The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.

Search this blog

Recent Posts

On Twitter

About this page and the author

The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.

For full contact information and a brief bio, please see David's profile.

Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.

David Fraser's Facebook profile

Privacy Calendar

Archives

Links

Subscribe with Bloglines

RSS Atom Feed

RSS FEED for this site

Subscribe to this Blog as a Yahoo! Group/Mailing List
Powered by groups.yahoo.com

Subscribe with Bloglines
Add to Technorati Favorites!

Blogs I Follow

Small Print

The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.

This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.

Thursday, May 28, 2009

Managing privacy in employee relations 

I was invited to co-chair and present at the Canadian Institute's "Meeting Your Privacy Obligations" conference in Toronto. My presentation was specifically about managing privacy in the workplace, which is below if you're interested.

Here's a link if Google Docs aren't giving you due respect: Managing Privacy in Employee Relations

I have to say it was one of the best conferences of its kind that I've been to recently. The stellar speakers included Federal Privacy Commissioner Jennifer Stoddart, Alberta Information and Privacy Commissioner Frank Work and fellow bloggers Brian Bowman and Dan Michaluk. (Note: If you're reading my blog, you'll find theirs to be equally interesting and useful. So after you've read all my postings, head over there ...)

Labels: , , , , , ,

Saturday, April 18, 2009

Presentation on Twittering Lawyers 

Vancouver Skyline

I was honoured to be invited to the ABA Business Section's spring meeting in Vancouver to give a presentation on Twitter and Lawyers. For those who are interested, here's the presentation:

If Google isn't showing you proper respect, here's a PDF of the slides: http://www.privacylawyer.ca/blog/twittering_lawyers.pdf.

Labels: , ,

Tuesday, February 03, 2009

Cross-border laptop searches: the view from Canada 

I had the opportunity this morning to speak at the Ontario Bar Association's annual CLE extravaganza on the topic of cross border laptop searches. I was joined by David P Sanders of Williams Mullen in Washington, DC.

For those who may be interested, here is my presentation that was given at the session:

The ultimate conclusion is that Canadian border authorities have similar powers to search your laptop when you cross into Canada.

In case Google Documents isn't being helpful, here it is as a PDF: Border searches - OBA Institute - DFRASER.pdf.

Labels: , , ,

Sunday, June 29, 2008

Cross-border movement of personal health information 

Earlier this week, I co-chaired Insight Information's conference on electronic health records here in Halifax. I was very pleased to see a lot of expertise in privacy developing in Atlantic Canada, which is necessary as Nova Scotia, New Brunswick and Newfoundland move towards developing and implementing health privacy laws and as electronic health record projects are driving forward.

I gave a presentation on the mess and uncertainty related to the cross-border movement of personal health information in Canada. The complicated overlap of laws that we see in provinces such as Nova Scotia is compounded when the information is disclosed out of the province.

If you're interested, the presentation is here and can be flipped through below:

Labels: , , , ,

Monday, April 21, 2008

Liveblogged at Leg@l IT 2008 — Social Networking and Privacy 

I've never been liveblogged before, but there's a first time for everything. I'm currently in Montreal at http://legalit.ca/en/2008program. I had the honour of being on a panel with the Privacy Commissioner of Canada, Jennifer Stoddart, and Professor Pierre Trudel.

My presentation from this morning was summarized by Patrick Cormier on Slaw.ca. See: Slaw - Social networking and privacy

.

You can see my PowerPoint slides here: http://docs.google.com/Presentation?id=ddpx56cg_107g8chjhff

.

Labels: , , ,

Saturday, January 12, 2008

Identity Theft and Privacy Laws 

Yesterday, I gave a presentation with S/Sgt Al Langille of the RCMP at the Canadian Bar Association - Nova Scotia's annual professional development conference on ID theft and privacy laws. If you're interested, the presentation is here:

Labels: , ,

Friday, November 30, 2007

Law enforcement access to personal information 

Today I had the privilege of speaking at the annual professional development event of the Nova Scotia Criminal Lawyers Association, in association with the Nova Scotia Barristers' Society. The theme of the conference was very privacy-centric: Listening, Snooping and Searching: What's Right, What's Wrong.

