Appendices

CIHR Best Practices for Protecting Privacy in Health Research (September 2005)

A-1 - CIHR Privacy Advisory Committee: Members
A-2 - Drafting process and consultations in 2004
A-3 - Real world case studies and links to the elements
A-4 - Diversity of health research and future considerations
A-5 - Selected documents and web links
A-6 - Glossary
A-7 - Tables of concordance with privacy legislation
- Explanatory note
- Application of Canadian privacy legislation
- For Element #1
- For Element #2
- For Element #3
  - Conditions for use and disclosure for research purposes without consent
- For Element #4
  - Part 1 - Consent requirement and elements of consent
  - Part 2 - Consent by substitute decision makers
- For Element #5
  - Provision of all information relevant to voluntary and informed consent
- For Element #6
  - Statutory prohibitions to secondary use/disclosure of personal information to contact individuals to participate in research
- For Element #7
  - Part 1 - General safeguarding requirements
  - Part 2 - Requirement for a privacy impact assessment
- For Element #8
  - Part 1 - Data matching/linkage provisions
  - Part 2 - Data-sharing agreements for research purposes
- For Element #9
  - Retention and destruction of personal information
- For Element #10
  - Part 1 - Accountability and transparency
  - Part 2 - Statutory references to research ethics boards
References

A-1 CIHR Privacy Advisory Committee

Members Privacy commissioners
David Loukidelis
Information and Privacy Commissioner of British Columbia

(Privacy-enhancing Technologies)
Debra Grant
Senior Health Privacy Specialist Information and Privacy Commissioner/Ontario

Research ethics boards (REBs)
Sharon Buehler
Co-Chair, Research Ethics Board, Memorial University

Don Willison
(CIHR-funded research on REBs) Scientist, Centre for Evaluation of Medicines, McMaster University

Health researchers
Charlyn Black (Health Services Research)
Director, BC Centre for Health Services and Policy Research

Colin L. Soskolne (Epidemiology)
Professor, Department of Public Health Sciences,
University of Alberta

Voluntary health organizations
Roy West
Co-Chair, Science and Research Committee,
Health Charities Council of Canada

Patients/consumers
Mary Vachon
Psychotherapist and Consultant in Private Practice
Professor, Depts. of Psychiatry and Public Health Science,
University of Toronto
Clinical Consultant, Wellspring

Phil Upshall
Chair, Canadian Alliance on Mental Illness and Mental Health
President- The Mood Disorders Society of Canada

Policy-makers
Heather McLaren
Director, Legislative Unit
Manitoba Health

Data producers/custodians
Joan Roch
Former Chief Privacy Officer, CIHI
Privacy Consultant

Michael Wolfson
Assistant Chief Statistician
Statistics Canada

Aboriginal interests
Bronwyn Shoush
CIHR Institute Advisory Board Member- Institute of Aboriginal People's Health,
Director, Aboriginal Justice Initiatives Unit,
Alberta Solicitor General

Health service providers
Denis Cournoyer
Associate Physician, McGill University Health Centre;
Associate Professor, Dept. of Medicine and Oncology,
McGill University

Ethics/law
Brent Windwick
Partner, Field LLP
Former Executive Director, Health Law Institute

Bartha Maria Knoppers
Canada Research Chair in Law and Medicine;
Professor, Public Law Research Centre, Faculty of Law,
University of Montreal

Ex officio members

Interagency Advisory Panel on Research Ethics (PRE):
Pierre Deschamps, PRE member
Member of the Canadian Human Rights Tribunal

Social Sciences and Humanities Research Council of Canada (SSHRC)
Christian Sylvain (alternate : Jocelyn Girard)
Director, SSHRC Corporate Policy and Planning

National Council on Ethics in Human Research (NCEHR)
Fern Brunger, NCEHR Member
Assistant Professor, Health Care Ethics, Faculty of Medicine
Memorial University

Health Canada
Ross Hodgins/John Horvath
Privacy Division Information, Analysis & Connectivity Branch,
Health Canada

International advisor
William W Lowrance
International Consultant in Health Policy and Ethics, Geneva, Switzerland

Canadian Institutes of Health Research
Patricia Kosseim - Chair
Former A/Director, Ethics Office
General Counsel, Office of the Privacy Commissioner of Canada

Sheila Chapman
Senior Ethics Policy Advisor

Mylène Deschênes
Former Senior Ethics Policy Advisor

Sylvie Burion
Project Officer

A-2 Drafting process and consultations in 2004

The Canadian Institutes of Health Research (CIHR) is Canada's main federal funding agency for health research. CIHR's mandate is to invest in research that has the potential to lead to improved health for Canadians, more effective health services and products, and a strengthened Canadian health care system. CIHR-funded health research must also meet the highest standards of scientific excellence and ethics.

Recognizing that one of the key ethical challenges for the health research community is to appropriately protect the privacy of those individuals whose information is used for research purposes, CIHR has initiated and promoted dialogue with the broad health research community on a range of privacy-related matters for many years. In particular, a multi-stakeholder workshop in November 2002 entitled Privacy in Health Research: Sharing Perspectives and Paving the Way Forward resulted in a number of recommendations including that CIHR initiate the development of privacy best practices and promote the harmonization of privacy laws and policies that impact on health research.

Following on these recommendations, CIHR established a Privacy Advisory Committee (PAC) in 2003 to advise CIHR on the development of privacy best practices for health research, and on strategies for consultation, communication and knowledge translation. CIHR, with the advice of PAC, developed Guidelines for protecting privacy and confidentiality in the design, conduct and evaluation of health research- Best Practices, Consultation Draft, April 2004.^{Footnote 97} A wide range of stakeholders was consulted on this draft from March through September, 2004. The current version of the Privacy Best Practices was revised to reflect the feedback received.

Response to consultations in 2004

We thank the many organizations and individuals who provided feedback on the 2004 draft Guidelines.^{Footnote 98} The consultation period extended from March through September, 2004, with some written comments being received through mid-October. There were three streams for providing feedback: (1) written comments received in response to invitations sent to key stakeholders, and through an on-line feedback questionnaire; (2) three multi-stakeholder workshops on specific themes aimed at addressing potential gaps in coverage; and (3) two small group dialogue sessions with citizens.

We heard that the broad health research community, including review and oversight bodies, were generally supportive of this initiative, while also making a number of suggestions for improvements of the draft Best Practices. We also were reminded that there is a diversity of points of view within and between stakeholder groups on privacy and confidentiality issues. Some respondents commented that the draft privacy best practices were too restrictive and could impede research, and others thought they were not restrictive enough. We heard from discussions with citizens that there appears to be generally strong support for health research, but also concern about potential unauthorized uses of personal information.

In response to feedback received, we have made the following main changes for this 2005 release:

A change in the title to: "Best Practices for Protecting Privacy in Health Research". Respondents noted that the previous title was too long, and combined both "guidelines" and "best practices" concepts. Also, it was noted that the document is meant to be recommended practices, which aspire in the future to the status of mandatory policy; thus there was general agreement that the term "best practices" was most appropriate at this stage.
A revision of the Executive Summary to better reflect the main text.
A clearer explanation of CIHR's mandate - to promote health research that meets the highest standards of excellence and ethics.
Addition of accompanying tables on relevant legal requirements, as guideposts for health researchers, research ethics boards and others, but not intended to serve as formal legal advice.
Addition of an accompanying table on different research areas, user groups, data collection methods, and activities, to demonstrate the applicability of this document to a wide range of target users.
Addition of an index to research methods covered in the Privacy Best Practices, to help researchers navigate the document to find relevant sections.
A more explicit acknowledgement of the different fundamental values in play, such as the rights and responsibilities of individuals, and the ethical framework articulated in the Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans (TCPS).
A clear recognition that the default position in health research should be the requirement for consent from individual participants.
Acknowledgement that the reality of researchers in such fields as health services and population health differs significantly from that of clinical researchers, with reference to CIHR Secondary Use of Personal Information in Health Research: Case Studies document.
Strengthened recognition of the privacy concerns of communities and groups.
Strengthened coverage of privacy issues for qualitative methods and inductive data collection and analysis.
Strengthened coverage of genetic data, and confirmation that the scope of the Privacy Best Practices does not extend to the management and governance of human biological materials.
Recognition of the tension between the principles of limiting access and retention of personal data, and the growing importance of making research data (particularly from publicly-funded research) available for broad research use and social benefit, with encouragement for researchers to think about these issues and to be explicit about what they plan to do with the data they collect.

Not surprisingly, given the extent of feedback received, the diversity in points of view, and the need to limit the scope and size of the document, not all requests for changes could be met. For example, these Best Practices do not specifically address privacy issues associated with health surveillance, program quality assurance studies, or private industry-funded research. Nevertheless, these Best Practices could serve as models for best practices developed in these other areas. And in response to requests for more focus on Aboriginal research and qualitative research methods, we provide some additional coverage in this 2005 document. However, we look forward to the more detailed work in these areas being coordinated through the Interagency Advisory Panel on Research Ethics.

As we note throughout this document, these Best Practices will need to continually evolve to reflect new best practices, refinements of existing practices, the findings of research on privacy, and changes in the legal and policy framework for health research in Canada.

A-3 Real world case studies and links to the elements

In 2002, CIHR published Secondary Use of Personal Information in Health Research: Case Studies (November 2002).^{Footnote 99} Nineteen case studies were developed to describe real-life examples of actual research involving secondary use of data in Canada. These case studies highlighted the practical challenges that arise when applying various legal and ethical norms in the specific context of population health and health services research. The case studies identified a number of ethical and legal issues that warranted further consideration and discussion.

The summary table of issues from the Case Studies is reprinted below, with an additional column on the far right providing a link to relevant sections of the Best Practices.^{Footnote 100}

Case study #	Title of case study	Collection / use / linkage of data	Issues raised	Relevant to Privacy Best Practices Element #:
1	The computerization of medical practices for the enhancement of therapeutic effectiveness	Collection and use of coded data from patient medical records contained in doctors' offices; no direct patient contact involved; implied consent with possibility of opting out.	Prior contact by original data custodian. Form of consent required	3, 4, 6 , 7
2	Seasonal patterns of Winnipeg hospital use	Linkage and analyses of coded data contained in provincial databases routinely collected for other purposes (i.e. hospital discharge data and population registry file); no direct contact involved; no consent obtained.	Impracticability of obtaining consent. Long-term retention of data for future research purposes.	3, 7, 8, 9
3	Assessing the accuracy of the Nova Scotia health survey	Linkage and analyses of coded data contained in provincial databases routinely collected for other purposes (i.e. hospital discharge data and physician claims database); no direct contact involved; no consent obtained.	Impracticability of obtaining consent.	3, 4, 7, 8
4	National diabetes surveillance system	Creation of a national diabetes database of aggregate data by linking and assembling coded data contained in provincial databases routinely collected for other purposes (i.e. hospital files, physician billing records and drug claims data); no direct contact involved; no consent obtained.	Impracticability of obtaining consent. Need for harmonization of laws and policies across jurisdictions. Long-term retention of data for future research purposes.	3, 7, 8, 9, 10
5	Use of RFLP molecular epidemiology to find out how tuberculosis is spread among people infected with HIV	Linkage and analyses of TB bacteria grown from individual sputum samples in a public health laboratory, with non-identifying demographic data held by the province's health ministry; no direct contact involved; no consent obtained.	What constitutes personal information. Form of consent required.	2, 3, 4, 7, 8
6	HIV seroprevalence among women undergoing abortion	Linkage of non-identifying questionnaires with non-identifying test results of blood samples obtained for therapeutic abortion purposes; direct patient contact; written consent obtained.	Form of consent required. Need for harmonization of laws and policies across jurisdictions.	3, 4, 6, 10
7	New use of anti-arrhythmia drugs in Saskatchewan	Linkage and analyses of coded data contained in provincial databases routinely collected for other purposes (i.e. drug claims database, hospital discharge data and physician billing records); no direct contact involved; no consent obtained.	Impracticability of obtaining consent.	3, 7, 8
8	Barriers to accessing health care in Canada: is the System Fair?	Linkage and analyses of personal information contained in Statistics Canada's National Population Health Survey, with provincial databases routinely collected for other purposes (i.e. hospital discharge data and physician billing data); direct contact involved; express consent obtained.	Validity of informed consent. Need for harmonization of laws and policies across jurisdictions.	5, 7, 8, 10
9	Needle stick injuries in nursing and laboratory staff	Collection and use of non-identifying questionnaires, combined with general statistics at each participating hospital; direct contact involved; express consent obtained.	Prior contact by original data custodian. Mandatory reporting and the researchers' duty of confidentiality.	4, 6, 7, 9
10	A randomized controlled trial of call/recall of 'hard-to-reach' women for Pap tests	Linkage of personal information from electronic medical records, with provincial cancer and cytology registries for purpose of assembling study population; direct contact involved; no individual consent obtained but physician authorization granted.	Prior contact by original data custodian. Impracticability of obtaining consent. Long-term retention of data for consistent research purposes.	6, 7, 8, 9
11	The impact of having elderly and welfare patients in Quebec pay a greater share in the costs of their prescription drugs	Linkage and analyses of coded data routinely collected in provincial databases for other purposes (i.e. prescriptions claims data, hospital discharge data, physician billing data and mortality data); no direct contact involved; no consent obtained.	Distinction between policy evaluation and research. Impracticability of obtaining consent.	2, 3, 8
12	A randomized drug policy trial with camouflaged contacting of patients	Linkage of coded data routinely collected in provincial databases for other purposes (i.e. prescriptions claims data, hospital discharge data, physician billing data and mortality data) for the purpose of assembling a study population; quality of life questionnaires then sent to potentially eligible research subjects through camouflaged contacting method; consent obtained for linking questionnaires with administrative data.	Distinction between policy evaluation and research. Prior contact by original data custodian.	5, 6, 8
13	Cancer and other health problems associated with breast implants	Linkage and analysis of personal information obtained from hospital records and clinical records, with data obtained from provincial cancer registries and registrars of vital statistics; no direct contact involved; no individual consent obtained, but nation-wide publicity program conducted.	Unique legal status of cancer registries. Prior contact by original data custodian. Impracticability of obtaining consent.	2, 3, 4, 7
14	Second cancers following treatment for non-Hodgkin lymphoma	Linkage and analysis of personal information obtained from a provincial cancer registry with personal information contained in hospital and radiotherapy center records; no direct contact involved; no individual consent obtained as 75% of the study cohort had died.	Unique legal status of cancer registries. Prior contact by original data custodian. Impracticability of obtaining consent.	3, 5, 6
15	Ontario familial colon cancer registry	Reviewing tumour pathology report forwarded to a provincial cancer registry, as validated by attending surgeons, in order to first identify and invite eligible patients and families for inclusion in the registry; survey data and tissue samples then collected; direct contact involved; consent obtained.	Unique legal status of cancer registries. Prior contact by original data custodian. Implications of assembling genetic information as a particularly sensitive category of personal information.	2, 5, 6, 7
16	Rapid surveillance of cancer in neighbourhoods and near point sources of pollution	Linkage and analysis of personal information contained in a provincial cancer registry with a provincial property assessment file and mortality database; no direct contact involved; no consent obtained; community-wide publicity and consultation process are planned.	Unique legal status of cancer registries. Impracticability of obtaining consent. Community interests.	2, 3, 7, 8
17	Patient outreach via PharmaNet	Automatic flagging of eligible research subjects in the province's drug claims database through the use of a computerized algorithm in order to assemble a study population without any human intervention; direct patient contact involved; consent obtained.	Prior contact by original data custodian.	3, 6
18	The registry of the Canadian Stroke Network	Creation of a national stroke registry by collecting, linking and assembling patients' survey data, health care utilization data and mortality data; direct patient contact involved; consent obtained.	Prior contact by original data custodian. Validity of informed consent. Long-term retention of data for future research purposes. Need for harmonization of laws and policies across jurisdictions.	3, 4, 5, 7, 10
19	Studying the health of health care workers	Linkage and analyses of coded health data contained in provincial databases routinely collected for other purposes (i.e. hospital records, physician billing data, and drug claims data); no direct contact involved; no consent obtained.	Impracticability of obtaining consent. Long-term retention of data for future research purposes.	3, 7, 8, 9

A-4 Diversity of health research and future considerations

To understand the scope of these Best Practices, it is helpful to consider the multi-faceted landscape of CIHR-funded health research in this country.

