Privacy Laws

The Personal Information Protection and Electronic Documents Act - PIPEDA

In Canada there are Privacy Laws that regulate how the sharing and storing of health records can occur.  There are Federal Regulations for all of Canada and then Provincial regulations in all of the provinces.  The Federal Laws are referred to as PIPEDA, which stands for The Personal Information Protection and Electronic Documents Act.   It is important that you as an individual or your clinic is compliant with these regulations.

The law requires that:

  • organizations must obtain an individuals consent when collecting, using, disclosing any individuals personal information.
  • people have the right to see and access any personal information that is being held by an organization
  • people have the right to challenge the accuracy of the personal information that is held by an organization.
  • personal information can only be used for the purpose that it was collected for. If the organization wants to use if for a different purpose they must get consent again.

In this way personal information is protected and safe-guarded against misuse.

The goal of this webpage is have all the links to each province's regulations in one place for ease of access.

 

Provincial privacy laws which are similar to PIPEDA

Many of the provinces have adopted privacy legislation that is very similar to the Federal PIPEDA in their rules surrounding the collection, use or disclosure of personal information. British Columbia, Alberta, Ontario, Quebec, New Brunswick, Nova Scotia, Newfoundland and Labrador are adopted private-sector privacy laws that are very similar to PIPEDA. It is important that you check with your provincial regulatory bodies to confirm you are abiding by the privacy regulations in your region.

Organizations in Northwest Territories, Yukon and Nunavut are under the Federal PIPEDA regulations.

Information that crosses borders

Any businesses that has any personal information that is crossing any provincial or national borders are bound by the rules of PIPEDA.

Federally regulated organizations

All Federally regulated organizations that conduct business in Canada are always subject to PIPEDA. The Act also applies to their employees’ personal information.

What is personal information?

Personal information about a person is as follows:

  • age, name, ID numbers, income, ethnic origin, or blood type;
  • opinions, evaluations, comments, social status, or disciplinary actions; and
  • employee files, credit records, loan records, medical records, existence of a dispute between a consumer and a merchant, intentions (for example, to acquire goods or services, or change jobs).

More information can be found at the PIPEDA website

 

British Columbia Privacy Laws

 British Columbia follows the PIPA, BC Persononal Information Protection Act 

You can also check with the Privacy Commissioner of BC

In Vancouver the phone number is 604-660-2421

Other areas of BC: 800-663-7867

Email: info@oipc.bc.ca

Alberta Privacy Laws

Alberta has the HIA - The Health Information Act.

As well clinics must complete a PIA - Privacy Impact Assessment

The Health Information Act states that the Privacy Impact Assessment must be submitted to the Office of the Information and Privacy Commissioner prior to implementing a new system or practice.

Clinics in Alberta can contact the OIPC  through phone or email. More resources are available at the OIPC website.

Phone: 780-422-6860

Email: generalinfo@oipc.ab.ca

Saskatchewan Privacy Legislation

Saskatchewan health records are regulated by HIPA - Health Information Protection Act

Saskatchewan's Office of Information and Privacy Commissioner can be contacted by

Phone: 306-787-8350

Toll free: 877-748-2298

Email: webmaster@oipc.sk.ca

 

Manitoba Privacy Legislation

Manitoba Clinics and Health Care professionals follow the PHIA - The Personal Health Information Act

In Manitoba the Access and Privacy Division can be contracted through the Manitoba Ombudsman by

Phone: 204-982-9130

Toll Free: 800-665-0531

Ontario Privacy Legislation

Ontario clinics and health care professionals follow the PHIPA - Personal Health Information Protection Act. According to Canada's Federal PIPEDA, Ontario's legislation has been deemed "Substantially Similar" to PIPEDA.

The Privacy Commissioner of Ontario can be contacted by:

Phone - Toronto Area: 416-326-3333.

