top of page

PIPEDA

myLaminin's Compliance

The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that regulates how private-sector organizations collect, use, and disclose personal information in the course of their for-profit, commercial activities. It applies to personal information of employees of federally-regulated businesses as well. PIPEDA sets national standards for privacy practices in the private sector. 

In essence, PIPEDA provides a framework for businesses to handle personal information responsibly, respecting the rights of individuals while enabling them to carry out their commercial activities.

Periodic Table

Key aspects of PIPEDA

Scope

PIPEDA applies to private sector organizations that conduct business across Canada or in a province that doesn't have a privacy law deemed substantially similar to PIPEDA.

Consent

PIPEDA recognizes two forms of consent: express consent (active agreement) and implied consent (failure to refuse after being offered the opportunity).

Data Breaches

Organizations must notify the Office of the Privacy Commissioner of Canada (OPC) and affected individuals if they become aware of a data breach that poses a significant risk of harm.

Penalties

Fines can range up to $80,000 for serious violations.

Purpose

The law aims to protect the privacy of individuals with respect to their personal information while acknowledging the need for organizations to collect, use, or disclose information for reasonable purposes.

Fair Information Principles

PIPEDA outlines 10 fair information principles that organizations must adhere to, including accountability, identifying purposes, consent, limiting collection, use, disclosure, and retention, accuracy, safeguards, openness, individual access, and challenging compliance.

Enforcement

The OPC investigates complaints and can issue administrative penalties for non-compliance.

Relationship to Other Laws

Provincial privacy laws may apply instead of PIPEDA in certain circumstances, especially if they are deemed substantially similar.

myLaminin’s compliance with PIPEDA

myLaminin actively worked with the OPC to understand its obligations and responsibilities in supporting researchers and research institutions to secure their research data, facilitate global collaboration, and comply with regulatory standards. myLaminin has implemented the OPC’s recommendations and is substantially PIPEDA compliant with a few required notifications that are on our roadmap.

The Office of the Privacy Commission of Canada_ Personal Information Privacy and Electroni
bottom of page