Health research projects span a spectrum of disciplines and methods.

These Best Practices are intended to address the full spectrum of CIHR-funded research.^{Footnote 101} CIHR categorizes health research in four broad themes, as defined in its Grants and Awards Guide:^{Footnote 102}

Bio-medical research
Research with the goal of understanding normal and abnormal human functioning, at the molecular, cellular, organ system and whole body levels, including development of tools and techniques to be applied for this purpose; developing new therapies or devices that improve health or the quality of life of individuals, up to the point where they are tested on human subjects. Studies on human subjects that do not have a diagnostic or therapeutic orientation.
Clinical research
Research with the goal of improving the diagnosis, and treatment (including rehabilitation and palliation), of disease and injury; improving the health and quality of life of individuals as they pass through normal life stages. Research on, or for the treatment of, patients.
Health services research
Research with the goal of improving the efficiency and effectiveness of health professionals and the health care system, through changes to practice and policy. Health services research is a multidisciplinary field of scientific investigation that studies how social factors, financing systems, organizational structures and processes, health technologies, and personal behaviours affect access to health care, the quality and cost of health care, and, ultimately, Canadians' health and well-being.
Social, cultural, environmental and population health
Research with the goal of improving the health of the Canadian population, or of defined sub-populations, through a better understanding of the ways in which social, cultural, environmental, occupational and economic factors determine health status.

CIHR encourages multi-disciplinary research that cuts across these broad thematic areas.

CIHR-funded health research also spans a range of research methods, including quantitative methods (typically based on large numbers of participants, involving hypothesis generation and testing, and statistical analyses of data) and qualitative methods (typically not involving the testing of hypotheses, but rather more open-ended and inductive analysis and collaborative observation techniques, often with smaller numbers of individuals).^{Footnote 103}

Health research projects may cross community, provincial, territorial or national boundaries.

Health research may involve particular cultural groups or communities, such as Aboriginal groups or remote communities.

A single health research study may have multiple sites in more than one province or territory. Research teams may be composed of a network of investigators drawn from across the country and across disciplines. CIHR's 13 "virtual" institutes are founded on this model, promoting collaboration among investigators in various jurisdictions, working on similar questions from different perspectives.

And, because health is a global issue, health research can have an international dimension. Researchers collaborate with colleagues in other countries as they have in the multi-year international Human Genome Project and in CIHR's Global Health initiative.

Health research is conducted in various settings, often supported by a mix of public and private funds.

A great deal of research is based at universities where investigators may have both public and private funding sources. Governments and affiliated research or statistical agencies conduct research on such things as emerging public health issues and the effectiveness of the health care system. They increasingly look for private-public partnerships in sponsorship. Statistical and research agencies with a public mandate conduct research within their agencies and frequently also serve as data stewards permitting, under strict controls, access to their data by external researchers such as those with CIHR funding.

Potential data sources for health research are also diverse.

Individuals are one essential source of health-related data. Individuals are recruited, for example, for clinical trials of new treatments and therapies; and for surveys (conducted by telephone, by mail or in person) on personal lifestyles and attitudes and on the health status of the population. Sometimes the interactions of individuals or groups are simply observed and documented.

Existing databases that were not originally created for research purposes are also important sources of data for health research. These databases have the potential to provide data that are difficult to obtain or cannot be obtained directly from individuals, such as physician diagnoses and records of hospital treatment (in health administrative databases), official registration of births, deaths and cause of death (in population registries), and disease trends and geographic "hot spots" in the population over time (in health surveillance databases).

Thus, these Best Practices have a broad scope, encompassing the wide spectrum of CIHR-funded health research intended to contribute generalizable knowledge to protect and improve human health.

For a more detailed description of the diversity of health research methods, the tables in this section provide examples of studies recruiting individuals or communities, and the wide range of important sources of research data.

Table 1: Examples of studies recruiting individuals or communities

Examples of participants	Examples of data items collected	Examples of research potential	Examples of data collection methods
Residents of a rural community	Age, sex and other demographic information Length of residence Attitudes toward a new teen drop-in health service Use of new service Health history	To identify factors that influence community acceptance and use of teen drop-in health services To assess the impact over time of the new clinic on reducing health problems and teen pregnancies among teens in rural communities	Observation of teen activities or review of service records in a number of rural communities, some with new teen health services and some without Interviews with health care providers and patients Interviews or surveys of teens and adults in the community
Individuals with asthma	Age, sex and other demographic information History of asthma and other medical conditions Medication history Meaning of illness	To assess the impact on health of a new asthma drug To identify barriers to proper use of a drug To identify the impact of asthma on quality of life To explore the meaning of illness in asthma patients	Clinical trials (see TCPS, Section 7 for more information about clinical trials) Interviews with asthma patients and parents Survey of asthma patients Focus groups of clinic personnel
Individuals with colon cancer	Age, sex and other demographic information Family history Health and treatment history Dietary habits Exposures to cancer risks in the environment Blood sample Meaning of "hereditary" and "risk", in relation to genetic screening	To examine interactions of genes and the environment in causing cancer To determine the need for education materials (for physicians and patients) about the risk of inheriting cancer To assess the impact on family members of screening for disease	Telephone or mailed surveys In-depth interviews Laboratory analyses of blood samples collected at the time of the interview Long-term follow up by telephone or mail
Tamil refugees in the Greater Toronto area	Age, sex and other demographic information Length of residence Refugee status Health history Use of health resources	To identify barriers to accessing health care To identify psychosocial and health issues associated with resettlement To assess use of complementary and alternative medicines	Participant observation research In-depth interviews Analysis of patient files Analysis of personal letters and journals

Table 2: Examples of databases with research potential, held in diverse settings

Databases	Examples of data^{Footnote 104}	Examples of research potential	Examples of data holders
Health administrative databases	Health insurance registration Physician diagnoses in billing records for provincial health insurance plans Hospital records	To examine interactions between the environment and health To describe trends in disease and wellness over time To evaluate the impact of changes in the health care system	Government Ministries of Health Hospitals Statistical agencies
Population registries	Records of all births, deaths, cause of death in a geographically defined population (e.g. a province)	To assess the burden of disease in a geographic area Linked with health records, to assess prenatal and post-natal care and health outcomes, and long-term outcomes of health conditions (e.g. length of survival and cause of death)	Provincial and Territorial registrars Statistical agencies
Disease registries	A database that holds permanent, ongoing personal data about a population group affected by a particular disease (e.g. cancer) or condition, for statistical, surveillance and/or research purposes.	To identify potential research participants To look at trends in new cases of disease To look for associations of disease and risk factors To assess the effectiveness of treatment Linked with death records, to assess survival and ultimate cause of death	Government agencies Disease agencies Hospitals Statistical agencies
Clinical research databases	Detailed data on medical history, psychosocial factors, patient status, care and associated health outcomes	To identify potential research participants To evaluate the efficacy of treatment To look at continuity of care	Physicians Disease clinics and institutes (e.g. diabetes, heart disease) Industry sponsors
Human genetic material banks	Primary materials (blood, bone and cultured tissue) Secondary materials (copies of primary samples such as cellular protein) Tertiary materials (electronically stored information such as DNA sequences) Linked clinical information	To develop diagnostic methods To assess the genetic basis of variability in drug efficacy and safety (pharmacogenetics) To discover the genetic and biochemical causes of disease (often linked to hospital data and/or genealogy information)	Government public health and research laboratories Private companies Universities Hospitals Clinical genetics clinics
Health surveillance databases	Public health data on chronic and communicable disease Reports of adverse health effects from marketed products	To search for causes of disease outbreaks or increasing numbers of new cases To document the burden of disease in populations To describe long-term trends in health status at the community or population level.	Government Ministries of Health World Health Organization Statistical agencies
Survey databases	Demographic information, workplace conditions, health services availability Self-reported personal behaviours, health status, medical conditions, lifestyle, attitudes, values, and experiences	To describe and assess the broad determinants of health (individual, biological, social, cultural, and environmental) and their impact on populations and individuals To describe and assess psychosocial factors in illness and disease and their individual, biological, social, cultural and environmental determinants	Government departments Statistical agencies Researchers Universities Research centres

Future considerations: The changing landscape of health research

The research landscape is an evolving one, as our knowledge and technological capacities continue to advance. In particular, the impact of new developments on research is still to be determined in areas such as:

the projected implementation of electronic health records across Canada over the next decade;
discoveries in genomics and research on genetic-environmental interactions;
emerging standards for Aboriginal research;^{Footnote 105}
increasing use of health-related databases, such as hospital and vital statistics records, for multiple purposes including patient care and management, program management, public health functions and services (e.g. cancer screening, vaccinations, chronic disease risk factor surveillance, obesity interventions) and research; and
government-led initiatives toward a harmonized legal framework for protecting the privacy and confidentiality of health information across all jurisdictions in Canada.

A-5 Selected documents and web links

Selected international and national guidelines

Council for International Organization of Medical Societies (CIOMS):
- International Ethical Guidelines for Biomedical Research Involving Human Subjects (2002)
- International Ethical Guidelines for the Ethical Review of Epidemiological Studies (1991)
  (currently under revision. See Website)
European Commission- Data protection
Interagency Advisory Panel on Research Ethics:
- Canadian Institutes of Health Research, Natural Sciences and Engineering Research Council of Canada, Social Sciences and Humanities Research Council of Canada: Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans (TCPS), 1998 (with 2000, 2002, 2005 amendments)
- TCPS tutorial
Medical Research Council (United Kingdom):
- Ethics Series- Personal Information in Medical Research (2000) [ PDF (303 KB) ]
Quebec Network of Applied Genetic Medicine (RMGA):
All policies
- Statement of Principles on the Ethical Conduct of Research Involving Populations
- Statement of Principles: Human Genome Research, Version 2000
- Research in Human Genetics and Consent (French only)
UK Biobank Project:
- Ethics and Governance Framework

For other key guidance documents see the Interagency Advisory Panel for Research Ethics web site.

Privacy legislation

CIHR A Compendium of Canadian Legislation Respecting the Protection of Personal Information in Health Research (April 2000, to be updated 2005)
Federal/Provincial/Territorial Oversight Offices-web links:
- Canada (Federal)
- British Columbia
- Alberta
- Saskatchewan
- Manitoba
- Ontario
- Quebec
- Prince Edward Island
- Nova Scotia
- New Brunswick
- Newfoundland and Labrador
- Yukon
- Northwest Territories- Email : atippcomm@theedge.ca
- Nunavut- Email : atippcomm@theedge.ca

Disclosure controls

Statistics Canada:
- Quality Guidelines (4th Edition- Oct 2003), pg. 61-66,
- Guide for Researchers under Agreement with Statistics Canada (July 2004), Appendix 2- More on Disclosure and Disclosure Risk

Related documents

CIHR Procedure for Addressing Allegations of Non-compliance with Research Policies.
CIHR Use of Personal Information in Health Research: Case Studies (November 2002)
CIHR Selected International Legal Norms on the Protection of Personal Information in Health Research (December, 2001). [ PDF (431 KB) | Help]
W. Lowrance, Learning from Experience: Privacy and the Secondary use of Data in Health Research, November 28, 2002.

A-6 Glossary

The following terms are defined here as used in this document. Readers should be aware, however, that these terms are not yet standardized and may be used somewhat differently in other contexts.

Aggregate data. The data have been averaged or grouped into ranges (e.g. 5 or 10-year age groupings).

Camouflaged contacting. This is an approach to sampling and contacting patients with particular medical conditions in such a way that the individual making the contacting is not aware of the health status of that individual at the time of contacting. Records of individuals with and without the condition of interest are sampled in some pre-determined proportion from the original source (e.g. administrative or clinical records). Contact information about the combined-sample group is then released without any information about the health status of the individual being disclosed to the person making contact (by telephone or mail). The health status of the individual remains concealed until such time as the individual agrees to participate in the research and to disclose whether or not he or she has the condition of interest.

Coded data. Single code: A participant's data are assigned a random code. Direct identifiers are removed from the dataset and held separately. The key linking the code back to direct identifiers is available only to a limited number (e.g. senior members) of the research team. Double or multiple codes. Two or more codes are assigned to the same participant's data held in different datasets (e.g. health administrative data, clinical data, genetic samples and data). The key connecting the codes back to participants' direct identifiers is held by a third party (such as the data holder) and is not available to the researchers. Coded data refers to data that are at least single coded. (See Element #2, Section 2.2.2, Box-Definition of terms).

Consent. Agreement to participate in research (which may include the collection, use or disclosure of personal data) by a legally competent person, or by authorized third parties on behalf of those who lack legal competence. Consent, to be valid, must be voluntary and informed. For consent to be voluntary, the consent must be given without the exertion of undue influence on the person, and with the option of withdrawing from the research at any time without penalty. For consent to be informed, the person must be given information about the research, and must understand this information. (See TCPS, Section 3)

Confidentiality. Confidentiality is the obligation of an organization or custodian to protect the information entrusted to it and not misuse or wrongfully disclose it. (From The Pan-Canadian Health Information Privacy and Confidentiality Framework, January 27, 2005. Accessible on the Health Canada- Health and the Information Highway Division- eHealth Resource Centre web page, under Reports 2005).

Data. Facts or figures from which conclusions can be drawn. Data can take various forms, but are often numerical, such as daily weight measurements of each person in a group (ref. Statistics: Power from data! - Statistics Canada On-line. See also definitions for Information.

Data custodian. See Data holder.

Data holder. The Data holder may have custodianship and/or stewardship functions. These functions may be executed within the same institution/body or may be delegated to distinct but coordinated institutions/bodies. Data custodianship relates primarily to responsibility for data storage and integrity. Data stewardship relates primarily to responsibility for data definition and access authorization, particularly data access and disclosure to third parties.

Data steward. See Data holder.

Data subject. The individual who is the subject of personal data/information collected for research purposes. Distinguished from Research Participant.

Direct collection. Collection of data directly from individuals.

Direct identifiers. These are variables such as name and address, health insurance number, etc., that provide an explicit link to a respondent. (Statistics Canada)

Indirect identifiers. These are variables such as date of birth, sex, marital status, area of residence, occupation, type of business, etc. that, in combination, could be used to identify an individual. (Adapted from Statistics Canada)

Impracticable. For the purposes of this document, "impracticable" means a degree of difficulty in doing something under present conditions, where the degree of difficulty is greater than would arise if something is merely inconvenient to do but may be less than if something is impossible. The conditions for assessing "impracticability" of consent are described in Element #3.

Information. Data that have been recorded, classified, organized, related, or interpreted within a framework so that meaning emerges. Information, like data, can take various forms. An example of the type of information that can be derived from data is the number of persons in a group in each weight category or changes in weight over time.(ref. Statistics: Power from data! - Statistics Canada On-line. See also definitions for Data and Statistics.

Member-checking. This is when a researcher provides participants with the opportunity to look at transcripts of what they have said or done, and to delete or footnote what they consider to be inaccurate or sensitive information.

