A to Z

The OIPC has received several questions from organizations and individuals about keeping a customer list or contact log during the COVID-19 pandemic, particularly in retail locations and at restaurants. This advisory provides considerations to ensure that organizations comply with Alberta’s Personal Information Protection Act when making and keeping lists of customers and their contact information.

Verifying identity to prevent credit card fraud in the retail sector is a practice that has been endorsed not only by credit card companies and payment card processors, but also privacy commissioners. This fact sheet provides perspective on balancing privacy rights with the collection of personal information by organizations. Published in September 2007.

On September 22, 2014, the Commissioner wrote to the Ministers of Service Alberta and Justice and Solicitor General expressing concern about the time in which the government had to amend PIPA to ensure its validity following the Supreme Court of Canada's ruling that PIPA was unconstitutional.

On December 20, 2013, the Commissioner wrote the Ministers of Service Alberta and Justice and Solicitor General regarding the Supreme Court of Canada's (SCC) ruling that PIPA was unconstitutional. The SCC provided 12 months for the Legislative Assembly of Alberta to bring PIPA in line with the Canadian Charter of Rights and Freedoms.

This fact sheet provides seven points for organizations to remember when handling personal information. Updated in January 2018.

Note: On December 21, 2018, the Quebec Court of Appeal found sections 1 to 7 of the federal Genetic Non-Discrimination Act to be unconstitutional on the basis that they are outside of the Parliament of Canada’s jurisdiction over criminal law. This document will be updated in due course. In the meantime, please note that the content is not currently up-to-date. Summary: On May 4, 2017 Bill S-201, the federal Genetic Non-Discrimination Act, received Royal Assent. This is an important piece of legislation that both Houses of Parliament have agreed is necessary to protect Canadians from the adverse impacts of genetic discrimination. With the passage of the Genetic Non-Discrimination Act, Canadian law now prohibits any person from requiring an individual to undergo a genetic test as a condition of providing goods or services or entering into a contract. At the time of writing, the Federal Minister of Justice has announced her intention to refer the constitutionality of certain aspects of the Genetic Non-Discrimination Act to the Supreme Court of Canada. Until the Courts rule on this issue, the Genetic Non-Discrimination Act remains in effect. The Office of the Privacy Commissioner of Canada, the Office of the Information and Privacy Commissioners for British Columbia, Alberta and Quebec will continue to ensure compliance with applicable privacy legislation and protect Canadians’ privacy rights in a manner consistent with the laws in effect. Issued in December 2017.

This document outlines six principles to consider when planning for an information sharing initiative. The principles are transparency, legal authority, privacy impact assessments, access and correction, accountability and oversight. It also provides links to related documents. Published in June 2017.

The OIPC developed a frequently asked questions document based on issues between landlords and tenants under the Personal Information Protection Act. Published in March 2007.

This PowerPoint presentation is to be used by health custodians or their regulatory colleges and associations to train staff or memberships on the breach reporting obligations under HIA and to provide general guidance on managing a privacy breach. Published in August 2018.

This document was prepared by the OIPC to provide privacy impact assessment (PIA) drafting guidance to insurers who may decide to prepare and submit a PIA to the OIPC ahead of offering usage-based insurance (UBI) in the province of Alberta. Published in January 2016.

This guide is meant to assist public bodies, health custodians and organizations in drafting PIAs for projects that hat have privacy risks. Please note that all mention of legislation in this guide refers to the Health Information Act as there is a legislated duty to prepare privacy impact assessments (section 64 of HIA). Published in 2010.

This guidance is meant to help public bodies, health custodians and private sector organizations know how personal or health information may be shared during a pandemic or emergency situation. Privacy laws are not a barrier to appropriate information sharing in these circumstances. Updated in March 2020.

This brochure provides an overview of the functions of our office in regards to privacy laws in Alberta. Feel free to print for various meetings or events, or contact our office and we will provide you with printed copies. Published in June 2015.

The OIPC, jointly with the OIPC of B.C., the Retail Council of Canada and the Access and Privacy Branch of Service Alberta developed this document to address the specific threats and challenges to privacy compliance in the Canadian retail industry. Published in March 2007.

This practice note was developed for the OIPC's reviews and inquiries in which a respondent (public body, organization or custodian) to an access request has claimed solicitor-client privilege or litigation privilege. Published in December 2016.