November 27
EDMONTON – The 2023-2024 Annual Report of the Office of the Information and Privacy Commissioner (OIPC) of Alberta was tabled today by the Speaker of the Alberta Legislative Assembly and has now been published online by the OIPC.
“The 2023-24 year can best be characterized as a year of change and engagement for the office as we worked to tackle the goals set out in our Strategic Business Plan 2024-2027,” said Commissioner Diane McLeod. “We worked to re-design a number of our internal processes to ensure our work is completed in more timely and efficient ways and we have seen some success on these fronts. We also spent considerable time and energy to consult with stakeholders and government in order to formulate recommendations for modernization of all three of Alberta’s access and privacy laws, work which is highlighted in the annual report. These essential efforts to advocate for appropriate modernization of all three laws began in 2022-23 and continued into 2023-24. As new legislation is tabled, passed and implemented, we expect considerable work for our office, including to adapt our processes to the new laws and to educate the public about the changes.”
In addition, the report notes two concerning trends. One is increased reporting of abandoned health records, which are records abandoned by health care providers, including doctors, who have retired, left Alberta or left a practice location for another one, leaving paper and electronic health records of patients unattended. The other alarming trend involves snooping by employees of custodians in health information systems and use of health information for unauthorized purposes.
“Abandoned health records put the health information of Albertans at risk and we are continuing our discussions with Alberta Health to find solutions,” said McLeod. “In regard to snooping and other potential offences under Alberta’s Health Information Act, we believe that a part of the solution would be to empower the Commissioner to issue administrative monetary penalties for serious and significant violations of the legislation.”
The annual report addresses these and other issues in greater detail and describes the work of the office throughout 2023-24. The report is available on the OIPC website here.
Through the OIPC, the Commissioner performs the responsibilities set out in Alberta’s three access to information and privacy laws, the Freedom of Information and Protection of Privacy Act (FOIP Act), the Health Information Act (HIA) and the Personal Information Protection Act (PIPA). The Commissioner operates independently of government.
Source: OIPC