Non-identifiable data. Any element or combination of elements that allows direct or indirect identification of an individual was never collected or has been removed, although some elements may indirectly identify a group or region. There is no code linking the data back to the individual's identity. (See Element #2, Section 2.2.2, Box- Definition of terms)

Personal data/information. Personal data or information may contain a direct link to a specific individual (e.g. name and street address, personal health number, etc.) or any element or a combination of elements that allows indirect identification of an individual (e.g. if birth date combined with postal code and other personal information on the record such as ethnicity could lead to the identification of an individual). The scope of personal information covered in these Privacy Best Practices includes personal information derived from blood and other human biological materials (e.g. information such as blood type, DNA code and the presence or absence of disease), but not the materials themselves.

Privacy. Privacy includes a right to be free from intrusion and interruption. It is linked with other fundamental rights such as freedom and personal autonomy. In relation to information, privacy involves the right of individuals to determine when, how and to what extent they share information about themselves with others. (From The Pan-Canadian Health Information Privacy and Confidentiality Framework, January 27, 2005. Accessible on the Health Canada- Health and the Information Highway Division- eHealth Resource Centre web page, under Reports 2005).

Research. Research is defined in the TCPS as "a systematic investigation designed to develop or establish principles, facts or generalizable knowledge" (TCPS, pg. 1.1). The range of research requiring ethics review in the TCPS is listed in Appendix 1 (TCPS, pg. A.1).

Research participant. The individual who consents to participation in research and who is the subject of personal data or information collected for research. See Data Subject.

Secondary use of data for research. The data may have been collected originally for (i) a non-research purpose (e.g. for health care administrative purposes or for health care insurance billing purposes), or (ii) a different research purpose (e.g. for a study on a different but related disease).

Sensitivity. The sensitivity of personal data is related to the potential for harm or stigma that might attach to the identification of an individual because of the nature of the information. The type of information that an individual may consider sensitive could relate to: sexual attitudes, practices and orientation; use of alcohol, drugs, or other addictive substances; illegal activities; suicide; sexual abuse; sexual harassment; an individual's psychological well-being or mental health; some types of genetic information (e.g. information that predicts future illness or disability and raises concerns around future employability or insurability); and any other information that, if released, might lead to social stigmatization or discrimination. Researchers should also be aware of information that communities may consider sensitive because, for example, of its potential to stigmatize a community.

A-7 Tables of concordance with privacy legislation

Explanatory note^{Footnote 106}

The Tables of Concordance supplement key provisions of the Privacy Best Practices with cross-references to related requirements under Canadian privacy legislation. The Tables also briefly summarize requirements under Canadian privacy legislation which are supplemental to the Privacy Best Practices. A full text of the provisions referred to in the Tables of Concordance can be found in the CIHR's "Compendium of Canadian Legislation Respecting the Protection of Personal Information in Health Research".^{Footnote 107}
The Tables are for reference purposes only and are intended to be read in conjunction with the Privacy Best Practices. References to specific Tables are found throughout the Privacy Best Practices.
The requirements under privacy legislation will vary depending on the factual circumstances. As such, the Tables should not be relied upon as legal advice. Readers should consult the relevant privacy statute(s) and, depending on the circumstances, other applicable legal requirements as well as professional codes of ethics.
The Tables only refer to Canadian federal, provincial and territorial privacy legislation. Municipal and local public sector privacy statutes have also been included.
The legislation included in the Tables is current through to June 2005.

Application of canadian privacy legislation

Jurisdiction	Legislation	Entities covered by Legislation
Federal	Personal Information Protection and Electronic Documents Act	Organizations that collect, use and disclose personal information in the course of a commercial activity (e.g., health care providers in private practice, pharmacies, pharmaceutical companies, etc.)^{Footnote 108} which takes place within a province unless the province has enacted legislation deemed by the Governor in Council to be substantially similar to the Act.^{Footnote 109} Federal works, undertakings and businesses that collect, use or disclose personal information, including personal information about employees in any province or territory. All personal information collected, used or disclosed in cross-border commercial transactions. Does not apply to government institutions subject to the Privacy Act.
Federal	Privacy Act	Federal government institutions (any department or ministry of state of the Government of Canada listed in the schedule to the Act or any body or office listed in the schedule to the Act).
British Columbia	Personal Information Protection Act	All organizations (e.g., health care providers in private practice, pharmacies, pharmaceutical companies, not-for-profit organizations). Does not apply to personal information if Freedom of Information and Protection of Privacy Act applies.
British Columbia	Freedom of Information and Protection of Privacy Act	Public bodies (e.g., governmental bodies, health authorities, hospitals, mental health facilities and universities).
Alberta	Health Information Act	Applies to custodians with respect to health information (e.g., health professionals, health care facilities, regional health authorities, provincial health boards). Legislation also impacts ethics committees and researchers.
	Personal Information Protection Act	All organizations, including not-for-profit, corporations, professional regulatory associations. Does not apply to health information (as defined in the Health Information Act) where the information is collected, used or disclosed by an organization for health care purposes including health research and management of the health care system.
	Freedom of Information and Protection of Privacy Act	Public bodies (e.g., government departments, educational bodies, health care bodies and designated agencies, boards and commissions). Does not apply to health information in records of a public body that is a custodian as defined in the Health Information Act.
	Municipal Government Act	Municipalities.
Saskatchewan	The Health Information Protection Act	Trustees with respect to personal health information (e.g., government institutions, regional health authorities, health professionals, health care organizations, professional regulatory bodies). Legislation also impacts researchers.
	Freedom of Information and Protection of Privacy Act	Government institutions (e.g., government departments, Crown Corporations, designated provincial boards, bodies and agencies). Does not apply to information that constitutes personal health information as defined in The Health Information Protection Act.
	The Local Authority Freedom of Information and Protection of Privacy Act	Local authorities (e.g., municipalities, universities, regional health authorities, special care homes, designated boards, commissions and bodies). Does not apply to information that constitutes personal health information as defined in The Health Information Protection Act.
Manitoba	The Personal Health Information Act	Trustees with respect to personal health information (e.g., health professionals, health care facilities, public bodies (including government departments and universities), health services agencies). Legislation also impacts health information privacy committees, the institutional research review committees and researchers.
Manitoba	The Freedom of Information and Protection of Privacy Act	Public bodies (e.g. universities, certain hospitals, regional health authorities, municipalities, government departments and agencies). Does not apply to personal health information to which The Personal Health Information Act applies.
Ontario	Personal Health Information Protection Act	Health information custodians, and agents of health information custodians, with respect to personal health information (e.g., Ontario Ministry of Health and Long-Term Care, public health units, hospitals, health care practitioners who provide health care, long-term care facilities, pharmacies, medical laboratories, ambulances, community health and mental health programs whose primary purpose is health care, Canadian Blood Services). Legislation also provides rules for research ethics boards, health data institutes, prescribed registries, persons who provide goods and services that enable a custodian to use electronic means to collect, use, modify, disclose, retain or dispose of personal health information, recipients of health information (e.g. researchers, employers and insurers). The legislation also applies to all persons with respect to the collection, use and disclosure of the health number.
	Freedom of Information and Protection of Privacy Act	Institutions (e.g., ministries, agencies, boards and most commissions of the government of Ontario, community colleges). Where a health information custodian is also an institution under the Freedom of Information and Protection of Privacy Act ("FIPPA") or a part of an institution under FIPPA, FIPPA continues to apply to such a health information custodian only in some circumstances. Where a FIPPA institution is not a health information custodian, only FIPPA applies, even where information at issue is health information.
	Municipal Freedom of Information and Protection of Privacy Act	Institutions (e.g. municipalities, boards of health, designated agencies, boards, commissions, corporations or other bodies)
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Public bodies (e.g., universities, cegeps, health care facilities, government departments and agencies).
Quebec	An act respecting the protection of personal information in the private sector	Persons carrying on an enterprise (e.g., health care providers in private practice, pharmacies and private research companies).
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Public bodies (e.g., government departments, agencies, boards, designated education and health bodies).
Nova Scotia	Freedom of Information and Protection of Privacy Act	Public bodies (e.g., universities, hospitals, government departments and agencies).
Nova Scotia	Municipal Government Act	Municipalities.
New Brunswick	Protection of Personal Information Act	Public bodies (e.g., government departments, school boards, regional health authorities).
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 110}	Public bodies (e.g., universities, health boards, municipalities, government departments).
Yukon	Access to Information and Protection of Privacy Act	Public bodies (e.g., government departments, agencies, boards, commissions and corporations).
Northwest Territories	Access to Information and Protection of Privacy Act	Public bodies (e.g., government departments, agencies, boards).
Nunavut	Access to Information and Protection of Privacy Act	Public bodies (e.g., government departments, agencies, boards).

ELEMENT #1 - DETERMINING THE RESEARCH OBJECTIVES AND JUSTIFYING THE DATA NEEDED TO FULFILL THESE OBJECTIVES
Element #1 provides that researchers should, at the outset of the research design process, identify and document research objectives as a basis for determining what data will be needed for the research. The precise identification and documentation of the purposes for collection, use and disclosure of personal (health) information is critical for the purpose of complying with various requirements under privacy legislation, including requirements relating to the principles of limiting collection of personal information, obtaining consent for collection, use and disclosure of personal (health) information, and accountability and transparency. Statutory references to each of these requirements under Canadian privacy legislation can be found in the following concordance tables in this section: Element #2 - Limiting the Collection of Personal Data Element #4 - Managing and Documenting Consent Element #5 - Informing Prospective Research Participants about the Research Element #10 - Ensuring Accountability and Transparency in the Management of Personal Data

ELEMENT #1 - DETERMINING THE RESEARCH OBJECTIVES AND JUSTIFYING THE DATA NEEDED TO FULFILL THESE OBJECTIVES

Element #1 provides that researchers should, at the outset of the research design process, identify and document research objectives as a basis for determining what data will be needed for the research. The precise identification and documentation of the purposes for collection, use and disclosure of personal (health) information is critical for the purpose of complying with various requirements under privacy legislation, including requirements relating to the principles of limiting collection of personal information, obtaining consent for collection, use and disclosure of personal (health) information, and accountability and transparency. Statutory references to each of these requirements under Canadian privacy legislation can be found in the following concordance tables in this section:

Element #2 - Limiting the Collection of Personal Data
Element #4 - Managing and Documenting Consent
Element #5 - Informing Prospective Research Participants about the Research
Element #10 - Ensuring Accountability and Transparency in the Management of Personal Data

ELEMENT #2 - LIMITING THE COLLECTION OF PERSONAL DATA ^{Footnote 111},^{Footnote 112} ELEMENT #2 - LIMITING THE COLLECTION OF PERSONAL DATA
Jurisdiction	Legislation	Privacy Legislation Concordance
Federal	Personal Information Protection and Electronic Documents Act	Schedule 1, 4.4 (Limiting Collection)
Federal	Privacy Act	Section 4 (Collection of personal information) Section 5 (Personal information to be collected directly from individual)
British Columbia	Personal Information Protection Act	Section 11 (Limitations on collection of personal information) Section 12 (Collection from source other than the individual)
British Columbia	Freedom of Information and Protection of Privacy Act	Section 26 (Purposes for which information may be collected) Section 27(1) (How personal information is to be collected)
Alberta	Health Information Act	Sections 18 to 21 (Collection of health information) Section 22 (Duty to collect health information from individual directly) Section 24 (Collection of health information by affiliate) Section 57 (Duty to collect, use or disclose health information with highest degree of anonymity possible) Section 58 (Duty to collect, use or disclose health information in a limited manner) Section 68(a) (Health information to be used in data matching to be collected in accordance with the Act)
	Health Information Regulation	Section 5(2) (Persons authorized to collect personal health number)
	Personal Information Protection Act	Section 7(1)(b) (Direct collection) Section 11 (Limitations on collection)
	Freedom of Information and Protection of Privacy Act	Section 33 (Purposes for which information may be collected) Section 34(1) (Direct collection)
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	Section 11 (Collection of health numbers) Section 23 (Collection on a need to know basis) Section 24 (Restrictions on collection) Section 25(1) (Direct collection)
	The Freedom of Information and Protection of Privacy Act	Section 25 (Purpose of information) Section 26 (Manner of collection)
	The Local Authority Freedom of Information and Protection of Privacy Act	__
Manitoba	The Personal Health Information Act	Section 13(1) (Restrictions on collection) Section 13(2) (Limit on amount of information collected) Section 14 (Source of information) Section 26 (Collection of health numbers)
Manitoba	The Freedom of Information and Protection of Privacy Act	Section 36 (1) (Purpose of collection) Section 36(2) (Limit on amount of information collected) Section 37(1) (Manner of collection)
Ontario	Personal Health Information Protection Act	Section 30 (Extent of information) Section 34 (2) (Limits on collecting health numbers) Section 36(1) (Indirect collection)
	Freedom of Information and Protection of Privacy Act	Section 38(2) (Collection of personal information) Section 39(1) (Direct collection)
	Municipal Freedom of Information and Protection of Privacy Act	__
Quebec	An act respecting the protection of personal information in the private sector	Section 5 (Necessary information) Section 6 (Collection from the person concerned)
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 64 (Unnecessary information)
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 31 (Purpose of Collection of Information) Section 32 (Direct collection)
Nova Scotia	Freedom of Information and Protection of Privacy Act	Section 24(1) (Treatment of Personal Information)
Nova Scotia	Municipal Government Act	__
New Brunswick	Protection of Personal Information Act	Schedule A, Principle 4 (Limiting Collection) Schedule B, Principle 4 (Individuals from whom personal information may be collected)
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 113}	Section 32 (Purpose for which personal information may be collected) Section 33 (How personal information is to be collected)
Yukon	Access to Information and Protection of Privacy Act	Section 29 (Purpose for which personal information may be collected) Section 30 ( How personal information is to be collected)
Northwest Territories	Access to Information and Protection of Privacy Act	Section 40 (Purpose of collection of information) Section 41 (Collection of information from individual concerned)
Nunavut	Access to Information and Protection of Privacy Act	Section 40 (Purpose of collection of information) Section 41 (Collection of information from individual concerned)

