- Privacy complaints
- Protecting personal information
- Managing breaches
- Collection, use, and disclosure of personal information
- Data and technology management
- Digital Privacy Charter for Ontario Schools
A privacy breach occurs when personal information is collected, retained, used, disclosed, or disposed of in ways that do not comply with Ontario’s privacy laws. All public sector organizations, health information custodians, children’s aid societies and other child and family service providers should have a privacy breach response plan.
Under Ontario’s access and privacy laws, child and family service providers and health information custodians are required to report certain privacy breaches to the IPC.
What to do in case of a breach
Report a privacy breach at your organization now.
Reporting a Privacy Breach to the Information and Privacy Commissioner: Guidelines for Service Providers under Part X of the Child, Youth and Family Services Act
Reporting a Privacy Breach to the IPC: Guidelines for the Health Sector, types of breaches that need to be reported to the IPC at the first reasonable opportunity
Review our full list of guidance documents.
This post is also available in: French