OIPC Logo
  • Contact Us
  • Site Map
  • Privacy Policy

Joint Guidance

The OIPC is undertaking a review of its resources. If there is a resource from the previous website that is no longer available, please contact the office.

  • Captured on Camera: Street Level Imaging Technology, the Internet and You

    Street-level imaging technology may offer benefits, but these should not come at the cost of privacy. This fact sheet provides awareness on the use of such technology. Published in August 2010.

  • Cloud Computing for Small- and Medium-Sized Enterprises

    This guidance document, prepared jointly by the federal Office of the Privacy Commissioner and the Offices of the Information and Privacy Commissioner of Alberta and British Columbia is specifically intended to help small- and medium-sized enterprises understand what their privacy responsibilities are and to offer some suggestions to address privacy considerations in the cloud. Published in June 2012.

  • Collection of Driver's Licence Numbers Under Private Sector Privacy Legislation: A Guide for Retailers

    This guide is intended to help retailers navigate the privacy issues and risks related to driver’s licences and to encourage them to carefully consider whether they need any information from customer driver’s licences at all. Published in March 2007.

  • Direct-to-Consumer Genetic Testing and Privacy

    As direct-to-consumer genetic tests become increasingly available, particularly over the Internet, it is important to understand their privacy risks. This document explains some of the key privacy risks associated with these tests, informs individuals of their rights and encourages them to ask themselves a series of questions before buying one online. (This document opens as an external link.) Updated in December 2017.

  • Getting Accountability Right with a Privacy Management Program: At a Glance

    This document provides a snapshot of the full guide, "Getting Accountability Right with a Privacy Management Program". It briefly outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.

  • Getting Accountability Right with a Privacy Management Program

    This guide outlines what is expected in a privacy management program in order to be accountable for the personal information in the custody or under the control of businesses and organizations. Published in April 2012.

  • Guidance for the Use of Body-Worn Cameras by Law Enforcement Authorities

    The guidance is meant to assist law enforcement agencies, other public bodies or private organizations develop policies and procedures governing the use of body-worn cameras. This document was developed in partnership with information and privacy authorities from across Canada. Published in February 2015.

  • Guidelines for Obtaining Meaningful Consent

    Building on previous publications examining the current state of consent, including challenges and potential solutions, this document sets out practical and actionable guidance regarding what organizations should do to ensure that they obtain meaningful consent. It was jointly issued by the OIPC, the Office of the Privacy Commissioner of Canada and the Office of the Information and Privacy Commissioner for British Columbia. Published in May 2018.

  • Guidelines for Online Consent

    In partnership with the federal Office of the Privacy Commissioner and the Office of the Information and Privacy Commissioner of British Columbia, these guidelines were developed to address the issue of consent requirements under private sector privacy laws. Published in May 2014.

  • Guidelines for Overt Video Surveillance in the Private Sector

    To help organizations achieve compliance with private sector privacy legislation, the offices of the federal, B.C. and Alberta privacy commissioners developed these guidelines. In a question and answer format, this document sets out the principles for evaluating the use of video surveillance and for ensuring that its impact on privacy is minimized. Published in March 2008.

  • International Privacy Competency Framework for School Students

    This framework is intended to help educators teach students about responsible and ethical use of new technologies in the digital age. It is of general application meant to be adapted for local educational purposes, laws and regulatory approaches. Published in October 2016.

  • Is a Bring Your Own Device (BYOD) Program the Right Choice for Your Organization? Privacy and Security Risks of a BYOD Program

    In partnership with the Office of the Privacy Commissioner of Canada and the Office of the Information and Privacy Commissioner of British Columbia, these guidelines were published to address what organizations should consider when determining whether to implement BYOD. Published in August 2015.

  • Kids' Privacy Sweep Lesson Plan

    Information for teachers and students in the form of a lesson plan to learn about personal information, privacy and privacy laws. Published in September 2015.

  • Photo Identification Guidance

    Verifying identity to prevent credit card fraud in the retail sector is a practice that has been endorsed not only by credit card companies and payment card processors, but also privacy commissioners. This fact sheet provides perspective on balancing privacy rights with the collection of personal information by organizations. Published in September 2007.

  • Policy Statement on the Collection, Use and Disclosure of Genetic Test Results

    On May 4, 2017 Bill S-201, the federal Genetic Non-Discrimination Act, received Royal Assent. This is an important piece of legislation that both Houses of Parliament have agreed is necessary to protect Canadians from the adverse impacts of genetic discrimination. With the passage of the Genetic Non-Discrimination Act, Canadian law now prohibits any person from requiring an individual to undergo a genetic test as a condition of providing goods or services or entering into a contract. At the time of writing, the Federal Minister of Justice has announced her intention to refer the constitutionality of certain aspects of the Genetic Non-Discrimination Act to the Supreme Court of Canada. Until the Courts rule on this issue, the Genetic Non-Discrimination Act remains in effect. The Office of the Privacy Commissioner of Canada, the Office of the Information and Privacy Commissioners for British Columbia, Alberta and Quebec will continue to ensure compliance with applicable privacy legislation and protect Canadians’ privacy rights in a manner consistent with the laws in effect. Issued in December 2017.

  • Privacy Emergency Kit

    This guidance is meant to help first responders, health custodians, government workers, organizations and citizens know how personal or health information may be shared during a disaster or emergency situation. Privacy laws are not a barrier to appropriate information sharing in these circumstances. The practices outlined are largely applicable to organizations in all Canadian jurisdictions. Published in May 2013.

  • Privacy in the Time of a Pandemic: Fact Sheet for Employees

    This fact sheet for employees to help them in knowing the information that employers can collect, use and disclose in both non-emergency and emergency pandemic situations. Published in October 2009.

  • Privacy in the Time of a Pandemic

    This guidance document was developed in response to a number of inquiries from businesses and organizations seeking clarification about how privacy laws apply in the private sector workplace during the H1N1 pandemic. This document is applicable for other pandemic situations. Published in October 2009.

  • Privacy Proofing Your Retail Business: Tips for Protecting Customers' Personal Information

    The OIPC, jointly with the OIPC of B.C., the Retail Council of Canada and the Access and Privacy Branch of Service Alberta developed this document to address the specific threats and challenges to privacy compliance in the Canadian retail industry. Published in March 2007.

  • Securing Personal Information: A Self-Assessment Tool for Organizations

    Organizations are required under law to take reasonable steps to safeguard the personal information in its custody or control from such risks as unauthorized access, collection, use, disclosure, copying, modification, disposal or destruction. This tool was designed to help organizations determine, "How well is your organization protecting personal information?" Published in March 2012.

  • Seizing Opportunity: Good Privacy Practices for Developing Mobile Apps

    This guidance was developed jointly by the Office of the Privacy Commissioner of Canada and the Offices of the Information and Privacy Commissioner of Alberta and British Columbia to draw attention to key privacy considerations when designing and developing mobile apps. Published in October 2012.

  • Use of Social Insurance Numbers by Private Sector Organizations

    This document was jointly developed by the Offices of the Information and Privacy Commissioner of Alberta and British Columbia to draw awareness to the privacy risks associated with the use of social insurance numbers by businesses and organizations. Published in April 2005.