ELEMENT #3 - DETERMINING IF CONSENT FROM INDIVIDUALS IS REQUIRED
Conditions For Use And Disclosure For Research Purposes Without Consent^{Footnote 114}
Jurisdiction	Legislation	Privacy Legislation Concordance
Federal	Personal Information Protection and Electronic Documents Act^{Footnote 115}	Sections 7(2)(c): Conditions for use by an organization for statistical, or scholarly study or research purposes: purpose cannot be achieved without using the information; information is used in a manner that ensures confidentiality; impracticable to obtain consent; and organization informs the Commissioner of the use before information is used. Section 7(3)(f): Conditions for disclosure by an organization for statistical, or scholarly study or research purposes: purpose cannot be achieved without disclosing the information; impracticable to obtain consent; and organization informs the Commissioner of the disclosure before information is disclosed.
Federal	Privacy Act	Section 8(2)(j): Conditions for use and disclosure by a government institution for research or statistical purposes: Head of the government institution: is satisfied that the purpose for disclosure cannot reasonably be accomplished unless the information is provided in identifiable form; and obtains from the person or body a written undertaking that no subsequent disclosure of the information will be made in identifiable form.
British Columbia	Personal Information Protection Act	Section 21: Conditions for disclosure by organizations: Research purpose cannot be accomplished unless the personal information is provided in an identifiable form; information will not be used to contact persons to ask them to participate in the research; linkage of the personal information to other information is not harmful to the individuals and the benefits to be derived from the linkage are clearly in the public interest; the organization to which the personal information is to be disclosed has signed a data sharing agreement; and it is impracticable for the organization to seek the consent of the individual.
British Columbia	Freedom of Information and Protection of Privacy Act	Section 35: Conditions for disclosure by public bodies: Research purpose cannot reasonably be accomplished unless information is provided in identifiable form or research purpose is approved by Commissioner; information is disclosed on condition that it not be used to contact a person to participate in the research; any record linkage is not harmful to the individuals and the benefits to be derived from the record linkage are clearly in the public interest; head of the public body concerned has approved conditions relating to (i) security and confidentiality; (ii) removal or destruction of individual identifiers at the earliest reasonable time; (iii) prohibition of any subsequent use or disclosure of the information in individually identifiable form without express authorization of the public body; and recipient has signed an agreement to comply with the approved conditions, the Act and any of the public body's policies and procedures relating to the confidentiality of personal information.
Alberta	Health Information Act	Sections 27(1)(d) and 35(1)(a): Conditions for use and disclosure by a custodian: Custodian submits a proposal to an ethics committee; ethics committee is satisfied with respect to importance of research, qualifications of researcher, safeguards and that it is not reasonable or practical to obtain consent; and custodian has complied with/agreed to conditions suggested by the ethics committee. See also section 49 (Research proposal), section 50 (Role of ethics committee), section 51 (Bar to research), section 52 (Application for disclosure of health information), section 53 (Conditions and consents), section 54 (Agreement between custodian and researcher) and section 55 (Consent of the individual is required if additional information is needed).
	Personal Information Protection Act Regulation	Section 12(2): Conditions for disclosure by an archival institution: Disclosure is necessary for the research purpose; disclosure is not harmful to the individual concerned; research purpose is not contrary to the purposes and intent of the Act; and either (i)a reasonable person, taking into consideration all relevant circumstances, would find that disclosure of the personal information was appropriate at the time, or (ii) the information is disclosed under a research agreement. Section 14(3): Conditions for disclosure by an organization that is not an archival institution: Research agreement required; recipient agrees to comply with the same requirements as those established in respect of archival institutions; research has been approved by a research ethics review committee; and researcher has agreed to any additional conditions imposed by the ethics review committee.
	Freedom of Information and Protection of Privacy Act	Section 42: Conditions for disclosure by public bodies: Research purpose cannot reasonably be accomplished unless that information is provided in identifiable form or research purpose has been approved by Commissioner, record linkage is not harmful to individuals and benefits to be derived from record linkage are clearly in public interest, head of public body has approved conditions relating to (i) security and confidentiality, (ii) removal or destruction of identifiers at the earliest reasonable time, and (iii) prohibition of subsequent use or disclosure without express authorization of that public body, and recipient signed an agreement to comply with approved conditions, Act and public body's policies and procedures relating to confidentiality of personal information.
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	Section 29(2): Conditions for disclosure by a trustee or designated archive: Only where not reasonably practicable for consent to be obtained and if: research purposes cannot reasonably be accomplished using de-identified personal health information or other information; reasonable steps are taken to protect privacy of individual by removing all personal health information that is not required for the purposes of the research; in the opinion of research ethics committee, the potential benefits of the research project clearly outweigh the potential risk to the privacy of the individual; and (i) in the opinion of the trustee or designated archive, the research project is not contrary to public interest; (ii) research project is approved by a research ethics committee approved by minister; and (iii) recipient enters into an agreement with trustee or designated archive.
	The Freedom of Information and Protection of Privacy Act	Section 29(2)(k): Conditions for disclosure by public body: Head of public body must be satisfied that purpose for disclosure is not contrary to public interest and cannot reasonably be accomplished unless information is provided in identifiable form; and agreement must be signed by recipient not to make a subsequent disclosure of the information in identifiable form.
	The Local Authority Freedom of Information and Protection of Privacy Act	Section 28(2)(k): Conditions for disclosure by local body: Head of local body must be satisfied that purpose for disclosure is not contrary to public interest and purpose cannot reasonably be accomplished unless information is provided in identifiable form; and recipient provides written agreement not to make subsequent disclosure of the information in identifiable form.
Manitoba	The Personal Health Information Act	Section 24: Conditions for disclosure by trustees: Research project must be approved by: health information privacy committee if personal health information is maintained by government or a government agency; and institutional research review committee, if personal health information is maintained by a trustee other than the government or a government agency. Approval may be given only if applicable committee has determined that: research is of sufficient importance to outweigh the intrusion into privacy; research purpose cannot reasonably be accomplished unless personal health information is provided in identifiable form; unreasonable or impractical for researcher to obtain consent; and research project contains (i) reasonable safeguards to protect confidentiality and security of the personal health information, and (ii)procedures to destroy the information or remove all identifying information at earliest opportunity consistent with the purposes of the project. Agreement required between trustee and recipient. Consent required for direct contact with individuals except where information consists only of individuals' names and addresses.
Manitoba	The Freedom of Information and Protection of Privacy Act	Section 47(4): Conditions for disclosure by public body: Advice requested from review committee has been received and considered; head is satisfied that (i) the information is requested for bona fide research purpose, (ii) research cannot reasonably be accomplished unless information is provided in identifiable form, (iii) unreasonable or impractical for recipient to obtain consent, and (iv) disclosure of information, and any information linkage, is not likely to harm individuals and benefits to be derived from research and any information linkage are clearly in the public interest; head of public body has approved conditions relating to (i)protection of personal information, including use, security and confidentiality, (ii) removal or destruction of identifiers at earliest reasonable time, and (iii) prohibition of subsequent use or disclosure of personal information in identifiable form without written authorization of the public body; and recipient has entered into a written agreement to comply with approved conditions.
Ontario	Personal Health Information Protection Act	Section 44(1): Conditions for use by health information custodians and disclosure by health information custodians to researchers: Researcher must submit to custodian (i) an application in writing, (ii) a research plan, and (iii) a copy of the decision of a research ethics board that approves research plan; and researcher must enter into an agreement with custodian agreeing to comply with conditions and restrictions that custodian may impose relating to use, disclosure, return or disposal of information. See also sections 34(2) and (3) (Use and disclosure of health numbers) 37(1)(j) and (3) (Permitted use for research), section 44(2) (Elements of Research plan), section 44(3) and (4) (Consideration and decision of board), section 44(5) (Content of research agreement), section 44(6) (Compliance by researcher), sections 44(10) and (11) (Research approved outside Ontario) and section 50(1)(b) (Disclosure outside Ontario). See also section 39(1)(c) (Disclosure to prescribed person who compiles or maintains a registry of personal health information for purposes of facilitating or improving the provision of health care or that relates to the storage or donation of body parts or bodily substances), section 45 (Disclosure to prescribed entities for planning and management of health systems) and section 47 (Disclosure for analysis of health system).
	Personal Health Information Protection Act, General Regulation	Section 12 (Disclosure of health number): Researchers with custody or control of health numbers, by reason of a use or disclosure authorized under the Act for research purposes, may disclose the health number to a registry prescribed under the Act, an entity prescribed for the purposes of planning and management of health systems or another researcher if, the disclosure is part of a research plan approved under the Act, or the disclosure is necessary for the purpose of verifying or validating the information or the research. Section 15 (Requirement for research ethics board) Section 16 (Requirement for a research plan) Section 17 (Disclosure by researcher) Section 18(3) and (4) (Rules applicable to section 45 prescribed entities for use and disclosure of personal health information for research purposes)^{Footnote 116} Section 13(4) and (5) (Rules applicable to registries of personal health information for use and disclosure of personal health information for research purposes)^{Footnote 117}
	Freedom of Information and Protection of Privacy Act	Section 21(1)(e): Conditions for disclosure by public body: Disclosure is consistent with conditions or reasonable expectations of disclosure under which the personal information was provided, collected or obtained; research cannot be reasonably accomplished unless information is provided in identifiable form; and recipient has agreed to comply with the conditions relating to security and confidentiality prescribed by the regulations.^{Footnote 118}
	Municipal Freedom of Information and Protection of Privacy Act	__
	Municipal Freedom of Information and Protection of Privacy Act, General Regulation	Section 10(1): Terms and conditions a person must agree to before a head may disclose personal information to that person for a research purpose: Person shall use the information only for a research purpose set out in the agreement or for which the person has written authorization from the institution; the person shall name in the agreement any other persons who will be given access to personal information in a form in which the individual to whom it relates can be identified; before disclosing personal information to other persons, the person shall enter into an agreement with those persons to ensure that they will not disclose it to any other person; the person shall keep the information in a physically secure location to which access is given only to the person and to the persons given access; the person shall destroy all individual identifiers in the information by the date specified in the agreement; the person shall not contact any individual to whom personal information relates directly or indirectly without the prior written authority of the institution; the person shall ensure that no personal information will be used or disclosed in a form in which the individual to whom it relates can be identified without the written authority of the institution; and the person shall notify the institution in writing immediately if the person becomes aware that any of the conditions set out in this section have been breached.
Quebec	An act respecting the protection of personal information in the private sector	Section 21: Conditions for disclosure: Written request must be made to the commission. Commission must be satisfied that (i) intended use is not frivolous and the ends contemplated cannot be achieved unless the information is communicated in identifiable form and (ii) information will be used in manner that ensures its confidentiality. Authorization is granted for such period and on such conditions as may be fixed by the Commission. It may be revoked before the expiry of the period granted if Commission has reason to believe that the authorized person or body does not respect the confidentiality of the information disclosed or the other conditions.
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 125: Conditions for disclosure: Same conditions as above.
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 39: Conditions for disclosure by public body: Research purpose cannot reasonably be accomplished unless information is provided in identifiable form or research purpose has been approved by Commissioner; any record linkage is not harmful to individuals and benefits to be derived from record linkage are clearly in public interest; head of a public body has approved conditions relating to (i) security and confidentiality, (ii) removal or destruction of individual identifiers at earliest reasonable time, and (iii) prohibition of subsequent use or disclosure of information in identifiable form without express authorization of that public body; and recipient signs agreement to comply with approved conditions, Act and public body's policies and procedures relating to confidentiality of personal information.
Nova Scotia	Freedom of Information and Protection of Privacy Act	Section 29: Conditions for disclosure by public body: Research purpose cannot reasonably be accomplished unless information is provided in identifiable form; any record linkage is not harmful to individuals and benefits to be derived from record linkage are clearly in public interest; head of a public body has approved conditions relating to (i) security and confidentiality, (ii) removal or destruction of individual identifiers at earliest reasonable time, and (iii) prohibition of subsequent use or disclosure of information in identifiable form without express authorization of that public body; and recipient signs agreement to comply with approved conditions, Act and public body's policies and procedures relating to confidentiality of personal information.
	Municipal Government Act	Section 485(4): Conditions for disclosure by municipality: Research purpose cannot reasonably be accomplished unless information is provided in individually identifiable form; any record linkage is not harmful to individuals the information is about and the benefits to be derived from record linkage are clearly in the public interest; the responsible officer has approved conditions relating to (i) security and confidentiality, (ii) the removal or destruction of individual identifiers at the earliest reasonable time, and (iii) the prohibition of any subsequent use or disclosure of that information in individually identifiable form without the express authority of the municipality; and the person to whom the information is disclosed has signed an agreement to comply with the approved conditions, this Part of the Act, and any of the municipality's policies and procedures relating to the confidentiality of personal information.
New Brunswick	Protection of Personal Information Act	Schedule B, section 3.4: Consent not required when public body collects, uses or discloses personal information for purposes of legitimate research in the interest of science, of learning or of public policy, or for archival purposes.
Newfoundland and Labrador	Access to Information and Protection of Privacy Act	Section 41: Conditions for disclosure by public body: Same conditions as for Nova Scotia
Yukon	Access to Information and Protection of Privacy Act	Section 38: Conditions for disclosure by public body: Same conditions as for Nova Scotia
Northwest Territories	Access to Information and Protection of Privacy Act	Section 49: Conditions for disclosure by public body: Same conditions as for Nova Scotia
Nunavut	Access to Information and Protection of Privacy Act	Section 49: Conditions for disclosure by public body: Same conditions as for Nova Scotia

ELEMENT #4 - MANAGING AND DOCUMENTING CONSENT^{Footnote 119}
Part 1 - Consent Requirement and Elements of Consent
Jurisdiction	Legislation	Privacy Legislation Concordance and Selected Supplemental Requirements
Federal	Personal Information Protection and Electronic Documents Act	Schedule 1, 4.3 and 4.3.1 (Consent Requirement) Schedule 1, 4.3.4, 4.3.6 and 4.3.7 (Form of Consent) Schedule 1, 4.3.2, 4.3.5, 4.3.8 (Elements of Consent)
Federal	Privacy Act	Sections 7 and 8 (Consent Requirement)
British Columbia	Personal Information Protection Act	Sections 6 and 7 (Consent Requirement) Section 8 (Form of Consent) Section 9 (Elements of Consent)
	Freedom of Information and Protection of Privacy Act	Sections 32(b) and 33.1(1)(b) (Consent Requirement)
	Freedom of Information and Protection of Privacy Regulation	Section 6 (Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: Consent to disclosure of personal information must be in writing and specify to whom the personal information may be disclosed and how the personal information may be used.
Alberta	Health Information Act	Section 34(1) and (3) (Consent Requirement) Section 34(2), (4), (5) and (6) (Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: Consent to disclosure of personal health information must be in writing or be provided electronically and must include: authorization for custodian to disclose the health information specified in the consent; purpose for which the health information may be disclosed; identity of person to whom health information may be disclosed; acknowledgment that individual providing consent has been made aware of reasons why the health information is needed and the risks and benefits to the individual of consenting or refusing to consent; date consent is effective and date, if any, on which consent expires; and statement that consent may be revoked at any time by the individual providing it.^{Footnote 120} Revocation of consent must be provided in writing or electronically.
	Health Information Regulation	Section 6(2) (Electronic Consent) Supplemental Requirement to CIHR Privacy Best Practices: An electronic consent or a revocation of an electronic consent is valid only if the level of authentication is sufficient to identify the individual who is granting the consent or revoking the consent, as the case may be.
	Personal Information Protection Act	Section 7 (Consent Requirement) Section 8 (Form of Consent) Section 9 (Withdrawal or variation of consent) Section 10 (Consent obtained by deception)
	Freedom of Information and Protection of Privacy Act	Sections 39(1)(b) and 40(1)(d) (Consent Requirement)
	Freedom of Information and Protection of Privacy Regulation	Section 6(1) (Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: Consent to use or disclosure of personal information must be in writing and must specify to whom the personal information may be disclosed.
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	Sections 5, 26 and 27 (Consent Requirement) Sections 6(1) and (2), and 7 (Elements of Consent) Sections 6(3),(4) and (5) (Form of Consent)
	The Freedom of Information and Protection of Privacy Act	Sections 28 and 29 (Consent Requirement)
	The Freedom of Information and Protection of Privacy Regulations	Section 18 (Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: Consent to be in writing unless the head of the public body determines that it is not reasonably practicable.
	The Local Authority Freedom of Information and Protection of Privacy Act	__
	The Local Authority Freedom of Information and Protection of Privacy Regulations	Section 11 (Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: Consent to be in writing unless the head of the local body determines that it is not reasonably practicable.
Manitoba	The Personal Health Information Act	Sections 21(b) and 22(1)(b) (Consent Requirement)
Manitoba	The Freedom of Information and Protection of Privacy Act	Sections 43(b) and 44(1)(b) (Consent Requirement)
Ontario	Personal Health Information Protection Act	Section 29 (Consent Requirement) Sections 18(1), 18(5), 18(6) and 19 (Elements of Consent) Section 18(2), (3) and (4) (Form of Consent)
	Freedom of Information and Protection of Privacy Act	Section 41(a) and 42(b) (Consent Requirement)
	Municipal Freedom of Information and Protection of Privacy Act	__
Quebec	An act respecting the protection of personal information in the private sector	Sections 12 and 13 (Consent Requirement) Section 14 (Elements and Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: Consent must be manifest, free and enlightened^{Footnote 121}
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 53(1) and 59 (Consent Requirement)
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 36(1)(b) and 37(1)(c) (Consent Requirement)
Prince Edward Island	Freedom of Information and Protection of Privacy Act, General Regulations	Section 6 (Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: Consent to use or disclose personal information must (a) be in writing and (b) specify to whom the personal information may be disclosed and how the personal information may be used.
Nova Scotia	Freedom of Information and Protection of Privacy Act	Sections 26(b) and 27(b) (Consent Requirement)
	Freedom of Information and Protection of Privacy Regulations	Sections 7(2) and 8 (Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: Consent to use of personal information must (i) be in writing, (ii) identify the information, and (iii) specify to whom the information may be disclosed and how the information may be used.^{Footnote 122}
	Municipal Government Act	__
New Brunswick	Protection of Personal Information Act	Schedule A, Principle 3 (Consent Requirement) Schedule B, 3.1 and 3.2 (Form of Consent)
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 123}	Sections 38(1)(b) and 39(1)(b) (Consent Requirement)
Yukon	Access to Information and Protection of Privacy Act	Sections 35 (b) and 36 (b) (Consent Requirement)
Yukon	Access to Information Regulation	Section 2 (Consent to disclosure of personal information) Supplemental Requirement to CIHR Privacy Best Practices: Consent to disclosure to be in writing and specify to whom the personal information may be disclosed and how it may be used.
Northwest Territories	Access to Information and Protection of Privacy Act	Sections 43 (b) and 48 (b) (Consent Requirement)
Northwest Territories	Access to Information and Protection of Privacy Regulations	Section 5 (Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: The consent of an individual to a public body's use or disclosure of his or her personal information must be in writing and specify to whom the personal information may be disclosed and how it may be used.
Nunavut	Access to Information and Protection of Privacy Act	Sections 43 (b) and 48 (b) (Consent Requirement)
Nunavut	Access to Information and Protection of Privacy Regulations	Section 5 (Form of Consent) Supplemental Requirement to CIHR Privacy Best Practices: The consent of an individual to a public body's use or disclosure of his or her personal information must be in writing and specify to whom the personal information may be disclosed and how it may be used.

