Privacy and your business
The way you treat your clients' information matters. In Canada, most businesses have to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) which regulates how you may collect, use and disclose the personal information you gather as you do business. Some provinces, territories and industry sectors are subject to other regulations.
Understand your privacy obligations under PIPEDA
Dealing with privacy breaches and complaints under PIPEDA
What happens if your business does not comply with PIPEDA or if you somehow fail to safeguard the information you collected? This information will help you understand what to do next.
Provincial and territorial privacy laws
In addition to PIPEDA, your business may have to comply with provincial and territorial privacy laws. This can include general privacy laws or privacy laws that deal with specific types of information (that is, health records) or specific industry sectors (for example, credit reporting agencies). In some cases, provincial legislation has been determined to be substantially similar to PIPEDA. If your provincial legislation is considered substantially similar to PIPEDA, you do not need to comply with PIPEDA and are only subject to your provincial laws.
Stay up to date on privacy issues
If your business deals with a lot of personal information, you should make sure that you stay up to date on developments and best practices related to privacy and personal information protection. In addition to staying in touch with your lawyer on these issues, visit the Office of Privacy Commissioner's website and follow the Twitter account @privacyprivee to keep up to date on issues related to privacy and personal information protection.