I was also privileged to speak alongside S/Sgt Al Langille of the RCMP's integrated technology crime unit. He is a thirty-year veteran of law enforcement, including fifteen in technology crimes and computer forensics. A great guy and very privacy conscious.

My presentation, for those who may be interested, is here: http://docs.google.com/Presentation?id=ddpx56cg_48hcdnqv.

Labels: , , , , , , , ,

Tuesday, October 30, 2007

Privacy and pre-employment screening 

Yesterday, I spoke at the McInnes Cooper labour and employment group's annual conference. It's been going on for years, but it was my first time to attend. I was greatly impressed with the turnout of more than two hundred attendees.

I gave a presentation on privacy and pre-employment screening, which is here: Pre-employment screening.

Labels: , ,

Friday, October 26, 2007

Privacy and Personal Health Information 

I spoke with the Health Law class at Dalhousie Law School about personal health information today. It focuses mainly on the situation in Nova Scotia, where we don't yet have personal health information legislation. Private practice physicians, physiotherapists, dentists, etc. are still subject to PIPEDA.

My presentation is here, if you're interested.

Labels: , ,

Thursday, October 25, 2007

Privacy and Law Enforcement 

I was invited to be the keynote speaker at a half-day session put on today by the Canadian Bar Association - New Brunswick. I spoke about the current law related to the law enforcement access to personal information and a an update on what's happing with "lawful access". Here's the presentation: click here (google Docs) or here (pdf).

I tried embedding it but it only worked if you are logged into a google account, which wasn't my intention.

Labels: , , , , , ,

Wednesday, May 30, 2007

Workplace privacy issues - Facebook and blogs 

I'm currently in Toronto, co-chairing the Canadian Institute's conference on Privacy Compliance. I gave a presentation today on workplace privacy issues, which is available here. My co-presenters did a good job of canvassing many of the issues, so I got to have a bit of fun talking about the privacy aspects of reading employees' blogs and facebook pages.

Labels: , , ,

Friday, March 09, 2007

Privacy, customer information and law enforcement 

I had the honour of being asked to give a presentation for today's Dalhousie Student Association for Law and Technology conference. I spoke on the topic of privacy, customer information and law enforcement (200k PDF).

I was on a panel with a federal prosecutor and was surprised that we were in substantial agreement on the relationship between private businesses and law enforcement.

The rest of the day was great, as it included such heavyweights in IT law as Rod Burgar, Don Johnston, Duncan Card, Sunny Handa.

Labels: , , ,

Saturday, October 14, 2006

Information privacy laws and clinical department administrators 

Yesterday, I had the opportunity to speak at the annual conference of Canadian clinical department administrators from teaching hospitals. The members of this group have an interesting situation, usually occupying positions in both the university and the hospital while coordinating contractor-physicians. This leaves them often having to deal with overlapping privacy laws. To use Nova Scotia as an example, the hospitals and the universities are subject to the information privacy obligations of the Freedom of Information and Protection of Privacy Act. At the same time, the hospital part of their jobs are subject to the provisions of the Hospitals Act governing patient records. Increasingly, they are dealing with incorporated groups of physicians who are contracted to provide particular services to the univesity and the hospital. These groups are (at least partially) subject to PIPEDA. It's a bit of a mess and the discussion following the formal presentation was very interesting. Here's a copy of my presentation, if you're interested.

Labels: ,

Wednesday, September 27, 2006

Presentation: Privacy and Health Information 

I was invited to speak today at the Atlantic Health Information Systems (AHIS) annual conference at White Point Beach Resort. The topic - surprise! - was privacy and health information systems. The presentation was an overview of the overlapping laws that govern health information in Nova Scotia and the rest of Atlantic Canada. I promised that I'd make the presentation available on my blog, so here it is: AHIS2006.html.

Labels: , ,

Tuesday, May 30, 2006

E-mail issues causing headaches 

This morning, Toby Keeping of IronSentry and I gave a presentation on business and legal risks of e-mail and other electronic information at the Westin in Halifax. The Chronicle Herald is running a story on the topic, based interviews with Toby and me. Check it out: The ChronicleHerald.ca - E-mail issues causing headaches: Firms search for security in electronic age. E-mail me for a copy of the presentation.