ELEMENT #4 - MANAGING AND DOCUMENTING CONSENT
Part 2 - Consent by Substitute Decision Makers^{Footnote 124}
Jurisdiction	Legislation	Privacy Legislation Concordance
Federal	Personal Information Protection and Electronic Documents Act	Schedule 1, 4.3.6 - (Consent by authorized representatives)
Federal	Privacy Act Privacy Regulations	Section 10 (Exercise of rights on behalf of minors, persons deemed incompetent, or deceased persons)
British Columbia	Personal Information Protection Act Regulations	Section 2 (Who may act for minors and others) Section 3 (Who may act for deceased persons) Section 4 (Determination of nearest relative)
British Columbia	Freedom of Information and Protection of Privacy Regulation	Section 3 (Who can act for young people and others)
Alberta	Health Information Act	Section 104(1) (Exercise of rights by other persons)
	Personal Information Protection Act	Section 61(1) (Exercise of rights by other persons)
	Freedom of Information and Protection of Privacy Act	Section 84 (Exercise of rights by other persons)
Saskatchewan	The Health Information Protection Act	Section 56 (Exercise of rights by other persons)
Saskatchewan	The Freedom of Information and Protection of Privacy Act	Section 59 (Exercise of rights by other persons)
Manitoba	The Personal Health Information Act	Section 60 (Exercising rights of another person)
Manitoba	The Freedom of Information and Protection of Privacy Act	Section 79 (Exercising rights of another person)
Ontario	Personal Health Information Protection Act	Section 5 (Substitute decision-maker) Sections 23 and 26 (Persons who are entitled to consent to the collection, use, or disclosure of personal health information) Section 25 (Authority of substitute decision-maker) Section 27 (Appointment of representative)
Ontario	Freedom of Information and Protection of Privacy Act	Section 66 (Exercise of rights of deceased, etc., persons)
Quebec	An act respecting the protection of personal information in the private sector	-
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 53 (Person with parental authority may authorize disclosure for a minor)
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 71 (Exercise of rights by other persons)
Nova Scotia	Freedom of Information and Protection of Privacy Act	Section 43 (Exercise of right or power by other persons)
New Brunswick	Protection of Personal Information Act	Schedule B, section 3.3 (Consent can be given by a parent, guardian or other representative of the individual in appropriate circumstances)
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 125}	Section 65 (Exercising rights of another person)
Yukon	Access to Information and Protection of Privacy Act	Section 62 (Personal Representation)
Northwest Territories	Access to Information and Protection of Privacy Act	Section 52 (Exercise of Rights by other persons)
Nunavut	Access to Information and Protection of Privacy Act	Section 52 (Exercise of Rights by other persons)

ELEMENT #5 - INFORMING PROSPECTIVE RESEARCH PARTICIPANTS ABOUT THE RESEARCH^{Footnote 126}
Jurisdiction	Legislation	Privacy Legislation Concordance and Selected Supplemental Requirements
Federal	Personal Information Protection and Electronic Documents Act	Schedule 1, 4.2 (Purpose for collection must be identified at the time of collection and must be documented) Schedule 1, 4.3.2 (Knowledge and consent)
Federal	Privacy Act	Section 5(2) (Individual to be informed of purpose of collection)
British Columbia	Personal Information Protection Act	Section 8(3) 10(1), 14 and 17 (Notice requirements for collection, use and disclosure)
British Columbia	Freedom of Information and Protection of Privacy Act	Section 27(2) (Information to be given regarding purposes for collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the legal authority for collecting the information.
Alberta	Health Information Act	Sections 21(2) and 22(3) (Information to be given regarding purposes for collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the specific legal authority for the collection.
	Personal Information Protection Act	Section 8(3) and 13 (Notification requirements for collection, use and disclosure)
	Freedom of Information and Protection of Privacy Act	Section 34(2) (Information to be given regarding purpose for collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the legal authority for collecting the information.
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	Sections 6 and 9 (Individual must be informed of purposes for collection use, and disclosure of the individual's personal health information)
	The Freedom of Information and Protection of Privacy Act	Section 26(2) (Individual must be informed of the purposes for the collection)
	The Local Authority Freedom of Information and Protection of Privacy Act	Section 25(2) (Individual to be informed of purposes of collection) Section 57(l) (Lieutenant Governor in Council may make regulations prescribing any matter to be included in notice)
Manitoba	The Personal Health Information Act	Section 15 (Notice of collection practices)
Manitoba	The Freedom of Information and Protection of Privacy Act	Section 37(2) (Individual must be informed of the purposes for the collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the legal authority for collecting the information
Ontario	Personal Health Information Protection Act	Section 18(5) and (6) (Knowledge of purposes of collection)
	Freedom of Information and Protection of Privacy Act	Section 39(2) (Information to be given regarding purpose for collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the legal authority for collecting the information.
	Municipal Freedom of Information and Protection of Privacy Act	Section 29(2) (Individual must be informed of primary purposes of collection) Supplemental Requirement to CIHR Best Practices: Individual must be told of the legal authority for collecting the information
	Municipal Freedom of Information and Protection of Privacy Act, General Regulation	Section 4(1) (When notice not required) Institutions not required to give notice of collection if providing notice would frustrate purpose of the collection or might result in an unjustifiable invasion of another individual's privacy. Head of institution must make available a statement describing purpose of collection and reason why notice not given.
Quebec	An act respecting the protection of personal information in the private sector	Section 8 (Information to be given regarding purpose for collection)
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 65 (Information to be given regarding purpose for collection) Supplemental Requirement to CIHR Privacy Best Practices: Every person who, on behalf of a public body, collects nominative information from the person concerned or from a third person must first identify himself and inform the person concerned that the collection is either mandatory or optional and of the consequences of failing to provide the information.
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 32(2) (Right to be informed regarding purpose for collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the legal authority for collecting the information.
Nova Scotia	Freedom of Information and Protection of Privacy Regulations	Section 8 (Requirement before use) Supplemental Requirement to CIHR Privacy Best Practices: Before information about an individual may be used, the individual must identify the information and give consent in writing specifying to whom the information may be disclosed and how the information may be used
Nova Scotia	Municipal Government Act	__
New Brunswick	Protection of Personal Information Act	Schedule A, Principle 2 and Schedule B, section 2.1 (Purposes for collection must be identified)
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 127}	Section 33(2) (Information regarding purpose for collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the legal authority for collecting the information.
Yukon	Access to Information and Protection of Privacy Act	Section 30(2) (Information regarding purpose for collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the legal authority for collecting the information.
Northwest Territories	Access to Information and Protection of Privacy Act	Section 41(2) (Information regarding purpose for collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the legal authority for collecting the information.
Nunavut	Access to Information and Protection of Privacy Act	Section 41(2) (Information regarding purpose for collection) Supplemental Requirement to CIHR Privacy Best Practices: Individual must be told of the legal authority for collecting the information.

ELEMENT #6 - RECRUITING PROSPECTIVE RESEARCH PARTICIPANTS
Statutory Prohibitions to Secondary Use/Disclosure of Personal Information to Contact Individuals to Participate in Research^{Footnote 128}
Jurisdiction	Legislation	Privacy Legislation Concordance
Federal	Personal Information Protection and Electronic Documents Act	__
Federal	Privacy Act	__
British Columbia	Personal Information Protection Act	Section 21(b): An organization may disclose, without the consent of the individual, personal information for a research purpose if the disclosure is on condition that it will not be used to contact persons to ask them to participate in the research.
British Columbia	Freedom of Information and Protection of Privacy Act	Section 35 (a.1): A public body may disclose personal information for a research purpose without the consent of the individual only if the information is disclosed on condition that it not be used for the purpose of contacting a person to participate in the research.
Alberta	Health Information Act	Section 55: If the researcher wishes to contact the individuals who are the subjects of the information disclosed for research purposes to obtain additional health information, the custodian or an affiliate of the custodian must first obtain consents from those individuals to their being contacted for that purpose.
	Personal Information Protection Act Regulation	Section 12(3)(d): If personal information is to be disclosed by an organization under a research agreement, the person to whom the information is to be disclosed must agree to not contact any individual to whom the information relates.
	Freedom of Information and Protection of Privacy Regulation	Section 8(f): The agreement required by the Act for disclosure of personal information without consent of the individual for research purposes must include provision that recipient will not contact any individual to whom the personal information relates, directly or indirectly, without the prior written authority of the public body.
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	__
	The Freedom of Information and Protection of Privacy Act	__
	The Local Authority Freedom of Information and Protection of Privacy Act	__
Manitoba	The Personal Health Information Act	Section 24(5): If a research project will require direct contact with individuals, a trustee must not disclose personal health information about those individuals without first obtaining their consent. Trustee need not obtain their consent if the information consists only of the individuals' names and addresses.
Manitoba	The Freedom of Information and Protection of Privacy Act	__
Ontario	Personal Health Information Protection Act	Section 44(6)(e): Researcher shall not make contact or attempt to make contact with the individual, directly or indirectly, unless the custodian obtains the individual's consent to being contacted.^{Footnote 129}
	Freedom of Information and Protection of Privacy Act, General Regulation	Section 10(1)6: Before a head may disclose personal information for a research purpose to a person, that person must agree not to contact any individual to whom personal information relates, directly or indirectly, without the prior written authority of the institution.
	Municipal Freedom of Information and Protection of Privacy Act	__
Quebec	An act respecting the protection of personal information in the private sector	__
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	__
Prince Edward Island	Freedom of Information and Protection of Privacy Act	__
Nova Scotia	Freedom of Information and Protection of Privacy Regulations	Section 9: Research agreement must contain condition that recipient not contact any individual to whom personal information relates, directly or indirectly, without the prior written authority of the public body.
Nova Scotia	Municipal Government Act	__
New Brunswick	Protection of Personal Information Act	__
Newfoundland and Labrador	Access to Information and Protection of Privacy Act	__
Yukon	Access to Information and Protection of Privacy Act	__
Northwest Territories	Access to Information and Protection of Privacy Regulations	Section 8: Research agreement must contain condition that the recipient must not contact any individual to whom the personal information relates, directly or indirectly, without the prior written authority of the public body.
Nunavut	Access to Information and Protection of Privacy Regulations	Section 8: Research agreement must contain condition that the recipient must not contact any individual to whom the personal information relates, directly or indirectly, without the prior written authority of the public body.

