Private organizations

Private organizations


How does BC’s health sector respect your personal health information privacy? 

British Columbia’s health sector is mainly governed by two privacy laws. The first is the Freedom of Information and Protection of Privacy Act (FIPPA) which applies to government bodies including hospitals, health authorities, and clinics. The second is the Personal Information Protection Act (PIPA) which applies to the private sector offices of doctors and other […]

Read More


What are the key steps to respond to privacy breaches as an organization?

The Manitoba Ombudsman, in reference to suggestions made by the Office of the Information and Privacy Commissioner of Alberta, has developed a guidance sheet on how to respond to privacy breaches which will be relevant for any jurisdiction.   Summary of the key steps:  Containing the Breach  Change passwords + two-factor verification  Contact the office in […]

Read More


Do I have a right to my personal information from a private sector organization?

Private sector organizations generally must give you access to your personal information; however, there are exceptions, which differ depending on whether BC’s Personal Information Protection Act (PIPA), or the Federal Personal Information Protection and Electronic Documents Act (PIPEDA) applies to the organization.  Under PIPA, an organization may refuse to give you access to your personal […]

Read More


What happens if the private sector organization refuses access to my personal information?

If access to all or part of the information is refused by a private sector organization in BC, they must tell you the reasons for refusal, the section of Personal Information Protection Act (PIPA) that applies, and the contact information of an employee who can answer your questions about the refusal. They must also inform […]

Read More


Can I request my work emails from my past employer in BC?

Past employees can request all their work emails, as individuals have a right to their personal information; however, the disclosure of work emails will be subject to several exceptions. The rights and rules around accessing work emails largely depend on whether your previous employer was a private sector organization or a public body, and what […]

Read More


What is the No-Fly List / Passenger Protect Program?

Since 2001, the Canadian federal government has undertaken a startling number of programs and initiatives requiring the collection and sharing of vast amounts of previously uncollected personal information of Canadians. Many of these programs have been shown to have inaccuracies in the data resulting in demonstrably arbitrary decision-making.  The most recognizable program is the Passenger […]

Read More


What are the privacy risks of the No-Fly List?

The Privacy Commissioner of Canada has reviewed the Passenger Protect Program and has significant concerns about it. The Commissioner has said that the Passenger Protect Program involves the secretive use of personal information. Some problems include:  The process for putting an individual’s name on the list is secretive and not transparent  Individuals are not told […]

Read More


Do I have a right to access my health record held by a private sector healthcare provider?

You have the right to access your personal health information held by your healthcare provider. In general, your healthcare provider cannot refuse to let you see the information in your file, except if they believe that the access may put you or someone else at risk.   Typically, the easiest way to access your health records […]

Read More


How do I obtain my personal information from X body?

When requesting your personal information from a public body, one of the first things you should do is verify that the public body has the personal information you seek. Accessing information, even if it is your own, can sometimes be a long drawn-out process so it is important to verify they have it before starting […]

Read More


What privacy/access to information legislation is X body covered under?

In BC, the private sector and public sector are governed by separate freedom of information (FOI) and privacy legislation.   The Freedom of information and Protection of Privacy Act (FIPPA) regulates the FOI and privacy practices of organizations in the public sector. Public sector organizations (public bodies) covered by FIPPA include:  Ministries  The Office of the […]

Read More


Do I need to disclose my personal information if X private sector body is asking for it?

Private sector organizations can collect your personal information for legitimate and reasonable purposes; however, they must follow the personal information and privacy rules set out in the Personal Information Protection Act, which are based on the ten principles of privacy protection.  For example, the organization should identify the purpose for collecting personal information, including how […]

Read More


I am part of a private sector organization. What are my responsibilities regarding access to information/privacy?

Almost all BC organizations in the private sector fall under the ambit of the Personal Information Protection Act. For example, PIPA covers but is not limited to corporations, partnerships, individuals involved in a commercial activity (e.g., business that is not incorporated), charities, societies, and not-for-profits.   Under PIPA, private sector organizations have two main responsibilities, which […]

Read More