If access to all or part of the information is refused by a private sector organization in BC, they must tell you the reasons for refusal, the section of Personal Information Protection Act (PIPA) that applies, and the contact information of an employee who can answer your questions about the refusal. They must also inform […]

The federal public body must tell you if they do not have the records you requested. If they know that another federal public body has them, they should transfer your request and let you know that it has done so. The new federal public body that received your request must then respond to you within […]

Past employees can request all their work emails, as individuals have a right to their personal information; however, the disclosure of work emails will be subject to several exceptions. The rights and rules around accessing work emails largely depend on whether your previous employer was a private sector organization or a public body, and what […]

BC Freedom of Information and Privacy Association (FIPA) is a non-profit organization whose goal is to empower citizens by increasing their access to information and their control over their own personal information. BC FIPA provides public assistance and public legal education.  BC FIPA cannot and does not provide legal advice.  Introduction  The legislation governing access […]

Since 2001, the Canadian federal government has undertaken a startling number of programs and initiatives requiring the collection and sharing of vast amounts of previously uncollected personal information of Canadians. Many of these programs have been shown to have inaccuracies in the data resulting in demonstrably arbitrary decision-making.  The most recognizable program is the Passenger […]

The purpose of your request is usually irrelevant; however, it may be necessary for you to prove your identity if you are requesting personal information.   A public body typically has a legal duty to assist individuals requesting information.   If your request doesn’t include enough detail, the organization should work with you to identify what you […]

The Privacy Commissioner of Canada has reviewed the Passenger Protect Program and has significant concerns about it. The Commissioner has said that the Passenger Protect Program involves the secretive use of personal information. Some problems include:  The process for putting an individual’s name on the list is secretive and not transparent  Individuals are not told […]

Private sector organizations generally must give you access to your personal information; however, there are exceptions, which differ depending on whether BC’s Personal Information Protection Act (PIPA), or the Federal Personal Information Protection and Electronic Documents Act (PIPEDA) applies to the organization.  Under PIPA, an organization may refuse to give you access to your personal […]

There is usually no fee for you to request your personal information. In some cases, a fee may apply to general information requests, but you have the right to file a complaint about the fee or request the fee to be waived for justified reasons.   For example, under BC’s Personal Information Protection Act, private sector […]

You have the right to access your personal health information held by your healthcare provider. In general, your healthcare provider cannot refuse to let you see the information in your file, except if they believe that the access may put you or someone else at risk.   Typically, the easiest way to access your health records […]

When requesting your personal information from a public body, one of the first things you should do is verify that the public body has the personal information you seek. Accessing information, even if it is your own, can sometimes be a long drawn-out process so it is important to verify they have it before starting […]

Private sector organizations can collect your personal information for legitimate and reasonable purposes; however, they must follow the personal information and privacy rules set out in the Personal Information Protection Act, which are based on the ten principles of privacy protection.  For example, the organization should identify the purpose for collecting personal information, including how […]