ELEMENT #7 - SAFEGUARDING PERSONAL DATA^{Footnote 130},^{Footnote 131}
Part 1 - General Safeguarding Requirements
Jurisdiction	Legislation	Privacy Legislation Concordance and Selected Supplemental Requirements
Federal	Personal Information Protection and Electronic Documents Act	Schedule 1, 4.7 (Safeguards for protecting personal information) Schedule 1, 4.1.4 (Policies and practices to be implemented to protect personal information)
Federal	Privacy Act	Section 62 (Security Requirements)
British Columbia	Personal Information Protection Act	Section 5 (Policies and practices) Section 34 (Protection of personal information)
British Columbia	Freedom of Information and Protection of Privacy Act	Section 30 (Protection of personal information) Supplemental Requirements to CIHR Privacy Best Practices: Information must be stored in Canada and accessed only in Canada unless the individual the information is about has identified the information and has consented, in the prescribed manner^{Footnote 132}, to it being stored in or accessed from, as applicable, another jurisdiction or if it is stored in or accessed from another jurisdiction for the purpose of disclosure allowed under the Act (section 30.1). Where a public body receives a foreign demand for disclosure, the head of the public body must inform the Minister responsible for the Act (section 30.2(2)).
Alberta	Health Information Act	Section 60 (Duty to protect health information) Section 63 (Duty to establish or adopt policies and procedures)
	Health Information Regulation	Section 8 (Record of safeguards to be maintained) Supplemental Requirements to CIHR Privacy Best Practices: Written agreement required with respect to safeguards for health information that is to be stored, used or disclosed outside Alberta unless used for continuing treatment and care (section 8(4) and (5)).
	Personal Information Protection Act	Section 6 (Policies and practice) Section 34 (Protection of information)
	Freedom of Information and Protection of Privacy Act	Section 38 (Protection of personal information) Sections 40(1)(h)and(i) and 40(4) (Authorization to disclose personal information to officers and employees for purposes of carrying out their functions)
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	Section 16 (Duty to protect) Section 23 (Collection, use and disclosure on a need-to-know basis) Supplemental Requirement to CIHR Privacy Best Practices: Individual to be informed about disclosures of personal health information made without consent (section 10(1)).
	The Freedom of Information and Protection of Privacy Act	__
	The Local Authority Freedom of Information and Protection of Privacy Act	__
Manitoba	The Personal Health Information Act	Section 18 and 19 (Security Safeguards) Section 20(3) (Limitation on trustee's employees)
	Personal Health Information Regulation	Section 2 (Written security policy and procedure) Section 3 (Access restrictions and other precautions) Section 4 (Additional safeguards for electronic health information systems) Section 5 (Authorized access for employees and agents) Section 6 (Orientation and training for employees) Section 7 (Pledge of confidentiality for employees) Section 8 (Audit) Supplemental Requirements to CIHR Privacy Best Practices: Audit of security safeguards to be conducted every 2 years (sections 2 and 8). Each employee and agent must sign a pledge of confidentiality that includes an acknowledgement that he or she is bound by the policy and procedures and is aware of the consequences of breaching them (section 7).
	The Freedom of Information and Protection of Privacy Act	Section 41 (Protection of personal information)
Ontario	Personal Health Information Protection Act	Section 10 (Information Practices) Section 12 (Security) Section 13 (Handling of Records) Supplemental Requirements to CIHR Privacy Best Practices: An individual shall be notified at the first reasonable opportunity if the information is stolen, lost, or accessed by unauthorized persons. However, a researcher shall not notify the individual unless the health information custodian obtains the individual's consent to having the researcher contact the individual and informs the researcher that the individual has given consent (section 12(2) and(3)). A health information custodian may disclose personal health information to an entity prescribed pursuant to section 45 of the Act^{Footnote 133}, if the Commissioner has approved the practices and procedures of the entity (sections 45(3)). The Commissioner must approve the practices and procedures of a health data institute (sections 47(9) and (10)).
	Personal Health Information Protection Act, General Regulation	Section 6(3) (Prescribed requirements for health information network provider.) Supplemental Requirements to CIHR Privacy Best Practices: Health information custodian may transfer records of personal health information for archive purposes to a person who, (a) has put in place reasonable measures to ensure that personal health information in the person's custody or control is protected against theft, loss and unauthorized use or disclosure and to ensure that the records containing the information are protected against unauthorized copying, modification or disposal (section 14(1)). Prescribed registries^{Footnote 134} must put in place practices and procedures approved by the Commissioner and summary of the practices and procedures must be made available to the public (sections 13(2) and 13(3)).
	Freedom of Information and Protection of Privacy Act, General Regulation	Section 4 (Measures to protect records)
	Municipal Freedom of Information and Protection of Privacy Act	__
Quebec	An act respecting the protection of personal information in the private sector	Section 10 (Safety measures) Section 20 (Authorized employee access to personal information without consent for the performance of duties of employees)
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 62 (Authorization to receive personal information for the discharge of duties) Section 76 (Declaration to the Commission required when establishing a file on individual) Supplemental Requirement to CIHR Privacy Best Practices: Anytime a file is established concerning an individual, the public body must make a declaration to the Commission containing, among other things, the categories of persons who have access to the file in carrying on their duties.
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 35 (Protection of personal information) Section 37(1)(g) and (g.1) (Authorization to disclose personal information to officers and employees for purposes of carrying out their functions)
Nova Scotia	Freedom of Information and Protection of Privacy Act	Section 24(3) (Treatment of personal information) Section 27(f) (Authorization to disclose personal information to officers and employees for purposes of carrying out their functions)
Nova Scotia	Municipal Government Act	__
New Brunswick	Protection of Personal Information Act	Schedule A and B, Principle 7 (Safeguards)
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 135}	Section 36 (Protection of personal information) Section 39(1)(f) (Authorization to disclose personal information to officers and employees for purposes of carrying out their functions) Section 51(e) (Commissioner's power to comment on privacy implications of using information technology in the storage of personal information)
Yukon	Access to Information and Protection of Privacy Act	Section 33 (Protection of Personal Information) Section 36(1)(f) (Authorization to disclose personal information to officers and employees for purposes of carrying out their functions)
Northwest Territories	Access to Information and Protection of Privacy Act	Section 42 (Protection of Personal Information) Section 48(k) (Authorization to disclose personal information to officers and employees for purposes of carrying out their functions)
Northwest Territories	Access to Information and Protection of Privacy Regulations	Section 6 (Disclosure to employees and service providers)
Nunavut	Access to Information and Protection of Privacy Act	Section 42 (Protection of Personal Information) Section 48(k) (Authorization to disclose personal information to officers and employees for purposes of carrying out their functions)
Nunavut	Access to Information and Protection of Privacy Regulations	Section 6 (Disclosure to employees and service providers)

ELEMENT #7 - SAFEGUARDING PERSONAL DATA
Part 2 - Requirement for a Privacy Impact Assessment^{Footnote 136}
Jurisdiction	Legislation	Privacy Legislation Concordance
Federal	Personal Information Protection and Electronic Documents Act	__
Federal	Privacy Act	__
British Columbia	Personal Information Protection Act	__
British Columbia	Freedom of Information and Protection of Privacy Act	Section 69(5): Public bodies which are ministries (i.e., excludes regional health authorities and hospitals) are required to conduct a privacy impact assessment for all new enactments, systems, projects or programs to determine whether the requirements of the Act are met. The privacy impact assessment must be conducted in accordance with the process/tool referenced in Schedule A attached hereto.
Alberta	Health Information Act	Sections 64, 70(2) and (3) and 71(2) and (3): Each custodian must prepare a privacy impact assessment and must submit it to the Information and Privacy Commissioner for review and comment before implementing any proposed administrative practices and information systems or any proposed change to any such existing practices and systems in accordance with the privacy impact assessment tool referenced in Schedule A attached hereto. Section 46(5) (Requirement for the Department to conduct a privacy impact assessment in certain situations)
	Personal Information Protection Act	__
	Freedom of Information and Protection of Privacy Act	__
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	__
	The Freedom of Information and Protection of Privacy Act	__
	The Local Authority Freedom of Information and Protection of Privacy Act	__
Manitoba	The Personal Health Information Act	__
Manitoba	The Freedom of Information and Protection of Privacy Act	__
Ontario	Personal Health Information Protection Act	__
	Personal Health Information Protection Act, General Regulation	Section 6(3) subparagraph 5: A person who provides goods or services for the purpose of enabling a custodian to use electronic means to collect, use, modify, disclose, retain or dispose of personal health information shall perform, and provide to each applicable health information custodian a written copy of the results of, an assessment of the services provided to the health information custodians, with respect to, (i) threats, vulnerabilities and risks to the security and integrity of the personal health information, and (ii) how the services may affect the privacy of the individuals who are the subject of the information.
	Freedom of Information and Protection of Privacy Act	__
	Municipal Freedom of Information and Protection of Privacy Act	__
Quebec	An act respecting the protection of personal information in the private sector	__
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	__
Prince Edward Island	Freedom of Information and Protection of Privacy Act	__
Nova Scotia	Freedom of Information and Protection of Privacy Act	__
New Brunswick	Protection of Personal Information Act	__
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 137} ^{Footnote 138}	__
Yukon	Access to Information and Protection of Privacy Act	__
Northwest Territories	Access to Information and Protection of Privacy Act	__
Nunavut	Access to Information and Protection of Privacy Act	__

Schedule A

Jurisdiction	Privacy Impact Assessment Tools
Federal	Treasury Board of Canada Secretariat - Privacy Impact Assessment Policy
British Columbia	Ministry of Management Services for British Columbia, Information Policy and Privacy Branch - Privacy Impact Assessment (PIA) Process
Alberta	Information and Privacy Commissioner of Alberta - Privacy Impact Assessment: Instructions and Annotated Questionnaire [ PDF (335 KB) ]
Saskatchewan	Office of the Saskatchewan Information and Privacy Commissioner - Privacy Impact Assessment (Short Form) [PDF (93 KB) ]
Manitoba	Ombudsman Manitoba, Access and Privacy Division - Privacy Compliance Tool Checklist [ PDF (9,27 KB) ] Manitoba Health - Privacy Impact Assessment (PIA) Guide (Not available on-line)
Ontario	Information and Privacy Commissioner/Ontario - Privacy Diagnostic Tool (PDT) Workbook [ PDF (222 KB) ] Management Board of Cabinet - Privacy Impact Assessment Guidelines
Quebec	Ministère des Relations avec les citoyens et de L'immigration (Québec) - Modèle de pratiques de protection des renseignements personnels - dans le contexte du développement des systèmes d'information par les organismes publics [ PDF (335 KB) ]
Prince Edward Island	N/A
Nova Scotia	N/A
New Brunswick	N/A
Newfoundland and Labrador	Office of the Information and Privacy Commissioner for Newfoundland and Labrador - Privacy Audit, A Compliance Review Tool Centre for Health Information - Privacy Impact Assessment for Researchers [ PDF ]
Yukon	N/A
Northwest Territories	N/A
Nunavut	N/A

ELEMENT #8 - CONTROLLING ACCESS AND DISCLOSURE OF PERSONAL DATA
Part 1 - Specific Data Matching/Linkage Provisions^{Footnote 139}
Jurisdiction	Legislation	Privacy Legislation Concordance
Federal	Personal Information Protection and Electronic Documents Act	__
Federal	Privacy Act	__
British Columbia	Personal Information Protection Act	Section 21 - Any linkage of personal information to other information must not be harmful to the individuals and the benefits to be derived from the linkage must clearly be in the public interest.
British Columbia	Freedom of Information and Protection of Privacy Act	Section 35 - Any record linkage must not be harmful to the individuals and the benefits to be derived from the record linkage must clearly be in the public interest.
Alberta	Health Information Act	Section 1(1)(g) (Definition of "data matching")^{Footnote 140} Section 68 (General prohibition on data matching) Section 69 (Permitted data matching by custodians) Section 70 (Data matching between custodians; privacy impact assessment required) Sections 71 and 32 (Data matching between custodians and non-custodians; privacy impact assessment required; obligation to notify Privacy Commissioner) Section 72 (Data matching for research; obligation to comply with provisions regarding disclosure for research purposes without consent (sections 48-56)) Section 107(5) (Offence to fail to notify Commissioner)
	Personal Information Protection Act	__
	Freedom of Information and Protection of Privacy Act	Section 42(b) - Record linkages cannot be harmful to the individuals the information is about and the benefits to be derived from the linkage must be clearly in the public interest
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	__
	The Freedom of Information and Protection of Privacy Act	__
	The Local Authority Freedom of Information and Protection of Privacy Act	__
Manitoba	The Personal Health Information Act	__
Manitoba	The Freedom of Information and Protection of Privacy Act	Section 46 - Approval must be obtained from head of the public body to use or disclose personal information for linking or matching purposes. The head may have to refer the proposal to the review committee for advice. Section 47(4) - Any information linkage, must not be likely to harm individuals and benefits to be derived from research and any information linkage must clearly be in the public interest.
Ontario	Personal Health Information Protection Act, General Regulation	Section 16(3) - A research plan must include a description of how personal health information will be used in the research, and if it will be linked to other information, a description of the other information as well as how the linkage will be done.
	Freedom of Information and Protection of Privacy Act	__
	Municipal Freedom of Information and Protection of Privacy Act	__
Quebec	An act respecting the protection of personal information in the private sector	__
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 68.1 (Permitted data matching/Requirement for written agreement) Section 69 (Obligation to maintain confidentiality) Section 70 (Submission of data matching agreements to Commission/ Public body; Tabling of agreement in National Assembly; Obligation to publish in Gazette)
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 39(b) - Record linkages cannot be harmful to the individuals the information is about and the benefits to be derived from the linkage must be clearly in the public interest.
Nova Scotia	Freedom of Information and Protection of Privacy Act	Section 29(b) - Record linkages cannot be harmful to the individuals the information is about and the benefits to be derived from the linkage must be clearly in the public interest.
Nova Scotia	Municipal Government Act	Section 485(4)(b) - Record linkages cannot be harmful to the individuals the information is about and the benefits to be derived from the linkage must be clearly in the public interest.
New Brunswick	Protection of Personal Information Act	__
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 141}	Section 41 - Record linkages cannot be harmful to the individuals the information is about and the benefits to be derived from the linkage must be clearly in the public interest. Section 51(e) - Commissioner may comment on implications for protection of privacy of using or disclosing personal information for record linkage.
Yukon	Access to Information and Protection of Privacy Act	Section 38 - Record linkages cannot be harmful to the individuals the information is about and the benefits to be derived from the linkage must be clearly in the public interest.
Northwest Territories	Access to Information and Protection of Privacy Act	Section 49 - Record linkages cannot be harmful to the individuals the information is about and the benefits to be derived from the linkage must be clearly in the public interest
Nunavut	Access to Information and Protection of Privacy Act	Section 49 - Record linkages cannot be harmful to the individuals the information is about and the benefits to be derived from the linkage must be clearly in the public interest

ELEMENT #8 - CONTROLLING ACCESS AND DISCLOSURE OF PERSONAL DATA
Part 2 - Data-sharing Agreements for Research Purposes^{Footnote 142}
Jurisdiction	Legislation	Privacy Legislation Concordance and Selected Supplemental Requirements
Federal	Personal Information Protection and Electronic Documents Act	Schedule 1, 4.1.3 (Organization must use contractual means to provide for comparable level of protection when personal information is being processed by a third party)
Federal	Privacy Act	Section 8(2)(j) (Requirement and content of data sharing agreements)
British Columbia	Personal Information Protection Act	Section 21(1) (Requirement and content of data sharing agreements) Supplemental Requirement to CIHR Privacy Best Practices: Prohibition from using personal information to contact a person to participate in the research (section 21(1)(c)).
British Columbia	Freedom of Information and Protection of Privacy Act	Section 35 (Requirement and content of data sharing agreements) Supplemental Requirement to CIHR Privacy Best Practices: Prohibition from using personal information to contact a person to participate in the research.
Alberta	Health Information Act	Section 54(1) (Agreement between researcher and custodian) Supplemental Requirement to CIHR Privacy Best Practices: Data sharing agreement must include obligation of recipient to pay the costs of (i) preparing information for disclosure, (ii) making copies of health information, and (iii) obtaining consents. Data sharing agreement must also contain obligation of researcher not to attempt to contact an individual who is the subject of the information in order to obtain additional information unless the individual has consented.
	Health Information Regulation	Section 8(4) (Additional requirements when health information is used or disclosed outside Alberta)
	Personal Information Protection Act Regulation	Sections 12(2), 12(3) and 14(3) (Requirement and content of data sharing agreement) Supplemental Requirement to CIHR Privacy Best Practices: Data sharing agreement must include obligation of recipient of information to not contact any individual to whom the personal information relates, directly or indirectly, without the prior written authority of the public body and that the person must notify the public body in writing immediately if the person becomes aware that any of the conditions set out in the agreement have been breached.
	Freedom of Information and Protection of Privacy Act	Section 42 (Requirement for data sharing agreement)
	Freedom of Information and Protection of Privacy Regulation	Section 8 (Content of data sharing agreement) Supplemental Requirement to CIHR Privacy Best Practices: Data sharing agreement must include obligation of recipient of information to not contact any individual to whom the personal information relates, directly or indirectly, without the prior written authority of the public body and notify the public body in writing immediately if the person becomes aware that any of the conditions set out in the agreement have been breached and that, if a person fails to meet the conditions of the agreement, the agreement may be immediately cancelled and that the person may be guilty of an offence pursuant to the Act.
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	Section 29(1) (Requirement and content of data sharing agreements)
	The Freedom of Information and Protection of Privacy Act	Section 29(2)(k) (Requirement for data sharing agreements)
	The Local Authority Freedom of Information and Protection of Privacy Act	__
Manitoba	The Personal Health Information Act	Section 24(4) (Requirement and content of data sharing agreement)
	Personal Health Information Regulation	Section 8.3 (Content of data sharing agreements)
	The Freedom of Information and Protection of Privacy Act	Section 47(4)(c) and (d) (Requirement for data sharing agreements)
Ontario	Personal Health Information Protection Act	Section 44(1) and (5) (Requirement for data sharing agreements)
	Freedom of Information and Protection of Privacy Act, General Regulation	Section 10 (Content of data sharing agreements)
	Municipal Freedom of Information and Protection of Privacy Act	__
Quebec	An act respecting the protection of personal information in the private sector	Section 21 (No requirement for data sharing agreement although the Commission may impose conditions on disclosure of information for research purposes)
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 125 (No requirement for data sharing agreement although the Commission may impose conditions on disclosure of information for research purposes)
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 39 (Requirement for data sharing agreements - no content specified)
Nova Scotia	Freedom of Information and Protection of Privacy Act	Section 29 (Requirement for data sharing agreements - no content specified)
	Freedom of Information and Protection of Privacy Regulations	Section 9 (Content of data sharing agreement) Supplemental Requirement to CIHR Privacy Best Practices: Data sharing agreement must include agreement of recipient not to contact any individual to whom personal information relates, directly or indirectly, without the prior written authority of the public body and to notify the public body in writing immediately if the person becomes aware that any of the conditions set out in this section have been breached. Agreement must be in prescribed form.
	Municipal Government Act	__
New Brunswick	Protection of Personal Information Act	__
Newfoundland and Labrador	Access to Information and Protection of Privacy Act	Section 41 (Requirement for data sharing agreements)
Yukon	Access to Information and Protection of Privacy Act	Section 38 (d) (Requirement for data sharing agreements)
Northwest Territories	Access to Information and Protection of Privacy Act	Section 49 (c) and (d) (Requirement for data sharing agreements)
Northwest Territories	Access to Information and Protection of Privacy Regulations	Section 8 (Content of data sharing Agreements) Supplemental Requirement to CIHR Privacy Best Practices: Data sharing agreement must include provisions requiring: an identification of any other persons who will be given access to the personal information by the recipient; a condition that the recipient must not contact any individual to whom the personal information relates, directly or indirectly, without the prior written authority of the public body; notice to the public body in writing immediately if the person becomes aware that any of the conditions set out in the agreement have been breached; a condition that, if a recipient fails to meet the conditions of the agreement, the agreement may be immediately terminated by the public body.
Nunavut	Access to Information and Protection of Privacy Act	Section 49(c) and (d) (Requirement for data sharing agreements)
Nunavut	Access to Information and Protection of Privacy Regulations	Section 8 (Content of data sharing Agreements) Supplemental Requirement to CIHR Privacy Best Practices: Same as for the Northwest Territories

