In order to effectively carry out our mandates as set out in the Access to Information and Protection of Privacy Act (ATIPPA, 2015) and the Personal Health Information Act (PHIA), the Office of the Information and Privacy Commissioner (OIPC) has two “lines of business”: Investigations; and Advocacy and Compliance.
Under both pieces of legislation, the Investigations branch handles access and privacy complaints, as well as own motion investigations, and prosecutions. This branch is also responsible for time extension requests and requests to disregard an access to information request under the ATIPPA 2015.
Similarly, under both Acts, the Advocacy and Compliance branch carries out privacy breach reporting, Privacy Impact Assessment (PIA) reviews, training and education. This branch also monitors compliance with the ATIPPA, 2015 through auditing of Public Bodies. Education initiatives include workshops/conferences and information sessions for public bodies (including coordinators), custodians and the general public. This branch also participates in educational activities designed to promote awareness of and compliance with the ATIPPA, 2015 and PHIA.