Toll Free: 800-387-0073

Email: info@ipc.on.ca

 

Quebec Privacy Legislation

Québec follows the APPIPS - Act Respecting the Protection of Personal Information in the Private Sector. Here again the Quebec legislation has been deemed "Substantially Similar" to the Federal PIPEDA laws.

To contact the  Commission d’accès à l’information du Québec.

Quebec
Office 2.36
525, boul. René-Lévesque Est
Québec (Québec) G1R 5S9
Telephone: 418 528-7741
Fax: 418 529-3102
Montreal
Office 18.200
500, boul. René-Lévesque Ouest
Montreal (Quebec) H2Z 1W7
Telephone: 514 873-4196
Fax: 514 844-6170

Toll free phone: 1 888 528-7741
Email: cai.communications@cai.gouv.qc.ca

New Brunswick Privacy Legislation

Clinics and health care providers follow the PHIPAA - Personal Health Information and Access Act.  New Brunswick's privacy laws for health records have been deemed "Substantially Similar" to the Federal PIPEDA.

Contact the Office of the Integrity Commissioner by:

Phone: 506-453-5965

Toll Free: 877-755-2811

Email: access.info.privacy@gnb.ca

Office of the Integrity Commissioner

Phone: 506-457-7890

Fax: 506-444-5224

E-mail: oic-bci@gnb.ca

 

Newfoundland and Labrador Privacy Legislation

Newfoundland & Labrador clinics and health care providers follow the PHIA -Personal Health Information Act & Pharmacy Network Regulatons.  Newfoundland & Labrador privacy laws have been deemed "Substantially Simila" to the Federal PIPEDA legislation.

Contact information for the Office of the Information and Privacy Commissioner:

Phone: 709-729-6309

Toll Free: 877-729-6309

Email: commissioner@oipc.nl.ca

Nova Scotia Privacy Legislation

Nova Scotia clinics and health care providers follow the PHIA - Personal Health Information Act.  Nova Scotia legislation is "Substantially Similar" to Federal PIPEDA legislation.

Contac the Office of Information and Privacy Commissioner by

Phone: 902-424-4684

TTY: 800-855-0511

Toll-Free: 1-866-243-1564

Agency Website:
http://oipc.novascotia.ca

General Email:
oipcns@novascotia.ca

 

 

Prince Edward Island Privacy Legislation

Prince Edward Island follows the Federal PIPEDA legislation for all clinics and health care professionals handling health records.

Contact the Office of the Information and Privacy Commissioner by:

Phone: 902-368-4099

Email: assembly@assembly.pe.ca

Email karose@assembly.pe.ca.

Yukon Privacy Legislation

Yukon clinics and health care providers follow Federal PIPEDA.  Yukon also follows HIPMA- Health Information Privacy and Management Act for its health records.

 

Contact the Yukon Ombudsman, Information and Privacy Commissioner & Public Interest Disclosure Commissioner by:

Phone:  867-667-8468,

Toll free: 800-661-0408 (ext. 8468)

Email: info@ombudsman.yk.ca.

Fax: 867-667-8469

Northwest Territories Privacy Legislation

 

Northwest Territories clinics and health care providers follow the HIA - Health Information Act.  Due to it not being deemed "Substantially Similar" it also must adhere to PIPEDA.

Contact the Office of Information and Privacy Commissioner

Phone Number:       1-867-669-0976

Toll Free:                   1-888-521-7088

Fax Number:            1-867-920-2511

Email Address:        admin@atipp-nt.ca

 

 

Nunavut Privacy Legislation

Nunavut follows PIPEDA -The Personal Information Protection and Electronic Documents Act legislation

The Information and Privacy Commissioner of Nunavut follows PIPEDA for all provincial private sector privacy issues.

Contact the Information and Privacy Commissioner by:

Phone: 1-867-669-0976

Toll free: 1-888-521-7088

Fax: 1-867-920-2511

Email: admin@atipp-nu.ca