ELEMENT #9 - SETTING REASONABLE LIMITS ON RETENTION OF PERSONAL DATA
Retention and Destruction of Personal Information^{Footnote 143},^{Footnote 144}
Jurisdiction	Legislation	Privacy Legislation Concordance and Selected Supplemental Requirements
Federal	Personal Information Protection and Electronic Documents Act	Schedule 1, 4.5, 4.5.2 and 4.5.3 (Limiting use, disclosure and retention) Supplemental Requirements to CIHR Privacy Best Practices: Data retention guidelines should include minimum and maximum retention periods.
	Privacy Act	Section 6 (Retention of personal information used for an administrative purpose)
	Privacy Act Privacy Regulations	Section 4 (Retention of personal information that has been used by a government institution for an administrative purpose) Supplemental Requirements to CIHR Privacy Best Practices: Personal Information shall be retained (a) for at least two years following the last time the personal information was used for an administrative purpose unless the individual consents to its disposal and (b) where a request for access to the information has been received, until such time as the individual has had the opportunity to exercise all his rights under the Act. However, the information may be destroyed in an emergency in order to prevent the removal of the information from the control of the institution (section 4). A copy of every request for access received as well as a record of any information disclosed pursuant to such a request must be maintained for a period of 2 years following the date of the request (section 7).
British Columbia	Personal Information Protection Act	Section 35 (Retention of personal information) Supplemental Requirements to CIHR Privacy Best Practices: If an individual's personal information is being used to make a decision that directly affects the individual, the information must be retained for at least one year.
British Columbia	Freedom of Information and Protection of Privacy Act	Section 31 (Retention of personal information) Supplemental Requirements to CIHR Privacy Best Practices: If an individual's personal information is being used to make a decision that directly affects the individual, the information must be retained for at least one year.
Alberta	Health Information Act	Section 3 (Storage and Destruction, Other Enactments) Section 41 (Maintaining certain disclosure information) Section 60(2)(b) (Safeguards for proper disposal) Supplemental Requirements to CIHR Privacy Best Practices: A custodian that discloses a record containing individually identifying diagnostic, treatment and care information must retain that information for a period of 10 years following the date of the disclosure (section 41(2).
	Personal Information Protection Act	Section 35 (Retention of information)
	Freedom of Information and Protection of Privacy Act	Section 35 (Accuracy and retention) Supplemental Requirements to CIHR Privacy Best Practices: If an individual's personal information is being used to make a decision that directly affects the individual, the information must be retained for at least one year or such shorter time as approved by the individual in writing, the public body and the body that approved the retention and disposition schedule if applicable.
	Municipal Government Act	Sections 214(2) and (3) (Destruction of records) Supplemental Requirements to CIHR Privacy Best Practices: A council may pass a bylaw respecting destruction of records and documents of the municipality. The bylaw must provide that if an individual's personal information will be used by the municipality to make a decision that directly affects the individual, the municipality must retain the personal information for at least one year after using it so that the individual has a reasonable opportunity to obtain access to it.
Saskatchewan	The Health Information Protection Act	Section 17 (Retention and destruction policy)
	The Freedom of Information and Protection of Privacy Act	__
	The Local Authority Freedom of Information and Protection of Privacy Act	__
Manitoba	The Personal Health Information Act	Section 17 (Retention and destruction of information) Supplemental Requirements to CIHR Privacy Best Practices: Written retention policy must be established. Trustee who destroys personal health information must keep a record of (i) the individual whose personal information is destroyed (ii) the time period to which the information relates, (iii) the method of destruction, and (iv) the person responsible for supervising the destruction.
	Personal Health Information Regulations	Section 2 (Written policy to be established)
	The Freedom of Information and Protection of Privacy Act	Section 40 (Retention of information) Supplemental Requirement to CIHR Privacy Best Practices: If personal information about an individual is used to make a decision that affects the individual, the public body must establish and comply with a written policy concerning the retention of the personal information (subsections 40(1) and (2)).
Ontario	Personal Health Information Protection Act	Section 13 (Handling of records) Supplemental Requirement to CIHR Privacy Best Practices: Information shall be retained for as long as necessary to allow the individual to exhaust any recourse under the Act where a request for access has been made.
	Freedom of Information and Protection of Privacy Act	Section 40(1) (Retention of personal information) Section 40(4) (Disposal of personal information)
	Freedom of Information and Protection of Privacy Act, General Regulations	Section 5 (Retention) Supplemental Requirements to CIHR Privacy Best Practices: Information shall be retained for at least one year after use, unless the individual to whom the information relates consents to its earlier disposition. The minimum period of retention of personal information contained in a telecommunications logger tape is 45 days rather than one year.
	Freedom of Information and Protection of Privacy Act, Disposal of Personal Information Regulation	Sections 2 to 6 (Disposal of personal information) Supplemental Requirements to CIHR Privacy Best Practices: Authorization of the head of the institution must authorize the destruction of the information. The head shall ensure that the institution maintains a disposal record setting out what personal information has been destroyed and the date.
	Municipal Freedom of Information and Protection of Privacy Act	Section 30(1) (Retention of personal information) Section 30(4) (Disposal of personal information)
	Municipal Freedom of Information and Protection of Privacy Act, General Regulation	Section 5 (Retention of personal information) Supplemental Requirement to CIHR Privacy Best Practices: Personal information to be retained for the shorter of one year after use or the period set out in a by-law or resolution made by the institution or made by another institution affecting the institution, unless the individual to whom the information relates consents to its earlier disposal.
Quebec	An act respecting the protection of personal information in the private sector	Section 12 (Use of file) Section 36 (Retention where request for access or rectification has been denied)
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 73 (Destruction) Supplemental Requirement to CIHR Privacy Best Practices: Section 73 does not apply to the processing of personal information collected and used as a working tool by a natural person and which is used by him for scientific research purposes to the extent that the information is not disclosed to any person other than the person concerned or to a body other than that to which he belongs, and that it is used judiciously (section 78).
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 33 (Retention when information is used to make a decision) Supplemental Requirement to CIHR Privacy Best Practices: If an individual's personal information is being used to make a decision that directly affects the individual, the information must be retained for at least one year.
Nova Scotia	Freedom of Information and Protection of Privacy Act	Section 24(4) (Treatment of personal information) Supplemental Requirement to CIHR Privacy Best Practices: If an individual's personal information is being used to make a decision that directly affects the individual, the information must be retained for at least one year.
Nova Scotia	Municipal Government Act	Section 483(4) (Retention of personal information) Supplemental Requirement to CIHR Privacy Best Practices: Where a municipality uses an individual's personal information to make a decision that directly affects the individual, the municipality shall retain that information for at least one year after using it so that the individual has a reasonable opportunity to obtain access to it.
New Brunswick	Protection of Personal Information Act	Schedule A, Principle 5 and Schedule B, Principle 5 (Limiting use, disclosure and rentention)
Newfoundland	Access to Information and Protection of Privacy Act^{Footnote 145}	Section 37 (Retention of personal information) Supplemental Requirement to CIHR Privacy Best Practices: If an individual's personal information is being used to make a decision that directly affects the individual, the information must be retained for at least one year.
Yukon	Access to Information and Protection Privacy Act	Section 34 (Retention of personal information) Supplemental Requirement to CIHR Privacy Best Practices: Public body must retain information it uses to make a decision affecting an individual for at least one year after such use.
Northwest Territories	Access to Information and Protection Privacy Act	Section 44 (Duties of public body) Supplemental Requirement to CIHR Privacy Best Practices: Public body must retain information it uses to make a decision affecting an individual for at least one year after such use.
Nunavut	Access to Information and Protection Privacy Act	Section 44 (Duties of public body) Supplemental Requirement to CIHR Privacy Best Practices: Public body must retain information it uses to make a decision affecting an individual for at least one year after such use.

ELEMENT #10 - ENSURING ACCOUNTABILITY AND TRANSPARENCY IN THE MANAGEMENT OF PERSONAL DATA
Part 1- Accountability and Transparency^{Footnote 146}
Jurisdiction	Legislation	Privacy Legislation Concordance
Federal	Personal Information Protection and Electronic Documents Act	Schedule 1, 4.1 (Accountability) Schedule 1, 4.8 (Openness)
Federal	Privacy Act	Sections 10 and 11 (Obligations regarding personal information banks)
British Columbia	Personal Information Protection Act	Section 4 (Compliance with the Act) Section 5 (Policies and Procedures)
British Columbia	Freedom of Information and Protection of Privacy Act	Section 2 (Purposes of this Act) Section 69(2) and (3) (Personal information directory of ministries) Section 69(5) (Duty of a ministry to prepare privacy impact assessment) Section 69(6) (Directory of personal information banks to be maintained by public body that is not a ministry) Section 70 (Policy manuals to be made available)
Alberta	Health Information Act	Section 2 (Purposes of the Act) Section 62 (Duty to identify responsible affiliate) Section 63 (Duty to establish or adopt policies and procedures) Section 64 (Duty to prepare privacy impact assessment) Section 66(6) (Accountability for information disclosed to an information manager)
	Health Information Regulation	Section 8(2) (Designating responsible individual) Section 8(6) (Custodian responsible for affiliates' compliance)
	Personal Information Protection Act	Section 5 (Compliance with Act) Section 6 (Policies and Procedures)
	Freedom of Information and Protection of Privacy Act	Section 2 (Purposes of this Act) Section 87 (Directory of public bodies) Section 87.1 (Directory of personal information banks) Section 88 (Records available without request) Section 89 (Access to manuals)
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	Preamble (Accountability obligations) Section 9 (Right to be informed)
	Freedom of Information and Protection of Privacy Act	Section 64 (Directory to be produced) Section 65 (Access to manuals)
	Local Authority Freedom of Information and Protection of Privacy Act	Section 53 (Directory of local authorities including place at which applications for access to records should be made for each)
Manitoba	The Personal Health Information Act	Section 2 (Purposes of this Act) Section 25(5) (Information transferred to information manager for processing deemed to be maintained by the transferring trustee)
	Personal Health Information Regulation	Section 2 (Written security policy and procedures) Section 6 (Orientation and training of employees)
	The Freedom of Information and Protection of Privacy Act	Section 2 (Purposes of this Act) Sections 75(1) and (2) (Directory to be maintained) Section 75(3) (Obligations regarding personal information bank) Section 76 (Records to be made available)
Ontario	Personal Health Information Protection Act^{Footnote 147}	Section 10 (Information Practices) Sections 15 to 17 (Accountability and Openness)
	Personal Health Information Protection Act, General Regulation	Sections 6(3) subparagraph 2 (Health information network provider to provide plain language description of services provided and safeguards in place to protect against unauthorized use and disclosure) Sections 6(3) subparagraph 3 (Information to be made available to the public by health information network provider) Sections 6(3) subparagraph 4 (Information to be made available to health information custodians) Sections 6(3) subparagraph 5 (Health information network provider to perform assessment of risks to security and integrity of personal health information in providing services and detailing affect on privacy)
	Freedom of Information and Protection of Privacy Act	Sections 31 to 36 (Information to be published or available) Sections 44 to 46 (Obligations regarding Personal Information Banks)
	Municipal Freedom of Information and Protection of Privacy Act	Section 1 (Purposes of this Act) Section 24 (Publications of information re institutions) Section 25 (Information available for inspection) Section 26 (Head shall make annual report) Section 34 (Obligations re personal information bank index)
	Municipal Freedom of Information and Protection of Privacy Act, General Regulation	Section 4(2) (Where notice re collection of personal information has not been given, the head shall make available for public inspection a statement describing the purpose of the collection of personal information and the reason that notice has not been given)
Quebec	An act respecting the protection of personal information in the private sector	Section 17 (Accountability for information disclosed outside Quebec)
Quebec	An act respecting access to documents held by public bodies and the protection of personal information	Section 67.3 (Register to be kept of every disclosure of personal information) Section 71 (Personal information files must be established) Section 76 (Declaration to the Commission required when establishing a file on individual)
Prince Edward Island	Freedom of Information and Protection of Privacy Act	Section 2 (Purposes of this Act) Section 73 (Records available without request)
Nova Scotia	Freedom of Information and Protection of Privacy Act	Section 2 (Purposes of this Act) Section 48 (Directory respecting records of public body)
Nova Scotia	Municipal Government Act	Section 462 (Purpose of this Part)
New Brunswick	Protection of Personal Information Act	Schedule A, Principle 1 (Accountability) Schedule A, Principle 8 (Openness)
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 148}	Section 3 (Purpose) Section 67(1)(c) (Designation and delegation by the head of public body) Section 69 (Directory of information)
Yukon	Access to Information and Protection of Privacy Act	Section 1(1) (Purpose of the Act) Section 63 (Information Directory) Section 64 (Records available without request)
Northwest Territories	Access to Information and Protection of Privacy Act	Section 1 (Purpose of this Act) Section 70 (Directory of public bodies and records) Section 71 (Policy manuals must be made available to the public) Section 72 (Records available without request)
Nunavut	Access to Information and Protection of Privacy Act	Section 1 (Purpose of this Act) Section 70 (Directory of public bodies and records) Section 71 (Policy manuals must be made available to the public) Section 72 (Records available without request)

ELEMENT #10 - ENSURING ACCOUNTABILITY AND TRANSPARENCY IN THE MANAGEMENT OF PERSONAL DATA
Part 2 - Statutory References to Research Ethics Board^{Footnote 149}
Jurisdiction	Legislation	Privacy Legislation Concordance
Federal	Personal Information Protection and Electronic Documents Act	__
Federal	Privacy Act	__
British Columbia	Personal Information Protection Act	__
British Columbia	Freedom of Information and Protection of Privacy Act	__
Alberta	Health Information Act	Section 27(1)(d) (Approval of Ethics Committee)^{Footnote 150} Section 50 (Role of Ethics Committee)
	Personal Information Protection Act Regulation	Section 14(3) (Approval of Research Ethics Review Committee)
	Freedom of Information and Protection of Privacy Act	__
	Municipal Government Act	__
Saskatchewan	The Health Information Protection Act	Section 29(2)(ii) (Approval of research ethics committee)
	The Freedom of Information and Protection of Privacy Act	__
	The Local Authority Freedom of Information and Protection of Privacy Act	__
Manitoba	The Personal Health Information Act	Section 24 (Approval of health information privacy committee and institutional research review committee)
	Personal Health Information Regulation	Section 8.1 (Functions of health information privacy committee)
	The Freedom of Information and Protection of Privacy Act	__
Ontario	Personal Health Information Protection Act	Section 44(1) (Approval of Research Ethics Board) Section 44(3) and (4) (Considerations and Decisions of Research Ethics Board)
	Freedom of Information and Protection of Privacy Act	__
	Municipal Freedom of Information and Protection of Privacy Act	__
Quebec^{Footnote 151}	An act respecting the protection of personal information in the private sector	__
Quebec^{Footnote 151}	An act respecting access to documents held by public bodies and the protection of personal information	__
Prince Edward Island	Freedom of Information and Protection of Privacy Act	__
Nova Scotia	Freedom of Information and Protection of Privacy Act	__
Nova Scotia	Municipal Government Act	__
New Brunswick	Protection of Personal Information Act	__
Newfoundland and Labrador	Access to Information and Protection of Privacy Act^{Footnote 152}	__
Yukon	Access to Information and Protection of Privacy Act	__
Northwest Territories	Access to Information and Protection of Privacy Act	__
Nunavut	Access to Information and Protection of Privacy Act	__

References

Footnote 97

The Guidelines for protecting privacy and confidentiality in the design, conduct and evaluation of health research- Best Practices, Consultation Draft, April 2004 is accessible on CIHR's web site.

