PRIVACY QUESTIONS WITH
CORRECT ANSWERS!!
What is the purpose of PIPEDA? - ANSWERbalance an individual's right to privacy
and business need to use personal information for commercial reasons
What is personal information? - ANSWERinfo about an identified individual (eg.
contact info, name, financial info, online data etc)
Who does PIPEDA apply to? - ANSWERprivate sector organizations who collect,
use or disclose personal information for commercial reasons & employees
When to keep record of data breach? - ANSWERmust document every breach of
security safeguards (whether risk or not) for at least 2 years
What must the company keep record of? (6) - ANSWER1) date
2) description of the breach
3) what type of information was involved
4) whether the individuals were notified
5) whether the opc was notified
6) detailed assessment of real risk of significant harm
What is Health Information Privacy? - ANSWER- identifying info about an individual
related to healthcare
- protected by PIPEDA, privacy act, and federal laws
- applies to both private and public sectors
What is the Personal Health Information Protection Act? - ANSWER- Ontario
(provincial) act that applied to info that is collected, used, disclosed by health
information of customers
- and help protect ppl/organizations that help deliver healthcare services
What is a data breach? - ANSWERunauthorized access, collection or use of
personal information
Data breach notification rules - ANSWERas of nov 1, 2025 organizations must report
any breach that poses a real risk of significant harm (eg. bodily harm, financial harm,
damage to reputation etc)
Who must the notifications be made to when there is a data breach? - ANSWER1)
Office of privacy commissioner (OPC)
2) Individuals affected by the breach
CORRECT ANSWERS!!
What is the purpose of PIPEDA? - ANSWERbalance an individual's right to privacy
and business need to use personal information for commercial reasons
What is personal information? - ANSWERinfo about an identified individual (eg.
contact info, name, financial info, online data etc)
Who does PIPEDA apply to? - ANSWERprivate sector organizations who collect,
use or disclose personal information for commercial reasons & employees
When to keep record of data breach? - ANSWERmust document every breach of
security safeguards (whether risk or not) for at least 2 years
What must the company keep record of? (6) - ANSWER1) date
2) description of the breach
3) what type of information was involved
4) whether the individuals were notified
5) whether the opc was notified
6) detailed assessment of real risk of significant harm
What is Health Information Privacy? - ANSWER- identifying info about an individual
related to healthcare
- protected by PIPEDA, privacy act, and federal laws
- applies to both private and public sectors
What is the Personal Health Information Protection Act? - ANSWER- Ontario
(provincial) act that applied to info that is collected, used, disclosed by health
information of customers
- and help protect ppl/organizations that help deliver healthcare services
What is a data breach? - ANSWERunauthorized access, collection or use of
personal information
Data breach notification rules - ANSWERas of nov 1, 2025 organizations must report
any breach that poses a real risk of significant harm (eg. bodily harm, financial harm,
damage to reputation etc)
Who must the notifications be made to when there is a data breach? - ANSWER1)
Office of privacy commissioner (OPC)
2) Individuals affected by the breach
