With the advent of the Personal Information Protection and Electronic Documents Act, the firm became increasingly involved in advising regulators, associations and practitioners on how to establish and maintain acceptable privacy policies. Steinecke Maciura LeBlanc can do an audit of an organization's information handling practices, help it develop a workable privacy policy, provide staff training and support, and conduct annual reviews and refresher courses. Or, clients can purchase written materials from the firm and do it themselves.

Privacy Policy

Privacy of personal information is an important principle to Steinecke Maciura LeBlanc. We are committed to collecting, using and disclosing personal information responsibly and only to the extent necessary for the goods and services we provide. We also try to be open and transparent as to how we handle personal information. This document describes our privacy policies.

Privacy Courses and Seminars

For a complete list of our Privacy Courses and Seminars, please review our Seminars & Training Page

[Administrative Law and Practice Points, No. 7, February 2004]
On January 1, 2004, the Personal Information Protection and Electronic Documents Act (“PIPEDA”), the federal privacy legislation for the collection, use, and disclosure of personal information, became law in all of the provinces across Canada including Ontario (with the exception of Quebec which is largely exempted from PIPEDA as Quebec’s private sector privacy law was deemed substantially similar to PIPEDA). Given the complexity of the legislation, PIPEDA has become a significant legal challenge for regulators, associations, and practitioners. For example, regulators have been faced with a number of challenging questions such as: Does PIPEDA apply to some or all of the activities of regulators? If PIPEDA does apply to regulators, what are the responsibilities of regulators to ensure compliance with PIPEDA? If PIPEDA does apply to regulators, what should be contained in a regulator’s Privacy Policy to balance the protection of personal information with a regulator’s mandate to protect the public interest? If PIPEDA does not apply to regulators, should regulators develop a Voluntary Privacy and Access Code and, if so, what should it contain?

[Grey Areas, No. 66, August 2003]
One of the more significant requirements of the new privacy legislation is the need to safeguard personal information. The Personal Information Protection and Electronic Documents Act (PIPEDA), which takes effect on January 1, 2004, requires organizations to secure personal information from unauthorized access, disclosure, use or tampering.

[Grey Areas, No. 63, May 2003]
Over the past few years, there has been a lot of confusion about privacy legislation. Who does it apply to? When is it really coming? How much impact will it have? Busy practitioners need to know what privacy legislation means for them. While there remains a fair degree of uncertainty, the outlines of what is going to happen are now becoming clearer.

[Grey Areas, No. 60, February 2003]
In a true story reported in the media in late February, a patient had a mammogram and pelvic examination. The laboratory in Ottawa forwarded the reports to the treating practitioner. A few weeks later, a copy of the reports showed up on the back of flyers distributed in Toronto for a real estate company. How did it happen? The investigation to date suggests that the hospital forwarded the results to a law firm in Toronto at the request of the patient. Paper picked up from an office building in Toronto was sold to a printer who used the scrap paper for a test run of the flyers. The test run was shipped with the rest of the flyers and distributed to the public. The Ontario Information and Privacy Commissioner said an investigation could not be initiated because the federal Privacy Act does not yet apply. However, the situation would be very different in 2004.

[Grey Areas, No. 59, January 2003]
Perhaps one of the most significant legal changes affecting the regulation of professions and industries is the imminent arrival of privacy of personal information legislation. It has been known for some time that a new law regulating the collection, use and disclosure of personal information would take effect on January 1, 2004. What is not known is which law it would be and what exactly it would require.

[Professional Practice and Liability on the Net, Vol. 3 - No. 10, July 2002]
Most practitioners are aware that the provincial government has introduced new draft privacy legislation, the Privacy of Personal Information Act (“PPIA”), under the authority of the Provincial Ministry of Consumer and Business Services.  The legislation is still in the draft stage, although it appears that the government will want to have legislation in place within the next few months in light of deadlines imposed by federal legislation.