Privacy
For Citizens
Alleged Breach of Privacy Reporting Form: for Affected Individuals/Complainants
Please complete this form if you have a privacy related complaint against a public body. Your complaint must involve personal information (PI) as provided for in The Freedom of Information and Protection of Privacy Act (FOIP) or The Local Authority Freedom of Information and Protection of Privacy Act (LA FOIP) and/or personal health information (PHI) as provided for in The Health Information Protection Act (HIPA).
IPC Guide to HIPA
This resource is a tool which can be used by trustees as a guide to interpreting The Health Information Protection Act (HIPA). The guidance provided is non-binding and every matter should be considered on a case-by-case basis. In some instances trustees may wish to seek legal advice.
Technology’s Impact Upon Employee Privacy
FOIP and LA FOIP provides employees of government institutions and local authorities with a right to informational privacy in the workplace. Technology has enhanced how workplaces can organize themselves and how to complete tasks. However, technology can have a significant impact upon employee privacy. The purpose of this document is to provide guidance to government institutions and local authorities on how they can collect, use, and disclose employee personal information.
Decisions of Administrative Tribunals – How Much is Too Much?
This resource is focused on administrative tribunals’ decisions that are published to the internet. The resource provides general non-binding advice and is only meant for consideration for administrative tribunals as they develop their policies and procedures on the publication of decisions to their websites.
How do I resolve a privacy complaint?
This flowchart explains the steps for resolving a privacy complaint in Saskatchewan.
Who to contact with concerns about the protection of your personal health information
Developed by the Privacy Commissioner of Canada, this resource is intended to help you identify which privacy protection authority to contact with concerns regarding the handling of your personal health information.
For Public Bodies
Best Practices for Transporting Personal Information (PI) and Personal Health Information (PHI) Outside of the Office
This resource provides public bodies with guidelines when transporting personal information and/or personal health information outside of the office. It outlines administrative, physical and technical safeguards that should be considered in order to protect that information.
Privacy Breach Investigation Questionnaire
This questionnaire is to be completed by the privacy officer for the government institution, local authority or trustee (public bodies) once it has completed its internal investigation of a breach of privacy.
Proactively Reported Breach of Privacy Reporting Form: for Public Bodies
Please complete this form to proactively report an alleged breach of privacy incident to the Office of the Saskatchewan Information and Privacy Commissioner (IPC).
Pandemic Binder
Statements and blogs by the Saskatchewan IPC during the COVID-19 Pandemic.
IPC Guide to HIPA
This resource is a tool which can be used by trustees as a guide to interpreting The Health Information Protection Act (HIPA). The guidance provided is non-binding and every matter should be considered on a case-by-case basis. In some instances trustees may wish to seek legal advice.
LA FOIP 101: What Municipalities Need to Know
This PowerPoint presentation was provided to participants of the UMAAS/RMAA 2019 Fall Workshops and provides an overview of The Local Authority Freedom of Information and Protection of Privacy Act (LA FOIP) and how it applies to Saskatchewan municipalities.
Best Practices for the Management of Non-Work Related Personal Emails in Work-Issued Email Accounts
This document is intended to provide general best practice advice to public bodies on the management of non-work related personal emails in work-issued email accounts to assist public bodies in meeting their access and privacy obligations.
eCommunication Guidelines
This document is intended to provide general advice to trustees on how to protect personal health information when using eCommunication.
Best Practices for Managing the Use of Personal Email Accounts, Text Messaging and Other Instant Messaging Tools
Considerations for public bodies when using personal email accounts, text messaging and other instant messaging tools for official business to ensure access and privacy obligations are met.
Technology’s Impact Upon Employee Privacy
FOIP and LA FOIP provides employees of government institutions and local authorities with a right to informational privacy in the workplace. Technology has enhanced how workplaces can organize themselves and how to complete tasks. However, technology can have a significant impact upon employee privacy. The purpose of this document is to provide guidance to government institutions and local authorities on how they can collect, use, and disclose employee personal information.
Guide to Creating an Internal Privacy Breach Investigation Report
This document assists public bodies and/or trustees in creating an internal privacy breach investigation report. It presents a series of questions that public bodies and/or trustees can use to assist them in investigating privacy breaches and preparing a privacy breach report.
Guidelines for Developing Codes of Ethics for Health Professional Organizations
These guidelines are designed to assist organizations and regulated professions in developing a code of ethics that addresses access and privacy considerations.
