Michael Powers writes:
A brief survey of the Canadian landscape would reveal that Ontario requires breach notification under the Personal Health Information and Protection Act for custodians of personal health information; upon full proclamation, Newfoundland will require breach notification under its Personal Health Information Act; Nova Scotia’s new legislation on personal health information (to be reintroduced) will as well. (Interestingly New Brunswick has not dealt with the subject in its new (2009) Personal Health Information Privacy and Access Act); Alberta has recently amended its Personal Information Protection Act to require breach notification, and the federal government’s response to the 2007 review of the Personal Information Protection and Electronic Documents Act indicates that Act will be amended to require breach notification. There is no definitive date yet but rumour has it that this may occur in 2010. It is understood that the Uniform Law Conference of Canada will develop a uniform breach notification statute and the topic is slated for discussion later this year.
Read more on MichaelPower.ca