If there is a resource that is no longer available, please contact the office.
This one-page tip sheet is based on the OIPC's Guidelines for Managing Emails. This guidance was issued to assist public bodies, health custodians and private sector organizations and their staff in understanding that emails are records and should be managed in accordance with records management principles and the requirements of Alberta’s access to information and privacy legislation. Published in March 2019.
The OIPC released a report on its review of the ABTraceTogether contact-tracing application privacy impact assessment (PIA), given the global attention focused on contact-tracing apps during the COVID-19 pandemic. The PIA was submitted by Alberta Health, and endorsed by Alberta Health Services. The OIPC accepted the PIA, with recommendations.
This document provides guidance on how to prepare an Access Impact Assessment for proactive disclosure of information. Published in September 2016.
This brochure provides an overview of the functions of our office in regards to access to information laws in Alberta. Feel free to print for various meetings or events, or contact our office and we will provide you with printed copies. Published in June 2015.
On August 24, 2004, the Commissioner provided an addendum to the submission that was sent on August 5, 2004.
This was a presentation at the Forum on the Application of Solicitor-Client Privilege on February 10, 2009.
This document defines how evidence and arguments are defined for inquiries before the OIPC. Published in May 2012.
This practice note outlines the procedures when a matter before the OIPC goes to inquiry. Published in May 2012.
The instructions provided in this practice note regarding records and indexes apply to public bodies, organizations and custodians in inquiries that involve their refusal to disclose information in response to an access request. Published in May 2012.
The OIPC developed these guidelines for an advance ruling under section 36(3) of PIPA. Updated in September 2017.
This advisory outlines how electronic communications with patients can improve efficiency, what the risks of electronic communications are, what steps custodians can take to mitigate those risks, and the policy and privacy impact assessment requirements that must be considered when communicating with patients electronically. This advisory consolidates two previous documents that were published in August 2012. This advisory was published in June 2019.
This advisory was developed to assist senior leaders and employees in all sectors who are regularly subject to phishing incidents, based on breach reports the OIPC receives. The advisory defines phishing, describes how phishing is executed, outlines what to watch for to prevent phishing incidents, gives examples of safeguards to help mitigate the risks of phishing, and provides an overview of what to do if and when a breach occurs. Published in May 2019.
This advisory was developed to assist public bodies, health custodians and private organizations with preventing and responding to ransomware cyberattacks. Published in March 2016.
This advisory is meant to assist school boards, private schools and their employees in identifying their authority to disclose a student’s participation in a GSA or other voluntary student organization, if considering doing so. The advisory also discusses student privacy rights, especially for mature minors, and outlines how they can exercise their rights if they feel a school has improperly disclosed their personal information. Published in June 2019. Updated in September 2019 to reflect the coming into force of the Education Act, which replaced the School Act.
This guide outlines the rights afforded to Albertans under the Health Information Act with regard to Alberta Netcare, the province's electronic health record system. Published in May 2013.
Copyright 2020 OIPC. All rights reserved.