Labels: , , , ,

Wednesday, March 08, 2006

Presentation on ID theft 

For readers who are in Halifax:

The Law and Technology Institute at Dalhousie Law School and the McCarthy Tétrault Eminent Speakers Series presents Don McGowan, Corporate Counsel for Microsoft, Redmond, Washington who will be giving a presentation on: “ID THEFT: ON THE INTERNET, NO ONE KNOWS YOU’RE A DOG”.

This Thursday (March 9, 2006) from noon until 1:30 p.m. in Room 105 of the Weldon Law Building.

Labels: , ,

Friday, January 20, 2006

Legal conflicts for bloggers 

Off topic, but ...

This past week, a colleague and I gave a presentation on blogs and blogging to the Halifax Association of Law Librarians. We covered the usual topics, including an overview of some of the good legal blogs out there, RSS, aggregators, etc.

But I also talked about an issue that has been a concern to me since I started this blog but I really haven't heard any discussion of it among the dozens of legal blogs that I follow: conflicts and blogging. Legal ethics say that a lawyer can't reveal the identity of a client or do anything that may be prejudicial to a client, except with the client's consent. See Rule 22 of the Nova Scotia Legal Ethics and Professional Conduct Handbook.

In this blog, I usually post about articles and incidents of interest that have a privacy angle. If I see an article or another blog post that deals with privacy, I'll post a link to it. I hope that this blog is "one stop shopping" for everything of interest related to Canadian privacy law. But it simply can't be. From time to time, a story hits the media that involves a client of my firm. Also, from time to time, I'll get a call from someone in the media asking to comment on a privacy story that involves a client. I always decline to link to the story or to make the comment. Unless I have the client's OK. (Which I've gotten from time to time, particularly if the result of the matter is public knowledge.)

It is a real challenge and something to be very mindful of. I work in a firm with almost 200 lawyers, with six offices in four jurisdictions. We also are Atlantic Canadian counsel to many of the largest companies operating in North America. Our securities group does agency work on behalf of loads of public companies that require registration in Atlantic Canada. If a lawyer in one of our New Brunswick offices does work for the Canadian subsidiary of a huge insurance company, that company is a client and I have to keep my mouth shut. Even if it may be borderline or in a grey area, I have to err on the side of caution.

I would be very interested to hear the thoughts of other legal bloggers out there on this topic. I think this is an important topic that could bear some informed discussion.


UPDATE:

I solicited Alan Gahtan's thoughts on this subject, which he has posted on Gahtan's Technology and Internet Law Blog:

"My view is that lawyers who publish, whether through a blog or through more traditional print media, operate under a disability. They must not disclose client confidences and must not advocate a position that is contrary to their client’s interests. The magnitude of the disability is proportionate to the size of the firm that a particular lawyer practices with since conflicts are “shared” among the lawyers of a firm. It is less of a problem when the lawyer’s publishing activities involve ad hoc articles as opposed to the operation of a website or blog that tries to cover all developments in a particular area. I’m not a legal ethics expert but my view is that simply reporting other information that is already public should not create a legal conflict (although I can see that it could create a business conflict with a particular client). However, it does mean that the blogging lawyer will be limited in their ability to comment on a particular news item if such comment would be detrimental to the interest of a client of the firm. It likely also means that any third party comments will also need to be filtered so that they do not contain any content that is detrimental to any such client. "

I like the use of the term that we lawyers are blogging "under a disability." Our hands our tied and our lips are always sealed, but this isn't unique to the blogging environment. Lawyers always have very juicy gossip but have to keep their mouths closed at cocktail parties. Blogging lawyers also have to be mindful not to aliente present and prospective clients with their blog content. I try to be as even-handed and balanced as possible, with the minimum of personal and political opinion (which is distinct from professional opinion).

There have been a number of times when I've had to remain silent when clients have appeared in the news, even though I have no immediate knowledge of the incident (for example, if its US branch is in the news). There have also been cases when the clients have had positive privacy-related publicity, but it is not my place to speak for or about them without permission. But when it does not inovolve a client, I think I am free to link to public information even though my firm has clients in the same industry with similar business issues.

Thanks Alan, Rob, David and DP Thinker for the comments, above and below.

