The Privacy Act gives Canadians the right to access personal information held by the government and protection of
that information against unauthorized use and disclosure.
This page provides links to the Privacy Act, its policy instruments and tools necessary for the administration of the legislation.
Act and Policy Instruments
- Privacy Act
- Privacy Regulations
- Policy on Privacy Protection – This policy replaces the Policy on Privacy and Data Protection (dated 1993) and all mandatory policy requirements contained in Implementation Reports issued up to the new policy's effective date.
- Directive on Privacy Impact Assessment - Privacy impact assessments provide a framework for ensuring that privacy is considered throughout the design or re-design of programs or services.
- Directive on Privacy Practices – Provides direction to facilitate the implementation and public reporting of consistent and sound privacy management practices for personal information under the control of government institutions.
- Directive on Privacy Requests and Correction of Personal Information – Provides direction to establish consistent practices and procedures for processing requests for access to or correction of personal information that is under the control of government institutions.
- Directive on the Social Insurance Number – Outlines specific restrictions on the collection, use, and disclosure of the social insurance number (SIN) by government institutions and specifies the processes for establishing policy authorization for a new collection or new consistent use of the SIN.
- Standard on Privacy and Web Analytics – Outlines the requirements when using Web analytics in accordance with sound privacy practices that safeguard the privacy of visitors to Government of Canada websites.
- Implementation Reports and Information Notices – Provide guidance on the interpretation and application of the Privacy Act and related policies.
Guidance, Best Practices and Tools
Links of Interest