In order to effectively carry out our mandates under the Access to Information and Protection of Privacy Act, 2015 (ATIPPA, 2015) and the Personal Health Information Act (PHIA), the Office of the Information and Privacy Commissioner (OIPC) has two lines of business: Advocacy and Compliance and Investigations.
The Advocacy and Compliance branch has responsibility for those OIPC activities which fall outside of the Investigations branch, including:
- consulting and supporting public bodies and custodians who request it;
- conducting public body and custodian training, public education, and outreach;
- conducting audits of public body privacy and access to information practices;
- reviewing privacy impact assessments; and
- receiving and reviewing privacy breach reports.
This branch also promotes awareness of and compliance with ATIPPA, 2015 and PHIA.