Technorati tags: legal ethics :: blogging :: blogs :: lawyers :: legal profession

Labels: , ,

Monday, October 24, 2005

Privacy and Insurance Claims 

I was recently invited by the Canadian Bar Association - Nova Scotia's Insurance Law subsection to give a presentation on privacy laws and insurance claims, focusing on where we are now that PIPEDA has been in force for almost two years. The two principal themes were video surveillance and access to the claims file. You can download a pdf of the presentation here if you are interested: Privacy and Insurance Claims.

Labels: , , , ,

Saturday, October 15, 2005

Privacy in the healthcare milieu 

On Thursday night, I had the pleasure of giving a presentation alongside Nancy Milford (of the Nova Scotia Health Organizations Protective Assoc.) to the Nova Scotia Medical-Legal Society on issues related to consent and the release of patient information. The group is composed of lawyers and medical professionals who have an interest in health law. Almost all of them had very interesting questions on how PIPEDA is being applied (and should be applied) in the healthcare context. If you're interested in a copy of the materials, send me an e-mail at david.fraser@mcinnescooper.com.

Labels: , , ,

Wednesday, October 12, 2005

Liability and Pharmacy Practice 

I've been invited to speak on October 30 at the Fall Refresher for the Nova Scotia College of Pharmacists on privacy liability and pharmacy practice. The brochure for the full, two-day event is available here. If you are interested in the presentation materials, e-mail me at david.fraser@mcinnescooper.com.

Labels: , ,

Tuesday, February 22, 2005

Privacy and Investigations 

This morning, I gave a presentation on privacy and investigations by professional regulators as part of an InfoNex conference on professional regulation and discipline. A PDF of the materials are here for all who may be interested.

Labels: , ,

Saturday, January 29, 2005

Presentation to Meeting Professionals International 

On January 13, 2005, I led a roundtable discussion on privacy laws for the Ottawa chapter of Meeting Professionals International. The focus was on how those in the event planning industry should approach privacy laws. The event itself had a very interesting format: there were more than a dozen tables going at the same time, each on a different topic. Attendees signed up for their preferred choice when they arrived. Infolink, one of the sponsors, prepared a precis of each roundtable, including mine, which is available here.

As one would expect, the meeting was amazingly well planned....

Labels: , ,

Saturday, November 27, 2004

Privacy Presentations Galore! 

Phew! It has been a busy week. I flew back from Vancouver on Monday and hit the ground running. I gave four presentation this week, all of which are available for download for anyone who is interested.

I think I only have one presentation next week, but it's in Toronto. I'm getting too scared to look at my calendar, these days ...

Labels: , , ,

Wednesday, November 24, 2004

Presentation for the Halifax Business Community 

Today, National Privacy Services and McInnes Cooper co-hosted a half-day program on lessons learned from the first year of PIPEDA's full implementation in the private sector. I kicked off the program with an overview of PIPEDA and what it's all about. Then, Heather Black, the Assistant Privacy Commissioner of Canada, provided some very interesting insights on trends that her office is seeing (complaints are up 50%, a smaller portion of complaints are determined to be well-founded than last year). Heather gave her presentation "without a net", but mine is available here.

Labels: , ,

Wednesday, November 03, 2004

Privacy and Public Libraries 

Last week, I gave a presentation to a group of directors of public libraries in Nova Scotia. Library staff are regularly called upon to consider privacy issues, particularly in connection with public use internet stations. Police regularly ask for information related to who was using a particular terminal at a particular time, often in connection with threats made or other allegedely illegal conduct. In addition, some libraries are contemplating offering reading suggestions based on reader preferences, a form of "data mining".

PIPEDA applies in Nova Scotia and public libraries are not, by and large, engaged in commercial activities. While they were interested in PIPEDA, most of the discussion related to privacy best practices they can adopt to meet the growing expectation of their users. The presentation is available here: Privacy and Public Libraries

Labels: , , ,

Wednesday, October 06, 2004

Presentation: Privacy and The Customer Care Sector 

I was invited to give a presentation today on the effect of privacy laws on the call centre industry to ContactNB, the industry association for New Bunswick. The presentation is available here: Contact NB: Privacy and The Customer Care Sector

Labels: , ,

Friday, October 01, 2004

IT Project Management: The Legal Perspective 

Other than privacy (which is overwhelmingly the majority of my practice), I'm also an IT/technology lawyer. Before PIPEDA and the emergence of privacy as a legal discipline, IT took up all of my practice. In light of this, I was kindly invited by the Project Management Institute to give a presentation of the legal perspective of IT project management, which I did today.

