Privacy Protection

the number dial on a safe or lockbox

As health professionals, we have access to sensitive information about patients…

We have access to sensitive information, and consequently, the law requires us to protect that information. The Health Professions Act states that as regulated health professionals, opticians must follow privacy and personal information legislation. Therefore, there are two legislative acts, PIPA and PIPEDA, with which we must comply.

 

 

Federal Legislation: PIPEDA

a blue maple leaf and the acornym "PIPEDA"

The Personal Information Protection and Electronic Documents Act…

PIPEDA is the Federal privacy legislation in Canada. This is a default legislation to use in the absence of provincial privacy legislation. In other words, in some provinces there are no specific rules for privacy. In those cases, the federal legislation is used. However, in Alberta, we have provincial privacy legislation that overrides the federal act in many instances.

 

 

Provincial Legislation: PIPA

the provincial flag of Alberta

The Personal Information and Protection Act…

PIPA is the Alberta privacy legislation that overrides the Federal privacy act. Basically, PIPA is the first line of defense for privacy concerns in Alberta; the act overrides PIPEDA where specific legislation exists, and allows the Federal act to fill in the blanks.

The main difference between the two acts is that PIPA legislation governs Provincial organizations, whereas PIPEDA governs Federal organizations; therefore, PIPEDA can be used in place of Provincial legislation only if the Provincial legislation is insufficient or non-existent.

 

 

What is PIPA?

 a cyber theif spies on a computer

And why do we need it?

Alberta’s Personal Information Protection Act sets out ground rules for how private organizations may collect, use or disclose information about you. Moreover, PIPA strikes a balance between someone’s right to control access to personal information, and an organization’s need to collect and use personal information for legitimate and reasonable purposes.

For example, a health professional needs to collect and store relevant medical information and test results. Likewise, a patient needs to feel confident that their information won’t fall into the wrong hands. Consequently, the privacy legislation ensures that this sensitive information will not be used, sold, or given out inappropriately. The public needs to trust us, and we need to protect them; that is why PIPA exists.

So, if an organization covered by the Act is not living up to its responsibilities under the law, the public can take the matter to the Information and Privacy Commissioner of Alberta.

 

 

Privacy Documents

 a skeleton key

Below is a list of relevant privacy documents and links that will help inform you…

 

Privacy Policy Statement

The Information and Privacy Officer

Freedom of Information and Protection of Privacy Act

Alberta College of Optometrists – Privacy Webpage

Privacy FAQ

ACAO Privacy Incident Response Plan