Áù¾ÅÉ«ÌÃ

summer-campus

Access and Privacy Office

The Government of Alberta has updated Alberta’s public-sector access to information and privacy legislation by repealing the Freedom of Information and Protection of Privacy Act (FOIP) and replacing it with two new pieces of legislation. These changes took effect on June 11, 2025. The new legislation separates access to information and privacy into two distinct frameworks:

Compliance with the ATIA and POPA 

For the purposes of both the Access to Information Act, SA 2024, c A-1.4 (ATIA) and the Protection of Privacy Act, SA 2024, c P-28.5 (POPA), the Board of Governors has designated the General Counsel as the "Head" of the Áù¾ÅÉ«ÌÃ. The Head is accountable for all decisions made under both Acts. 

Under the authority of the Head, the day-to-day administration and implementation of the requirements of ATIA and POPA are delegated to the Manager, Access and Privacy. In accordance with the applicable provisions of the legislation, the Head has further delegated specific duties, powers, and functions as outlined in the Áù¾ÅÉ«ÌÃ's Privacy Policy and Delegation of Authority Policy.

What we do

Compliance

The Access and Privacy Office develops and implements effective processes and guidelines to ensure the Áù¾ÅÉ«ÌÃ's compliance with Alberta’s access to information and protection of privacy legislation. 

All collection of personal information for institutional purposes must comply with the Áù¾ÅÉ«ÌÃ’s . All surveys conducted for institutional purposes must comply with the Áù¾ÅÉ«ÌÃ’s . 

Operating Standards, Guidelines & Forms

Advice & Guidance

The Access and Privacy Office provides advice and guidance to administrators and the broader campus community on all matters related to access to information and protection of privacy. 

Contact the Access and Privacy office

Access Requests

Formal access to information requests under the ATIA are processed by the Access and Privacy Office, in accordance with the Áù¾ÅÉ«ÌÃ's Formal Access Request Procedure. The Access and Privacy Office can also advise on informal requests, access to information for research purposes, or the sharing of personal information across the institution.  

Request to Access Information Form

Personal Information

The Access and Privacy Office advises on the proper collection, use, and disclosure of personal information in accordance with POPA, and investigates concerns or complaints related to non-compliance.  

Contact the Access and Privacy office

Privacy Breaches

All privacy breaches must be reported to the Access and Privacy Office in accordance with the Procedure for Responding to a Privacy Breach. An incident report should be submitted within 24 hours of discovering a breach. 

Privacy Breach Incident Report Form

Overview of the ATIA and POPA

Hover over each component below to learn more.

Access to Information Act (ATIA)

Access to Information Act (ATIA)

ATIA governs the public’s right to access records held by public bodies, promoting transparency and accountability. The Head also has the discretion to refuse to disclose certain types of records or information, subject to limited exclusions and exemptions. 

Protection of Privacy Act (POPA)

Protection of Privacy Act (POPA)

POPA governs how public bodies may collect, use, and disclose personal information. Individuals have the right to access their personal information held by the public body and the right to request corrections to that information.

HIA

Health Information Act (HIA)

Physicians who bill Alberta Health Care for the provision of a health service are considered custodians under the HIA and they are personally responsible for managing patient files in accordance with the provisions of the act. However, when a physician operates under the auspices of the University or a University clinic and stores health information on University systems, the University assumes responsibility for creating and maintaining a secure operating environment.

More resources

Can't find what you're looking for or still have questions?

Get in touch