There are two legislative acts that affect the privacy of personal health information in BC.

The Personal Information Protection Act ("PIPA") covers personal information when it is held by a doctor or other private health care provider working in the community. The Freedom of Information and Protection of Privacy Act ("FOIPPA”) applies to health authorities, hospitals, and urgent care clinics, and to providers working within them. Both acts regulate the collection, use, and disclosure of personal information.

Comparing PIPA and FOIPPA:

  • Doctors in private practice who are also providing services to a public health care body will generally be governed by PIPA with respect to the personal information collected, used, and disclosed by the private practice, and by FOIPPA with respect to the personal information they collect, use, and disclose in their capacity as doctors for the public health care body.
  • PIPA applies to private organizations. Examples include private practices, corporations, and independent school authorities.
  • FOIPPA applies to public health care bodies. Examples include hospitals, health authorities, and the Ministry of Health.

Review the following scenarios to see which legislation may apply to you:

Please note the following are general high-level examples. To determine your specific privacy obligations, seek independent legal advice.

Scenario PIPA FOIPPA
You are a doctor who runs your own private practice.  
You are a doctor who works out of a hospital or hospital operated clinic.  
You are a doctor who works for WorkSafe BC.  
You are a doctor who is employed at Doctors of BC.  
You are a doctor who works at a long-term care facility operated by a health authority.  
You are a doctor who works at a privately operated long-term care facility.  
You are a doctor who works in a private practice, but you also work as a specialist out of a hospital.

The BC E-Health Act

In addition to the two acts noted above, there is also the BC E-Health (Personal Health Information Access and Protection of Privacy) Act. It was enacted to provide legislative authority and a privacy framework to protect personal health information contained in designated health information banks (HIBs) of the Ministry of Health or health authorities. Examples of HIBs include CareConnect, PharmaNet, the Provincial Laboratory Information Solution,  Client Registry/Enterprise Master Patient Index, and Provider Registry.

For more detailed information on Health Information Legislation, please review our Privacy Toolkit and Legislative Framework for Privacy in the BC Health Care System.