New Online Training Available

Privacy and your business: An introduction to the Personal Information Protection Act (PIPA)

This course is a self-managed awareness training opportunity. It is intended to provide organizations and individuals a basic overview of the concepts of information access and privacy in relation in Alberta’s privacy legislation. A certificate of completion will be produced upon completion of all lessons and final quiz.

The Personal Information Protection Act (PIPA) is Alberta’s private sector privacy law.

Applying to provincially regulated private sector organizations, businesses and, in some instances, to non-profit organizations for the protection of personal information and to provide an individual their right to access personal information under the control of the organization.

For public bodies, such as government departments and municipalities, please see the Freedom of Information and Protection (FOIP) of Privacy Training Course in the course option menu.


This course will equip you with an understanding of the the following:

  • The Role of the Office of the Information and Privacy Commissioner (OIPC).
  • Overview of PIPA (and its regulations) and who is applies to.
  • Why (protecting) Privacy is important.
  • Why (right to) Access is important.
  • Mandatory Privacy Breach Reporting and How to do it!
  • What Albertans/Canadians think about Privacy.
  • How PIPA relates to Collecting Personal Information.
  • How PIPA relates to Using Personal Information.
  • How PIPA related to Disclosing Personal Information.
  • Employees (records) and PIPA.
  • Quick Overview of FOIP (As it relates to PIPA)

Course Information

Estimated Time: 3 Hours

Difficulty: Beginner

Course Instructor

Shannyn Rus
Shannyn Rus, Author


Shannyn's strong academic background and passion for strategic information management systems make her a highly capable advisor for those seeking to integrate legislation compliance with real-world experience and management. Shannyn is a skilled advocate and educator of Canada's Access and Privacy Legislation. In addition to her Human Services degree, Professional Investigators and IAPP Certificates, she is certified with the Canadian Institute of Access and Privacy Professionals at Professional (CIAPP-P) Status. Shannyn is a frequent conference speaker and leads thought-provoking training sessions for public, health, and private sectors in communities across Alberta.

Course Enrollment



Privacy legislation in Alberta seeks to find balance between the right to privacy and the right to access information.

It is important to know and understand which legislation applies to your business or organization.

Alberta boasts three access and privacy acts. Applying to private sector organization, is the Personal Information Protection Act (PIPA). The Health Information Act (HIA) is specific to the collection use and disclosure of health information, while the Freedom of Information and protection of Privacy Act (FOIP) applies to public bodies.

Alberta has implemented mandatory breach reporting under the Personal Information Protection Act (PIPA) and as of August 31, 2018, mandatory privacy breach reporting under the Health Information Act (HIA) as well. This means there is a expectation that any organization falling under these legislations, have a duty to advise the Office of the Information and Privacy Commissioner (OIPC) and the individual whose information has been compromised.

For this reason, privacy training is an essential component to a compliance program within an organization. Privacy training for employees can help avoid errors, by educating staff on handling personal information according to their obligations and responsibilities.

TOPICS INCLUDE (not limited to)

  • Administering records under Alberta’s Access and Privacy Legislation Personal Information Protection Act (PIPA)
  • Access and Privacy 101 for Small Businesses
  • It’s Okay to Talk about Privacy Breaches
  • Building a Culture that Respects Privacy
  • Data Breach Response Plans
  • Clarity of Roles
  • Privacy Breach Notification Communication Plans
  • Health Information Act **New** Mandatory Reporting Requirements

Privacy training services are unique and tailored to your specific needs to minimize your privacy and security related risks.