Skip to content

Notifications

Government mail service may be affected by the Canada Post labour disruption. Learn about how critical government mail will be handled.

AI search tool

Try our new Search AI tool as an alternative to the search below to improve your experience on Alberta.ca using artificial intelligence. See the AISearch fact sheet for more information.

Popular topics:

Alberta.ca Account
Part of Protection of Privacy Act

Report a privacy incident (public bodies)

Public bodies must protect personal information under their control from unauthorized access, use, collection, disclosure or destruction.

Explore pages in:
Protection of Privacy Act

Overview

Public bodies must manage and protect personal information in their custody or under their control.

A public body has 'custody' of a record or information when it is in the physical possession of the public body.

A record or information is under the 'control' of a public body when the public body has the authority to manage it, including restricting, regulating and administering its use, disclosure or disposition.

A privacy incident occurs when there is unauthorized access, collection, use, disclosure, destruction or loss of personal information held by a public body.

Report a privacy incident

Where there exists a real risk of significant harm to an individual because of the privacy incident, POPA requires a public body to give notice of the incident in writing to:

  • the impacted individual(s)
  • Information and Privacy Commissioner (report a privacy breach)
  • the Minister responsible for this Act (the Minister of Technology and Innovation)

Submit a privacy incident to the Minister of Technology and Innovation

Previous Privacy management
Next Submitting a privacy complaint