Law: Personal Information Protection Act, SA 2003 c P-6.5 ('PIPA'). Inter-provincial private organisations are regulated at the federal level by the Personal Information Protection and Electronic Documents Act 2000 ('PIPEDA').
Regulator: Office of the Information and Privacy Commissioner of Alberta ('OIPC')
Summary: PIPA is the primary act protecting personal data in the private sector in Alberta. PIPA principally affords consumers the right to access personal data held by an organisation and imposes certain obligations on organisations in relation to the collection, use, and disclosure of information. The OIPC enforces PIPA and reports to the Officer of the Legislature. The OIPC's powers include making decisions on, among other things, requests for reviews of responses to access to information requests, complaints regarding the collection, use, and disclosure of information, as well as commenting on implications of Privacy Impact Assessments sent to the OIPC.