OIPC Logo

Practice Notes

If there is a resource that is no longer available, please contact the office.

  • Advance Rulings under the Personal Information Protection Act

    The OIPC developed these guidelines for an advance ruling under section 36(3) of PIPA. Updated in September 2017.

  • Authorization to Disregard Requests

    The Commissioner has the power to authorize a public body, custodian or organization to disregard certain access requests or correction requests made to the public body, custodian or organization. The criteria for authorizing a public body, custodian or organization to disregard a request or requests are set out in section 55(1) of the Freedom of Information and Protection of Privacy Act (FOIP Act), section 87(1) of the Health Information Act (HIA), and section 37 of the Personal Information Protection Act (PIPA). Published in June 2017.

  • Inquiry Procedures

    This document outlines the procedures when a matter before the OIPC goes to inquiry. Published in May 2012, and updated in September 2020.

  • Inquiry: Preparing Records at Issue

    This document describes what respondents must do in preparing records at issue for an inquiry. Published in September 2020, and replaced "Adjudication Practice Note 1: Preparing Submissions, Records and Indexes for Inquiries".

  • Inquiry: Preparing Submissions

    This document outlines how to prepare submissions for an inquiry. There are also tips for providing evidence and arguments in a written submission. Published in September 2020, and replaced "Adjudication Practice Note 2: Evidence and Arguments for Inquiries".

  • Netcare Expedited PIA Process

    This document outlines the process the OIPC adopted on August 1, 2014 for accepting Privacy Impact Assessments for Alberta Netcare, the province's electronic health record. This followed the release of a new guide issued by Alberta Health in January 2014. Published in August 2014, contact information within the document was updated in July 2016.

  • OIPC Process for Determining Whether to Require Notification

    Under PIPA, the Commissioner is required to establish an expedited process for determining whether to require an organization to notify individuals affected by a privacy breach when a real risk of significant harm to an individual is obvious and immediate. This document sets out that process. Updated in August 2018.

  • Privilege Practice Note

    This practice note was developed for the OIPC's reviews and inquiries in which a respondent (public body, organization or custodian) to an access request has claimed solicitor-client privilege or litigation privilege. Published in December 2016.

  • Reporting a Breach to the Commissioner

    This document is designed to assist organizations and custodians in meeting legislated requirements when reporting a privacy breach to the Commissioner. Public bodies are encouraged to use this document when reporting a breach to the Commissioner. Published in August 2018.

  • Request for Time Extension Under Section 14

    This document is intended to help public bodies understand when to consider a time extension request under sections 14(1) and (2) of the Freedom of Information and Protection of Privacy Act (FOIP Act) and how to complete the Request for Time Extension Under Section 14 Form (RFTE) for submission to the OIPC. Published in September 2016.

  • Review and Investigation Procedures

    The purpose of this document is to provide parties with a summary of the procedures under which reviews and investigations are conducted by the OIPC and the anticipated date for completion of the reviews and investigations.