OIPC Logo
  • Contact Us
  • Site Map
  • Privacy Policy

Joint Guidance

The OIPC is undertaking a review of its resources. If there is a resource from the previous website that is no longer available, please contact the office.

  • Captured on Camera: Street Level Imaging Technology, the Internet and You

    Street-level imaging technology may offer benefits, but these should not come at the cost of privacy. This fact sheet provides awareness on the use of such technology. Published in August 2010.

  • Cloud Computing for Small- and Medium-Sized Enterprises

    This guidance document, prepared jointly by the federal Office of the Privacy Commissioner and the Offices of the Information and Privacy Commissioner of Alberta and British Columbia is specifically intended to help small- and medium-sized enterprises understand what their privacy responsibilities are and to offer some suggestions to address privacy considerations in the cloud. Published in June 2012.

  • Collection of Driver's Licence Numbers Under Private Sector Privacy Legislation: A Guide for Retailers

    This guide is intended to help retailers navigate the privacy issues and risks related to driver’s licences and to encourage them to carefully consider whether they need any information from customer driver’s licences at all. Published in March 2007.

  • Direct-to-Consumer Genetic Testing and Privacy

    Note: On December 21, 2018, the Quebec Court of Appeal found sections 1 to 7 of the federal Genetic Non-Discrimination Act to be unconstitutional on the basis that they are outside of the Parliament of Canada’s jurisdiction over criminal law. This document will be updated in due course. In the meantime, please note that the content is not currently up-to-date. Summary: As direct-to-consumer genetic tests become increasingly available, particularly over the Internet, it is important to understand their privacy risks. This document explains some of the key privacy risks associated with these tests, informs individuals of their rights and encourages them to ask themselves a series of questions before buying one online. (This document opens as an external link.) Updated in December 2017.

  • Getting Accountability Right with a Privacy Management Program: At a Glance

    This document provides a snapshot of the full guide, "Getting Accountability Right with a Privacy Management Program". It briefly outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.

  • Getting Accountability Right with a Privacy Management Program

    This guide outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.

  • Guidance for the Use of Body-Worn Cameras by Law Enforcement Authorities

    The guidance is meant to assist law enforcement agencies, other public bodies or private organizations develop policies and procedures governing the use of body-worn cameras. This document was developed in partnership with information and privacy authorities from across Canada. Published in February 2015.

  • Guidelines for Obtaining Meaningful Consent

    Building on previous publications examining the current state of consent, including challenges and potential solutions, this document sets out practical and actionable guidance regarding what organizations should do to ensure that they obtain meaningful consent. It was jointly issued by the OIPC, the Office of the Privacy Commissioner of Canada and the Office of the Information and Privacy Commissioner for British Columbia. Published in May 2018.

  • Guidelines for Online Consent

    In partnership with the federal Office of the Privacy Commissioner and the Office of the Information and Privacy Commissioner of British Columbia, these guidelines were developed to address the issue of consent requirements under private sector privacy laws. Published in May 2014.

  • Guidelines for Overt Video Surveillance in the Private Sector

    To help organizations achieve compliance with private sector privacy legislation, the offices of the federal, B.C. and Alberta privacy commissioners developed these guidelines. In a question and answer format, this document sets out the principles for evaluating the use of video surveillance and for ensuring that its impact on privacy is minimized. Published in March 2008.

  • International Privacy Competency Framework for School Students

    This framework is intended to help educators teach students about responsible and ethical use of new technologies in the digital age. It is of general application meant to be adapted for local educational purposes, laws and regulatory approaches. Published in October 2016.

  • Is a Bring Your Own Device (BYOD) Program the Right Choice for Your Organization? Privacy and Security Risks of a BYOD Program

    In partnership with the Office of the Privacy Commissioner of Canada and the Office of the Information and Privacy Commissioner of British Columbia, these guidelines were published to address what organizations should consider when determining whether to implement BYOD. Published in August 2015.

  • Lesson Plan: Kids' Privacy Sweep

    Information for teachers and students in the form of a lesson plan to learn about personal information, privacy and privacy laws. Published in September 2015.

  • Lesson Plan: Getting Toothpaste Back in the Tube - A Lesson on Online Information

    A lesson plan for teachers and students where students watch a short video that compares getting rid of personal information online to getting toothpaste back in a tube. After a short discussion of visual analogies like this work, students discuss the meaning of the video - that information online is permanent - through a series of short scenarios. Finally, students create a simple animation that illustrates these principles. Published in January 2019.