I have seen far too many technology projects go completely sideways because there was no legal input in advance or because the contract was drafted by a software engineer and "legal" is called in after the development is complete to review the poorly drafted (or completely inappropriate) agreement the day before they plan to sign it. Aargh. An ounce of prevention is worth a pound of cure.

The presentation is available here, for anyone who may be interested: IT Project Management: The Legal Perspective.

Labels: , ,

Wednesday, September 15, 2004

Privacy Law and Workplace Investigations: Workshop 

I spent the day today with Paul Bradley, VP of PricewaterhouseCoopers, giving a workshop for Insight Information on conducting workplace investigations in the new era of privacy regulation. Anyone who is interested can get a copy of my powerpoint presentation here: Privacy Law and Workplace Investigations: Workshop

Labels: , ,

Friday, August 20, 2004

Privacy Presentations from the CBA Annual CLE Extravaganza 

As promised a short while ago, I've posted the presentations from the CBA Annual CLE session on cross-border privacy issues. Many thanks to Simon Chester for compiling our three powerpoints into one coherent (and hefty) acrobat file.

Cross-Border Issues for Privacy Law Compliance in Canada, the US & the EU

Presented by the National Privacy Law Section and the National Business Law Section This panel will focus on issues facing multi-national organizations that seek to align their privacy law compliance procedures across jurisdictions. The panel will examine the approaches taken by multi-nationals in complying with the new Canadian laws, as well as requirements for Canadian companies doing business in the US and the EU.

Moderator: David M.W.Young, Partner, Lang Michener LLP (Toronto)

Speakers: Simon Chester, Partner, McMillan Binch LLP (Toronto)
Evelyn L. Sullen, Staff Counsel, Volkswagen of America Inc. (Auburn Hills, MI)
David T.S. Fraser, Associate, McInnes Cooper (Halifax)

Labels: , , ,

Wednesday, August 18, 2004

Report from the CBA in Winnipeg 

I just returned from a very good few days at the Canadian Bar Association’s annual get-together in Winnipeg, Manitoba. There were quite a few privacy-related events during the two-day substantive program.

The first event was more administrative than anything. It was the meeting of the CBA Privacy Law subsection. The meeting was chaired by Brian Bowman, the section secretary who is also a privacy lawyer at Pitblado in Winnipeg. We reviewed the privacy-related resolutions passed by the CBA general meeting and the extensive activity undertaken by the section during its first year. (I’m told that it has an unprecedented level of activity for a brand-new section.) The next year should be just as busy.

David Young, who chairs the Advocacy and Government Relations subsection led a discussion of the contribution that can be made when the Personal Information Protection and Electronic Documents Act (Canada) comes up for full review in 2006. I expect there will be no shortage of suggestions. Ann Goldsmith, legal counsel to the Office of the Privacy Commissioner mentioned they have many suggestions already, with deemed consent for due diligence review in the course of sales of businesses near the top of their list.

Cross-border privacy issues

The second event was also on Monday: a panel discussion of cross-border privacy issues. Moderated by David Young of Lang Michener, the panel was composed of Simon Chester of McMillan Binch, Evelyn Sullen of Volkswagen of America Inc. and me. The presentation that I gave is available here and I’ll try to get permission to post Simon and Evelyn’s powerpoints.

Simon Chester began with a presentation on European privacy law, using three European women as illustrations of the law’s development and enforcement: (a) Bodil Lindqvist, (b) Naomi Campbell (see Campbell v. MGN Limited, [2004] UKHL 22) and (c) Princess Caroline of Monaco. The first example demonstrates how some authorities in Europe are being much more aggressive in enforcing the Data Protection Directive, including against clearly non-commercial and “domestic” use of personal information. The latter two examples show how the balance between privacy and freedom of the press are moving clearly towards privacy in Europe. (We will not likely see any of the Campbell/Caroline examples in Canada soon, as PIPEDA specifically does not apply to information collected for “artistic, literary or journalistic purposes. Any similar complaints against paparazzi will have to be grounded in the independent tort of “invasion of privacy”, which is being slowly developed in the Canadian provinces that do not have a statutory tort.) Interested readers should take a look at Simon's comprehensive paper, which is available here.