Audit and Monitoring Guidelines for Trustees
Developed by eHealth Saskatchewan and the Office of the Saskatchewan Information and Privacy Commissioner, the purpose of these guidelines is to assist trustees of personal health information in establishing a proactive audit and monitoring program.
Best Practices for Gathering Informed Consent and the Content of Consent Forms
This resource will assist government institutions, local authorities and trustees in gaining consent from individuals for the collection, use and disclosure of personal information and personal health information.
Best Practices for Information Sharing Agreements
It is essential that government institutions, local authorities, and trustees have written Information Sharing Agreements in place if collecting personal information and/or personal health information from another organization or if disclosing personal information and/or personal health information to another organization. This resource outlines best practices for Information Sharing Agreements.
Checklists for Trustees: Misdirected Faxes
This resource lays out steps a trustee should take if a fax containing personal health information is sent or received in error.
Sample Privacy Agreement for Trustees: Protection of Personal Health Information
This is a sample confidentiality agreement that can be used as a template by trustees. This agreement may cover employees, students, volunteers or service providers of the trustee.
Decisions of Administrative Tribunals – How Much is Too Much?
This resource is focused on administrative tribunals’ decisions that are published to the internet. The resource provides general non-binding advice and is only meant for consideration for administrative tribunals as they develop their policies and procedures on the publication of decisions to their websites.
Faxing Personal Information and Personal Health Information: Safeguards and Responding to a Breach
This guide is to assist public bodies and health trustees to ensure the necessary safeguards are in place when choosing to send personal information or personal health information by fax. It also provides a checklist of things to do when a misdirected fax is sent or received.
Helpful Tips: Mobile Device Security
This document is intended to provide general advice to organizations on how to protect personal information and personal health information when using mobile devices.
Privacy Impact Assessment Guidance Document
This resource will guide government institutions, local authorities, and trustees in identifying privacy impacts and solutions to ensure safeguards are in place to protect personal information/personal health information to the greatest extent possible as well as to ensure compliance with the applicable privacy legislation. This document is meant to be a guide and not a definitive method of conducting a PIA.
PIA Step 1 Preliminary Analysis
PIA Step 2 Define The Project
PIA Step 3 Privacy Analysis
PIA Step 4 PIA Report
Privacy Breach Guidelines for Government Institutions and Local Authorities
This document has two purposes. The first is to assist government institutions and local authorities to understand what a privacy breach is and how to deal with one. The second is to outline what to expect from a privacy breach investigation from the office of the Information and Privacy Commissioner (IPC).
Privacy Breach Guidelines for Trustees
This document has two purposes. The first is to assist health trustees to understand what a privacy breach is and how to deal with one. The second is to outline what to expect from a privacy breach investigation from the office of the Information and Privacy Commissioner (IPC).
Video Surveillance Guidelines for Public Bodies
These guidelines provide considerations for public bodies when deciding whether proposed or existing surveillance systems are lawful and for ensuring adequate safeguards are in place.
Yes, You Can
The Advocate for Children and Youth and the Information and Privacy Commissioner of Saskatchewan have worked together to develop this resource to clarify some common misunderstandings about privacy related to child protection and reporting. This resource aims to dispel the myths about sharing information with child protection workers and peace officers.
Report on Systemic Issues With Faxing Personal Health Information
Privacy Tools
Developed by the Ministry of Justice Access and Privacy Branch, these tools are designed to assist in the management of privacy within government institutions and local authorities in Saskatchewan.
For Elected Officials
MLA Guide to Protecting Personal Information
A guide to Part IV of FOIP for Members of the Legislative Assembly and their offices.
A Minister’s Guide to Protecting Personal Information
A guide to Part IV for Members of the Executive Council and their offices.
MLA Consent Form
This form enables a citizen to give consent to a Member of the Legislative Assembly to collect his/her personal information and/or personal health information from a public body.
MLA Consent Form Questions and Answers
This resource addresses some of the questions you may have about the MLA Consent Form.
What Councillors should know about LA FOIP
This resource was created for mayors, reeves and councillors of cities, towns, villages, municipalities, etc. It outlines the general principals of The Local Authority Freedom of Information and Protection of Privacy Act (LA FOIP). It also distinguishes between the local authority’s duties and responsibilities with respect to LA FOIP as well as clarifies the elected official’s role.