Return to footnote 97 referrer

Footnote 98

Summary reports of feedback received, and an evaluation of the 2004 consultation process, are accessible on CIHR's web site.

Return to footnote 98 referrer

Footnote 99

See CIHR's web site (Secondary Use of Personal Information in Health Research: Case Studies, November 2002).

Return to footnote 99 referrer

Footnote 100

The table is reprinted verbatim from pg. 39 of the Case Studies document except for changes to terms referring to the level of identifiability of data to be consistent with terms defined in Element #2, Box-Definition of terms: Individual identifiability of data, and in the Glossary, in Appendix A-6.

Return to footnote 100 referrer

Footnote 101

Note that the scope of these Privacy Best Practices does not necessarily extend to particular issues of privacy and confidentiality, and related legal requirements, in research that is entirely funded by private industry.

Return to footnote 101 referrer

Footnote 102

CIHR's Grants and Awards Guide, 2005-2006.

Return to footnote 102 referrer

Footnote 103

A search of the CIHR funding database on the search term "qualitative methods" elicited over a hundred CIHR-funded research projects using qualitative methods as of 2004-2005. These CIHR-funded projects were investigations into such areas as public, community and family values, and in some cases involved the community in the development and conduct of the research.

Return to footnote 103 referrer

Footnote 104

Differing amounts of data elements (e.g. age, sex, residence, occupation) will be found in each of these datasets.

Return to footnote 104 referrer

Footnote 105

Developments relevant to research in Aboriginal settings include the current review of TCPS Section 6 (Research Involving Aboriginal Peoples), coordinated by the Interagency Advisory Panel on Research Ethics and including CIHR-led development of guidance on Aboriginal health research.

Return to footnote 105 referrer

Footnote 106

These Tables of Concordance were prepared by Adam Kardash and Antonella Penta at Heenan Blaikie LLP in consultation with the Ethics Office, privacy regulatory authorities and Ministries of Health.

Return to footnote 106 referrer

Footnote 107

The Compendium is accessible on CIHR's web site.

Return to footnote 107 referrer

Footnote 108

The precise application of the Personal Information Protection and Electronic Documents Act ("PIPEDA") to the health care sector has not yet been considered by a court of law. See Industry Canada's "PIPEDA Awareness Raising Tools (PARTs) Initiative for the Health Sector" [ PDF ].

Return to footnote 108 referrer

Footnote 109

Note that the Personal Information Protection Act (Alberta), the Personal Information Protection Act (British Columbia) and An act respecting the protection of personal information in the private sector (Quebec) have each been deemed substantially similar. The provincial health privacy legislation in each of Alberta, Saskatchewan, Manitoba and Ontario have not been deemed substantially similar, although the Governor in Council has proposed to exempt health information custodians subject to the Personal Health Information Protection Act (Ontario) from the application of PIPEDA. Note also that PIPEDA will always apply to federal undertakings (e.g., broadcasting or telecommunications, banks, etc.) and to an organization's transfer of personal information outside the province.

Return to footnote 109 referrer

Footnote 110

Part IV to be proclaimed.

Return to footnote 110 referrer

Footnote 111

This table cross references the statutory provisions for collecting only the personal information needed to fulfill the purpose of the collection. As a general rule, consent is required for collection of personal information, which consent must be voluntary and informed. For statutory provisions relating to the elements and form of consent, please refer to the table for Element #4. For the statutory provisions relating to the notice required for voluntary and informed consent, please refer to the table for Element #5.

Return to footnote 111 referrer

Footnote 112

This table also includes provisions dealing with the requirement to collect personal information directly from the person the information is about. Note that there are various exceptions to this requirement which have not been included in this table.

Return to footnote 112 referrer

Footnote 113

Part IV to be proclaimed.

Return to footnote 113 referrer

Footnote 114

Consent is generally required under privacy legislation for the use and disclosure of personal information for any purpose, including research purposes, subject to limited exceptions. This chart sets out the conditions upon which personal information may be used or disclosed for research purposes without consent. Reference should also be made to the statutory requirements for data sharing agreements and data matching/linking detailed in the concordance table for Element #8.

Return to footnote 114 referrer

Footnote 115

Note that the consent exemptions noted only apply for the use and disclosure of personal information for statistical, scholarly study or research purposes. There is no equivalent consent exemption in the statute for collecting personal information for such purposes.

Return to footnote 115 referrer

Footnote 116

The following are prescribed for the purposes of section 45:

Cancer Care Ontario.
Canadian Institute for Health Information.
Institute for Clinical Evaluative Sciences.
Pediatric Oncology Group of Ontario.

Return to footnote 116 referrer

Footnote 117

The following are prescribed registries:

Cardiac Care Network of Ontario in respect of its registry of cardiac services.
INSCYTE (Information System for Cytology etc.) Corporation in respect of CytoBase.
London Health Sciences Centre in respect of the Ontario Joint Replacement Registry.
Canadian Stroke Network in respect of the Canadian Stroke Registry.

Return to footnote 117 referrer

Footnote 118

Conditions relating to security and confidentiality are prescribed by section 10 of Regulation 460.

Return to footnote 118 referrer

Footnote 119

Canadian privacy statutes generally require consent for collection, use and disclosure of personal information for research purposes, subject to exceptions set out in the legislation. This table sets out the form and elements of consent where consent is required for the protection of privacy. See the exceptions to consent requirement for research purposes in table of concordance for Element #3. See also the statutory notice requirements for informed consent in the table of concordance for Element #5. See also the table following this chart for statutory references to consent by substitute decision makers.

Return to footnote 119 referrer

Footnote 120

Section 23 of the Health Information Act (Alberta) states that if a custodian collects health information from an individual using a recording device or camera or any other device that may not be obvious to the individual, the custodian must, before collecting the information, obtain the written consent of the individual to the use of the device or camera.

Return to footnote 120 referrer

Footnote 121

This is often interpreted as requiring express consent.

Return to footnote 121 referrer

Footnote 122

Consent to disclosure of personal information may be in prescribed form 3 and consent to use of personal information may be in prescribed form 4, each of which are set out in the Regulations to the Act.

Return to footnote 122 referrer

Footnote 123

Part IV to be proclaimed.

Return to footnote 123 referrer

Footnote 124

This chart cross references the statutory provisions for substitute consent.

Return to footnote 124 referrer

Footnote 125

Part IV to be proclaimed.

Return to footnote 125 referrer

Footnote 126

This chart sets out the notice/information provision requirements under applicable privacy statutes. For statutory cross reference to other elements of consent, refer to the table of concordance for Element #4. For general notice obligations, refer to the accountability and transparency provisions set out in the table of concordance for Element #10.

Return to footnote 126 referrer

Footnote 127

Part IV to be proclaimed.

Return to footnote 127 referrer

Footnote 128

Consent is generally required under privacy legislation for secondary uses and disclosures of personal information for any purpose, including for contacting a prospective research participant, subject to limited statutory exceptions. Reference should accordingly be made to the concordance table for Element #3 for the conditions where personal information may be disclosed for research purposes without consent. The above chart sets out the specific statutory prohibitions on the use or disclosure of personal information to contact individuals in circumstances where the statute otherwise permits/authorizes the use and disclosure of personal information for research purposes without consent.

Return to footnote 128 referrer

Footnote 129

Note that section 37(1)(g) allows a health information custodian to use the name and contact information of an individual for the purpose of seeking the individual's consent.

Return to footnote 129 referrer

Footnote 130

This table sets out the statutory references to general safeguarding obligations. See also the statutory requirements for data-sharing agreements in table of concordance for Element #8, statutory requirements for disposal and destruction in table of concordance for Element #9, and table of concordance for Element #10 regarding the obligation to develop and implement policies and procedures regarding safeguarding of personal information. In addition, see the following table for Element #7 which sets out the statutory requirement to conduct a privacy impact assessment.

Return to footnote 130 referrer

Footnote 131

Note that public bodies/institutions governed by such legislation may be obligated to comply with governmental security policies or guidelines as a matter of administrative practice.

Return to footnote 131 referrer

Footnote 132

No requirements have been prescribed by regulations as at the date of this publication.

Return to footnote 132 referrer

Footnote 133

The following entities are prescribed for the purposes of section 45 of the Act:

Cancer Care Ontario
Canadian Institute of Health Information
Institute for Clinical Evaluation Sciences
Pediatric Oncology Group of Ontario

Return to footnote 133 referrer

Footnote 134

The following are prescribed registries:

Cardiac Care Network of Ontario in respect of its registry of cardiac services.
INSCYTE (Information System for Cytology etc.) Corporation in respect of CytoBase.
London Health Sciences Centre in respect of the Ontario Joint Replacement Registry.
Canadian Stroke Network in respect of the Canadian Stroke Registry.

Return to footnote 134 referrer

Footnote 135

Part IV to be proclaimed.

Return to footnote 135 referrer

Footnote 136

While Canadian privacy legislation may be silent on the requirement to perform privacy impact assessments or risk vulnerability assessments, as a matter of administrative practice, many public sector entities may by required to perform privacy impact assessments in connection with the design and implementation of programs and/or systems involving the collection, use or disclosure of personal information. A list of privacy impact assessment tools developed by Canadian governmental or regulatory authorities is set out at Schedule A.

Return to footnote 136 referrer

Footnote 137

Part IV to be proclaimed.

Return to footnote 137 referrer

Footnote 138

This table cross references provisions dealing specifically with "data matching" or "data linking". Any data linkage/matching activity involving the use and/or disclosure of personal information requires a consideration of other statutory provisions, including the consent requirements for use and disclosure of personal information for research purposes. See table of concordance for Element #3. Public institutions may also need to consider governmental administrative guidelines/policies on data matching/linkage. See, for instance, the policy of the Treasury Board of Canada Secretariat regarding data matching.

Return to footnote 138 referrer

Footnote 139

Reference should be made to table of concordance for Element #7 which sets out safeguarding provisions, including statutory restrictions on access to personal information.

Return to footnote 139 referrer

Footnote 140

The Health Information Act (Alberta) defines "data matching" as "the creation of individually identifying health information by combining individually identifying or non-identifying health information or other information from 2 or more electronic databases, without the consent of the individuals who are the subjects of the information".

Return to footnote 140 referrer

Footnote 141

Part IV to be proclaimed.

Return to footnote 141 referrer

Footnote 142

This table deals with data sharing agreements entered into specifically for research purposes. Privacy statutes may also contain a requirement to enter into written agreements for other purposes.

Return to footnote 142 referrer

Footnote 143

This table sets out the statutory requirements for the general obligation in privacy legislation with respect to retention and destruction of personal information. Note that retention, return and disposal of records may be addressed in the research agreement entered into between the custodian and researcher, as required under applicable privacy legislation. Note also that under the Food and Drug Regulations - Division 5 - C.05.012 (4) records for clinical trials must be retained for 25 years.

Return to footnote 143 referrer

Footnote 144

See statutory requirements regarding the obligation to have written policies and procedures, including for retention and destruction of personal information, in table of concordance for Element # 7.

Return to footnote 144 referrer

Footnote 145

Part IV to be proclaimed.

Return to footnote 145 referrer

Footnote 146

This table cross references statutory provisions regarding the general accountability and transparency requirements set out in privacy legislation. Privacy legislation also provides individuals with a right of access to their personal information, which this table does not address. Also, privacy legislation may provide that the body/organization must inform the relevant regulatory authority before personal information may be used or disclosed for research purposes. Such requirements have been referenced in the table of concordance for Element #3.

Return to footnote 146 referrer

Footnote 147

Note that the privacy practices and procedures of entities prescribed for the purposes of section 45 and 39(1)(c) of the Act, as well as health data institutes, must be approved by the Information and Privacy Commissioner.

Return to footnote 147 referrer

Footnote 148

Part IV to be Proclaimed.

Return to footnote 148 referrer

Footnote 149

This table cross references the statutory provisions to research ethics bodies. Note that while Canadian privacy statutes may be silent with respect to ethics boards or committees, there is a requirement under many public sector statutes for research to be approved by the head or the Minister in charge of the administration of the particular statute. Refer to table of concordance for Element # 3 regarding statutory conditions that research ethics bodies or other approving bodies/persons must consider before allowing the use or disclosure of personal information without consent for research purposes.

Return to footnote 149 referrer

Footnote 150

The following committees and boards are designated as ethics committees by the Health Information Act Designation Regulation:

Alberta Cancer Board - Research Ethics Committee;
College of Physicians and Surgeons of Alberta - Research Ethics Review Committee;
Alberta Heritage Foundation for Medical Research - Community Health Ethics Research Review Committee;
University of Alberta - Health Research Ethics Board;
University of Calgary - Conjoint Health Research Ethics Board;
University of Lethbridge - Human Subject Research Committee.

Return to footnote 150 referrer

Footnote 151

Article 21 of the Quebec Civil Code states that research may be conducted involving minors and incapacitated adults only with the approval and monitoring of an ethics committee. Ethics committees are formed or designated by the Minister of Health and Social Services.

Return to footnote 151 referrer

Footnote 152

Part IV to be Proclaimed.

Return to footnote 152 referrer

Date modified:: 2015-06-16

Language selection

Search and menus

Search

Appendices

CIHR Best Practices for Protecting Privacy in Health Research (September 2005)

A-1 CIHR Privacy Advisory Committee

A-2 Drafting process and consultations in 2004

A-3 Real world case studies and links to the elements

A-4 Diversity of health research and future considerations

A-5 Selected documents and web links

A-6 Glossary

A-7 Tables of concordance with privacy legislation

Schedule A