Evelyn’s presentation included an overview of the sectoral laws in the United States (COPPA, HIPAA, GLB, etc.) and a look at Volkswagen USA’s experience in addressing PIPEDA and the European privacy rules. It was estimated that VW spent about $500K in complying with PIPEDA, including postage for sending a “grandfathering/opt-out” letter to all customers in their database.

One of the questions posed was whether to adopt a fragmented privacy management system within an international company or should one try to develop a policy that complies with all legal regimes in which the company operates. Much of what was discussed in the international context is also applicable within the Canadian federal system. We are dealing with a number of privacy regimes in this country, including the present 100% overlap between federal and provincial laws in Alberta and British Columbia. (I am told that the Order-in-Council to declare AB and BC’s laws “substantially similar” to PIPEDA is on the agenda for the next meeting of the federal cabinet.) We also have an interesting overlap in the health privacy arena. Alberta, Saskatchewan and Manitoba each have provincial health information laws and none of them are expected to be declared substantially similar. This means that physicians in private practice, who are engaged in “commercial activities”, must comply with PIPEDA and with the local health information law. In most cases, the healthcare professionals can design their programs to comply with the most demanding individual rules and principles. In some cases, this is not always possible as some contradictions may appear between the laws.

Update on Canada’s Privacy Laws

On Tuesday, Brian Bowman moderated a panel of representatives from various privacy commissioners’ offices. On the panel was Heather Black, Assistant Privacy Commissioner of Canada; Brian Loukidelis, Information and Privacy Commissioner from British Columbia, Barry Tuckett, Manitoba’s Ombudsman and Mary O'Donoghue, legal counsel to the Information and Privacy Commissioner of Ontario. Each of the panelists gave an update on developments in their respective jurisdictions, beginning with Heather Black’s overview of the roll-out of PIPEDA. Heather made an interesting distinction between systemic and more accidental violations of PIPEDA. Systemic violations are those which demonstrate a systemic problem, such as a lack of awareness, policies or procedures. Accidental ones are simply where a company’s established – and otherwise compliant – procedures and policies are not followed, resulting in a breach. Both are problems, but the balance of complaints is leaning further away from systemic breaches. Heather also mentioned that the number of complaints that are “well founded” has declined (to the end of 2003) to around 20% from 45% a couple of years before.

Mary O'Donoghue, from the Ontario Information and Privacy Commissioner’s Office, provided a very good and brief overview of the Personal Health Information Protection Act, 2004.

At the moment, I’m a little jetlagged. I’ll try to write more about the conference when I’ve got a few more minutes and once I’ve heard back from my co-panellists about posting their materials.

Labels: , , , , , , ,

Thursday, June 24, 2004

Presentation: PIPEDA for Physicians 

I just attended Insight Information Co.'s Health Privacy conference in Halifax. The content was fantastic and the presenters were really top-notch. It was a bit disappointing that there were no healthpractitioners in attendance, but with a $1300 price tag it is hard to manage unless you have a hospital or other organization paying your way.

Without a doubt, I found that the best speaker was Karen Rose, who is the new Info and Privacy Commissioner for PEI. She spoke about the challenges and advantages of privacy compliance. I've asked her for her speaking notes, which I'll also ask her if I can post here. Suellen Murray, from the Nova Scotia Department of Health discussed the process that is underway to harmonize the health information laws from coast to coast (minus Quebec). She wasn't able to discuss the substance since there are some minor revisions underway, but the process is promising.

I was asked to present on PIPEDA in private practices. Since everyone in attendance came from public institutions (read: non-commercial, and therefore beyond PIPEDA's hooks), the interest was largely academic. I tried to emphasise that many of the doctors who are present in hospitals are going to be grappling with this development, so they'd better be sensitive to it. My presentation, PIPEDA for Physicians, is available here.