  • Lesson Plan: Know the Deal - The Value of Privacy: Joint Guidance

    A lesson plan for teachers and students to introduce students to the idea that privacy is a fundamental human rights and that their personal information is valuable. The lesson focuses on the "economics" of personal information and that most "free" apps and online services make some or all of their revenue by collecting, and in some cases reselling, users' personal information. Students will watch a video that illustrates the idea that they they may be paying with their privacy and then discuss some of the ramifications of this. They will learn about tools and techniques for minimizing the personal information they should share and create a public service announcement that helps them and their peers "know the deal" about the value of privacy. Published in January 2019.

  • Photo Identification Guidance

    Verifying identity to prevent credit card fraud in the retail sector is a practice that has been endorsed not only by credit card companies and payment card processors, but also privacy commissioners. This fact sheet provides perspective on balancing privacy rights with the collection of personal information by organizations. Published in September 2007.

  • Policy Statement on the Collection, Use and Disclosure of Genetic Test Results

    Note: On December 21, 2018, the Quebec Court of Appeal found sections 1 to 7 of the federal Genetic Non-Discrimination Act to be unconstitutional on the basis that they are outside of the Parliament of Canada’s jurisdiction over criminal law. This document will be updated in due course. In the meantime, please note that the content is not currently up-to-date. Summary: On May 4, 2017 Bill S-201, the federal Genetic Non-Discrimination Act, received Royal Assent. This is an important piece of legislation that both Houses of Parliament have agreed is necessary to protect Canadians from the adverse impacts of genetic discrimination. With the passage of the Genetic Non-Discrimination Act, Canadian law now prohibits any person from requiring an individual to undergo a genetic test as a condition of providing goods or services or entering into a contract. At the time of writing, the Federal Minister of Justice has announced her intention to refer the constitutionality of certain aspects of the Genetic Non-Discrimination Act to the Supreme Court of Canada. Until the Courts rule on this issue, the Genetic Non-Discrimination Act remains in effect. The Office of the Privacy Commissioner of Canada, the Office of the Information and Privacy Commissioners for British Columbia, Alberta and Quebec will continue to ensure compliance with applicable privacy legislation and protect Canadians’ privacy rights in a manner consistent with the laws in effect. Issued in December 2017.

  • Privacy Emergency Kit

    This guidance is meant to help first responders, health custodians, government workers, organizations and citizens know how personal or health information may be shared during a disaster or emergency situation. Privacy laws are not a barrier to appropriate information sharing in these circumstances. The practices outlined are largely applicable to organizations in all Canadian jurisdictions. Published in May 2013.

  • Privacy in the Time of a Pandemic: Fact Sheet for Employees

    This fact sheet for employees to help them in knowing the information that employers can collect, use and disclose in both non-emergency and emergency pandemic situations. Published in October 2009.

  • Privacy in the Time of a Pandemic

    This guidance document was developed in response to a number of inquiries from businesses and organizations seeking clarification about how privacy laws apply in the private sector workplace during the H1N1 pandemic. This document is applicable for other pandemic situations. Published in October 2009.

  • Privacy Proofing Your Retail Business: Tips for Protecting Customers' Personal Information

    The OIPC, jointly with the OIPC of B.C., the Retail Council of Canada and the Access and Privacy Branch of Service Alberta developed this document to address the specific threats and challenges to privacy compliance in the Canadian retail industry. Published in March 2007.

  • Securing Personal Information: A Self-Assessment Tool for Organizations

    Organizations are required under law to take reasonable steps to safeguard the personal information in its custody or control from such risks as unauthorized access, collection, use, disclosure, copying, modification, disposal or destruction. This tool was designed to help organizations determine, "How well is your organization protecting personal information?" Published in March 2012.

  • Seizing Opportunity: Good Privacy Practices for Developing Mobile Apps

    This guidance was developed jointly by the Office of the Privacy Commissioner of Canada and the Offices of the Information and Privacy Commissioner of Alberta and British Columbia to draw attention to key privacy considerations when designing and developing mobile apps. Published in October 2012.

  • Use of Social Insurance Numbers by Private Sector Organizations

    This document was jointly developed by the Offices of the Information and Privacy Commissioner of Alberta and British Columbia to draw awareness to the privacy risks associated with the use of social insurance numbers by businesses and organizations. Published in April 2005.