If there is a resource that is no longer available, please contact the office.
This webpage provides links to external resources about the European Union's General Data Protection Regulation (GDPR). The OIPC does not oversee the application of GDPR to Alberta organizations and cannot provide advice regarding compliance with GDPR. Alberta organizations may need to comply with GDPR if they have an establishment within the EU, or offer goods or services to individuals in the EU (regardless of payment) or monitor the behaviour of individuals in the EU.
Albertans believe strongly that it is important to protect privacy and the right to access information in Alberta. The survey, conducted in October 2017, showed that 95% of respondents believe it is important to protect the privacy of personal information, but only 27% felt more secure about the privacy of their own personal information today than they did five years ago. More than 90% of respondents felt it is important to protect their right to access information, although only 39% were confident about their ability to exercise that right. Published in November 2017.
The OIPC commissioned a general population survey to assess Albertans' awareness of and views on privacy issues. Published in August 2000.
This is an executive summary of the general population survey the OIPC had commissioned to assess Albertans' awareness of and views regarding privacy issues. Published in August 2000.
The OIPC commissioned a public opinion survey to assess Albertans' awareness of access and privacy issues and laws. Published in April 2013.
This guide outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.
This document provides a snapshot of the full guide, "Getting Accountability Right with a Privacy Management Program". It briefly outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.
On June 18, 2013, the Commissioner, in partnership with international privacy regulators, strongly urged Google to engage in dialogue with data protection authorities.
This paper analyzes various Canadian and international government sharing initiatives with a perspective on privacy. It provides a framework for analysis of these projects, identifies project risks and strategies to mitigate risks, and broadly examines actions taken to protect privacy in the context of multi-stakeholder citizen-centred information sharing projects. Published in January 2015.
This guide was developed to assess the safeguards in electronic health record (EHR) systems. Custodians and their EHR service providers may use this document to support a Privacy Impact Assessment on an EHR system, or to examine whether changes to a system comply with Health Information Act requirements. Published in June 2016.
This guide was developed to assess the safeguards in electronic health record (EHR) systems. Custodians and their EHR service providers may use this document to support a Privacy Impact Assessment on an EHR system, or to examine whether changes to a system comply with Health Information Act requirements. This is an editable version of the guide. Published in June 2016.
The guidance is meant to assist law enforcement agencies, other public bodies or private organizations develop policies and procedures governing the use of body-worn cameras. This document was developed in partnership with information and privacy authorities from across Canada. Published in February 2015.
This guide was developed to help businesses and organizations understand roles and responsibilities under PIPA during the collection, use, disclosure and safeguarding of personal information of clients and employees. Published in November 2008.
These guidelines were prepared to help licensees comply with PIPA and the Gaming and Liquor Act. The guidelines are an administrative tool intended to assist in understanding the legislation. Published in 2009.
The OIPC issued this high-level guidance document to assist public bodies, health custodians and private sector organizations and their staff in understanding that emails are records and should be managed in accordance with records management principles and the requirements of Alberta’s access to information and privacy legislation. Although the guidance provided in this document is directed at managing emails, the general principles may assist in managing records in other formats. Published in March 2019.
Building on previous publications examining the current state of consent, including challenges and potential solutions, this document sets out practical and actionable guidance regarding what organizations should do to ensure that they obtain meaningful consent. It was jointly issued by the OIPC, the Office of the Privacy Commissioner of Canada and the Office of the Information and Privacy Commissioner for British Columbia. Published in May 2018.
In partnership with the federal Office of the Privacy Commissioner and the Office of the Information and Privacy Commissioner of British Columbia, these guidelines were developed to address the issue of consent requirements under private sector privacy laws. Published in May 2014.
To help organizations achieve compliance with private sector privacy legislation, the offices of the federal, B.C. and Alberta privacy commissioners developed these guidelines. In a question and answer format, this document sets out the principles for evaluating the use of video surveillance and for ensuring that its impact on privacy is minimized. Published in March 2008.
When organizations search for information about an individual, the collection, use and disclosure of that personal information is subject to the privacy provisions of PIPA. This guide urges organizations to understand the legal implications of conducting a background check using social media. Published in December 2011.
This document provides practical guidance to the insurance industry regarding the collection, use, disclosure and retention of personal information related to usage-based insurance programs. See also Privacy Impact Assessment Guidelines for Insurers Looking to Implement Usage-Based Insurance Programs in Alberta. Published in March 2021.
These guidelines are meant to assist organizations in fulfilling obligations under the Personal Information Protection Act when disconnecting energy services. Published in November 2011.
The purpose of this was to set out guidelines to follow when developing systems and procedures to maintain the confidentiality and integrity of personal information received and transmitted by fax. Published in October 2002.
Copyright 2021 OIPC. All rights reserved.