Labels: , , ,

Friday, June 18, 2004

Privacy Law and Project Management 

Yesterday, I gave a two and a half hour presentation (see: Privacy Law and Project Management) [link fixed] to the Nova Scotia Chapter of the Project Management Institute. The presentation began with an introduction to PIPEDA and led into a discussion of integration of privacy into project planning, drawing heavily from privacy impact assessment methodologies, especially the Canadian federal government's PIA guidelines and PIA policy. These days, no significant technology project should proceed without considering the potential privacy risk presented by the project.

Labels: , ,

Thursday, June 10, 2004

Presentation: PIPEDA and Employers (Hewitt) 

I was invited to give a presentation to a conference arranged by Hewitt Associates (a leading HR outsourcing services provider) on PIPEDA for HR professionals. The presentation is available here: PIPEDA and Employers (Hewitt)

Labels: , ,

Presentation: PIPEDA and Pharmacists 

Last weekend, National Privacy Services was invited to give a presentation on PIPEDA to a group of independent pharamcists. The presentation is available here: PIPEDA and Pharmacists.

Labels: , ,

Saturday, May 29, 2004

Presentation: PIPEDA and Physicians - MSNS AGM 2004 

I was recently invited to give a presentation to the Annual General Meeting of the Medical Society of Nova Scotia on the impact of PIPEDA on physicians. (See presentation: PIPEDA and Physicians - MSNS AGM 2004.)

Since last year, I have been working with National Privacy Services and the Medical Society to design an easy-to implement solution for busy physicians. In our experience, most physicians don't have the time or the inclination to design their own compliance program. And as small business people with tightening revenue, physicians don't have the resources to engage a privacy lawyer to assist them. (Perhaps as important, most doctors don't know about the law, let alone what they need to do to address it.)

The final product is the Physician's Privacy Manual, which includes a complete suite of products that a physician can implement in his or her practice. The Manual includes:

  • Privacy training manual (the only one of its kind designed from the ground up to address privacy in the private practice;
  • Policies and procedures to adopt in the practice;
  • Consent form for affirmative, opt-in consent;
  • Educational tools, including a privacy statement for patients and poster; and
  • Multi-media CD with a one-hour overview of PIPEDA and its requirements.

The procedures and tools contained in the Physician's Privacy Manual have been extensively field tested in private practices and subjected to review by a wide range of physician focus groups. For more information, contact National Privacy Services at http://www.privlaw.com or (toll free) at 1-877-PRIVLAW.

Labels: , ,

Sunday, March 14, 2004

Privacy and the Tourism Sector 

Last week, in conjunction with National Privacy Services Inc., I was invited to give a presentation to the Tourism Industry Association of PEI (TIAPEI) on the impact of PIPEDA on the tourism sector. I think TIAPEI will be putting all our materials up on their website, but in the meantime, I've posted one of my articles on my website:

Privacy and the Tourism Sector: [PDF]
" Since January 1, 2004, every organization in Atlantic Canada that collects, uses or discloses personal information in the course of commercial activities has been subject to a new and far-reaching federal privacy law. This includes businesses that operate in the tourism and hospitality sectors. Because the law reaches into the relationship between tourism operators and their customers, it potentially has a profound effect on the organization's ability to attract and retain those customers. "

Labels: , ,

Saturday, February 14, 2004

PIPEDA for Law Firms 

In November and December, I gave a few presentations in Halifax, Truro and Sydney for the Nova Scotia Barristers Society continuing professional development department. The first was on advising clients about PIPEDA and the second was specifically focused to what lawyers need to think about to get their own houses in order. In the last month or so, I've been bombarded with phone calls from lawyers who have received letters from clients asking about privacy and aren't sure what to do or say. Many see their law firms as any other supplier and are asking for assurances that we are up to par. I've also had a couple of calls from people who weren't able to make any of the presentations for a copy of my powerpoint. So, for them and for anyone else who might be interested, here is a link to the online-viewable version of PIPEDA for Law Firms and a PDF version. I'm not going to post a native PowerPoint version online since I've seen too much of my stuff cut and pasted in other places. If you want a copy of it for a presentation you are going to give, drop me a line at david.fraser (a) mcinnescooper.com.

Labels: , ,

This page is powered by Blogger. Isn't yours? Creative Commons License
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License. lawyer blogs