions Warehouses Green Globes has a unique twist: self-assessment. It’s an online questionnaire paired with a manual. Certain documents must be submitted via the platform, such as: Blueprints Building’s life cycle assessment Energy modelling Rainwater management etc. Green Globes has been used for more than 10 years in Canada and is certified by the General Services Administration (GSA), an American agency, which is responsible for assessing environmental building certification programs. The Environmentally Responsible Construction and Renovation Handbook Source: Canva When choosing sustainable building practices in Quebec, this handbook will provide clear guidance. It defines the materials and products that contribute to sustainable building practices and explains how to: Improve indoor air quality Reduce energy consumption Manage water Treat construction, demolition or renovation waste For example, to safeguard your health, avoid using carpets as they harbour numerous chemical products and aren’t CRI-certified (The Carpet and Rug Institute). Guide to Eco-Friendly Options Here’s another sustainable building guide (Guide des options écolos), this one was issued by the APCHQ, an association grouping 3,200 construction and renovation industry professionals in Quebec. Its goal is to provide individuals with accurate information regarding how to: Reduce their ecological footprint Manage their water consumption Limit their energy consumption Improve indoor air quality Reduce their greenhouse gas emissions Avoid wasting natural resources For instance, you can contribute to preserving natural resources by opting for eco-friendly carpets, FSC-certified lumber (Forest Stewardship Council), or choosing aluminum shingles. The service life of the latter is 40 years, compared to asphalt shingles’ 15 to 20 years. Sustainable Building Policies for Businesses Source: Canva Sustainable building relies on a societal change that can solely be achieved by the provincial government’s momentum. As a result, Quebec launched the Government Sustainable Development Strategy 2023-2028. This Strategy includes policies aimed at the participating industries to improve environmental quality: Sustainable construction Water management Material choices Indoor air quality The points mentioned above coincide with those monitored by certification organizations and those targeted by guides and handbooks we’ve already referenced. This goes to show that all construction industry stakeholders agree on the same guidelines and work together to promote the growth of sustainable building practices. Since 2002, Canada Green Building Council (CaGBC) encourages all building industry professionals to implement sustainable building practices in their projects. As part of this initiative, the CaGBC funds theses that focus on analyzing the life cycle of materials, waste management, or carbon tracking. Symposiums and conferences are centred around a circular economy. Most importantly, funding is allocated to businesses. As a result, the City of Montréal provides assistance to businesses engaged in construction and renovation projects that adhere to sustainable development principles. ESSOR is a provincial financial assistance program that helps growing businesses. One of its components is specifically designed to assist Quebec-based businesses in reducing their environmental footprint. Sustainable construction isn’t the sole focus of grants: Hydro-Québec provides funding of up to 3 million dollars to improve the industrial processes of businesses. The Fonds Ecoleader (eco-leader fund) provides up to $100,000 to help acquire clean technologies and develop eco-responsible business practices. The Ministère de l’Énergie et des Ressources Naturelles (Ministry of Energy and Natural Resources) offers up to 40 million dollars to help reduce GHG emissions. Recyc-Québec offers a grant of $400,000 to help businesses treat waste materials. Investissement Québec, partnering with the Compétivert initiative, assists businesses using clean technologies, and plans on funding between 1 and 5 million dollars. Information Regarding the Available Training Bâtiment Durable du Québec (BDQ) is the go-to organization for training courses. It unites no less than 600 members from all trades, providing genuine expertise on the matter of sustainable building in Quebec. The training offered by the BDQ is qualifying since it leads to non-specific LEED credits that meet the requirements of the U.S. Green Building Council. The training covers the whole construction industry: Life cycle of materials Zero carbon building standards Building’s shell Mechanical and electrical systems Green roofs Bioclimatic In addition, LEED and LEED v4 training courses are available.