Canada Pipeda: Prohibited - The free to use privacy research database

Short TitleThis Act may be cited as the Personal Information Protection and Electronic Documents Act.

1 - Short Title

PART 1Protection of Personal Information in the Private Sector

Interpretation

2 - Definitions

Purpose

Application

4 - Application 4.01 - Business contact information 4.1 - Certificate under Canada Evidence Act

DIVISION 1Protection of Personal Information

5 - Compliance with obligations 6 - Effect of designation of individual 6.1 - Valid consent 7 - Collection without knowledge or consent 7.1 - Definitions 7.2 - Prospective business transaction 7.3 - Employment relationship 7.4 - Use without consent 8 - Written request 9 - When access prohibited 10 - Sensory disability

DIVISION 1.1Breaches of Security Safeguards

10.1 - Report to Commissioner 10.2 - Notification to organizations 10.3 - Records

DIVISION 2Remedies

Filing of Complaints

11 - Contravention

Investigations of Complaints

12 - Examination of complaint by Commissioner 12.1 - Powers of Commissioner

Discontinuance of Investigation

Commissioner's Report

Hearing by Court

14 - Application 15 - Commissioner may apply or appear 16 - Remedies 17 - Summary hearings

Compliance Agreements

17.1 - Compliance Agreements 17.2 - Agreement complied with

DIVISION 3Audits

18 - To ensure compliance 19 - Report of findings and recommendations

DIVISION 4General

20 - Confidentiality 21 - Not competent witness 22 - Protection of Commissioner 23 - Consultations with provinces 23.1 - Disclosure of information to foreign state 24 - Promoting the purposes of the Part 25 - Annual report 26 - Regulations 27 - Whistleblowing 27.1 - Prohibition 28 - Offence and punishment *29 - Review of Part by parliamentary committee

DIVISION 5Transitional Provisions

30 - Application

PART 3Amendments to the Canada Evidence Act

52 to 57 - [Amendments]

PART 4Amendments to the Statutory Instruments Act

58 and 59 - [Amendments]

PART 5Amendments to the Statute Revision Act

60 to 71 - [Amendments]

PART 6Coming into Force

*72 - Coming into force

SCHEDULE 1Principles Set Out in the National Standard of Canada Entitled Model Code for the Protection of Personal Information, CAN/CSA-Q830-96

4.1 - Principle 1: Accountability 4.2 - Principle 2: Identifying Purposes 4.3 - Principle 3: Consent 4.4 - Principle 4: Limiting Collection 4.5 - Principle 5: Limiting Use, Disclosure, and Retention 4.6 - Principle 6: Accuracy 4.7 - Principle 7: Safeguards 4.8 - Principle 8: Openness 4.9 - Principle 9: Individual Access 4.10 - Principle 10: Challenging Compliance

SCHEDULE 2Acts of Parliament

Table - Acts of Parliament

SCHEDULE 3Regulations and Other Instruments

Table - Regulations and Other Instruments

SCHEDULE 4Organizations

Table - Organizations

(3) Unless otherwise prohibited by law, an organization shall notify an individual of any breach of security safeguards involving the individual’s personal information under the organization’s control if it is reasonable in the circumstances to believe that the breach creates a real risk of significant harm to the individual.