The OIPC is undertaking a review of its resources. If there is a resource from the previous website that is no longer available, please contact the office.
This webpage provides links to external resources about the European Union's General Data Protection Regulation (GDPR). The OIPC does not oversee the application of GDPR to Alberta organizations and cannot provide advice regarding compliance with GDPR. Alberta organizations may need to comply with GDPR if they have an establishment within the EU, or offer goods or services to individuals in the EU (regardless of payment) or monitor the behaviour of individuals in the EU.
Albertans believe strongly that it is important to protect privacy and the right to access information in Alberta. The survey, conducted in October 2017, showed that 95% of respondents believe it is important to protect the privacy of personal information, but only 27% felt more secure about the privacy of their own personal information today than they did five years ago. More than 90% of respondents felt it is important to protect their right to access information, although only 39% were confident about their ability to exercise that right. Published in November 2017.
The OIPC commissioned a general population survey to assess Albertans' awareness of and views on privacy issues. Published in August 2000.
This is an executive summary of the general population survey the OIPC had commissioned to assess Albertans' awareness of and views regarding privacy issues. Published in August 2000.
The OIPC commissioned a public opinion survey to assess Albertans' awareness of access and privacy issues and laws. Published in April 2013.
This guide outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.
This document provides a snapshot of the full guide, "Getting Accountability Right with a Privacy Management Program". It briefly outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.
On June 18, 2013, the Commissioner, in partnership with international privacy regulators, strongly urged Google to engage in dialogue with data protection authorities.
This paper analyzes various Canadian and international government sharing initiatives with a perspective on privacy. It provides a framework for analysis of these projects, identifies project risks and strategies to mitigate risks, and broadly examines actions taken to protect privacy in the context of multi-stakeholder citizen-centred information sharing projects. Published in January 2015.
This guide was developed to assess the safeguards in electronic health record (EHR) systems. Custodians and their EHR service providers may use this document to support a Privacy Impact Assessment on an EHR system, or to examine whether changes to a system comply with Health Information Act requirements. Published in June 2016.
This guide was developed to assess the safeguards in electronic health record (EHR) systems. Custodians and their EHR service providers may use this document to support a Privacy Impact Assessment on an EHR system, or to examine whether changes to a system comply with Health Information Act requirements. This is an editable version of the guide. Published in June 2016.
The guidance is meant to assist law enforcement agencies, other public bodies or private organizations develop policies and procedures governing the use of body-worn cameras. This document was developed in partnership with information and privacy authorities from across Canada. Published in February 2015.
This guide was developed to help businesses and organizations understand roles and responsibilities under PIPA during the collection, use, disclosure and safeguarding of personal information of clients and employees. Published in November 2008.
These guidelines were prepared to help licensees comply with PIPA and the Gaming and Liquor Act. The guidelines are an administrative tool intended to assist in understanding the legislation. Published in 2009.
The OIPC issued this high-level guidance document to assist public bodies, health custodians and private sector organizations and their staff in understanding that emails are records and should be managed in accordance with records management principles and the requirements of Alberta’s access to information and privacy legislation. Although the guidance provided in this document is directed at managing emails, the general principles may assist in managing records in other formats. Published in March 2019.
Copyright 2019 OIPC. All rights reserved.