Privacy

The Privacy Act gives Canadians the right to access personal information held by the government and protection of that information against unauthorized use and disclosure.

Ministers and heads of agencies are responsible for ensuring that their organizations comply with privacy legislation.

This page provides the privacy policies, directives, guidance, and tools necessary to administer the Privacy Act.

Act, Policies, and Guidance

• Privacy Act
• Policy on Privacy Protection – This policy replaces the Policy on Privacy and Data Protection (dated 1993) and all mandatory policy requirements contained in Implementation Reports issued up to the new policy's effective date
• Directive on Privacy Impact Assessment - Privacy impact assessments provide a framework for ensuring that privacy is considered throughout the design or re-design of programs or services.
• Directive on Privacy Practices – provides direction to facilitate the implementation and public reporting of consistent and sound privacy management practices for personal information under the control of government institutions.
• Directive on Privacy Requests and Correction of Personal Information – provides direction to establish consistent practices and procedures for processing requests for access to or correction of personal information that is under the control of government institutions
• Directive on the Social Insurance Number – Outlines specific restrictions on the collection, use, and disclosure of the social insurance number (SIN) by government institutions and specifies the processes for establishing policy authorization for a new collection or new consistent use of the SIN
• How to Develop a Personal Information Bank – Document to be developed
• Guidance document “Taking privacy into account Before Making Contracting Decisions” - provides advice to federal government institutions whenever they consider contracting out activities in which personal information about Canadians is handled or accessed by private sector agencies under contract
• Guidance on Preparing Information Sharing Agreements Involving Personal Information – provides advice in the consideration and development of information sharing agreements involving personal information shared with other governments within Canada and across international borders. 
• Best Practices Identified During the Implementation of the Privacy Impact Assessment Policy – Identifies practical tips and best practices for implementing the Privacy Impact Assessment Policy and Privacy Impact Assessment Guidelines into departmental day-to-day operations
• Cookies Guidelines – Guidance on the use of website cookies
• Fact Sheet: Policies on Access to Information and Privacy for Employees of Government Institutions – A quick reference tool on access to information and privacy (ATIP) for government institution employees
• Implementation Reports and Information Notices – Provide guidance on the interpretation and application of the Privacy Act and related policies
• Notice and Consent Guidelines – Explain how best to inform visitors to Government of Canada websites about what will be done with any personal information they volunteer over the Internet to a government program
• Personal Information Protection and Electronic Documents Act – Establishes rules that govern the collection, use, and disclosure of personal information for Canadian organizations other than the federal government
• Policy on Transfer Payments
• Privacy Impact Assessment (PIA) Audit Guide – Assists federal institutions in auditing the implementation of the Privacy Impact Assessment Policy (archived by Library and Archives Canada).
• Privacy Impact Assessment Guidelines – Provide a comprehensive framework for the completion of a privacy impact assessment
• Privacy Regulations - Direction relating to the implementation of the Privacy Act

Links of Interest – Information resources targeted to organizations that are central to the Access to Information Act, the Privacy Act, and the proactive disclosure initiatives

Toolkits – The toolkits are specially designed to provide access to information and privacy (ATIP) specialists with the resources necessary to help them do their jobs.

How to make a request for government information – Want to request government information? Learn how here.

Training and Learning – Training and learning activities are available for the Access to Information and Privacy Community. Check them out here!