Chapter 1 - Introduction to FIPPA

Emergence of Access and Privacy Legislation

Access and privacy legislation emerged in industrialized nations during the last 30 years as a result of the maturing of democratic government, the recognition of individual rights, and, most recently, the rapid development of telecommunications and information technology. While the approaches in Europe and North America have differed somewhat, there appears to be a growing move to statutory and practical harmonization because of the global economy and its need for transborder electronic data sharing.

While Sweden is usually credited as the country with the oldest access rights to records of government, Europe has generally placed more importance on the protection of personal information or, as it is called there, data protection. The German state of Hesse was the first jurisdiction to enact such legislation with its Data Protection Act of 1970. By 1976, data protection legislation covering both public and private sectors was widespread in Europe and the Council of Europe moved to develop its Convention for the Protection of Personal Information. This was followed in 1995 by the European Union's Directive on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of such Data which, when brought into force, will restrict transfers of personal information to countries with adequate protection measures in both the public and private sectors.

In North America, there has been greater emphasis on establishing the public's right to access information held by governments and other public bodies. The United States adopted its first Freedom of Information Act in 1966, followed in 1974 by its Privacy Act which provided an early articulation of fair information practices. In Canada, privacy legislation was introduced at the federal level originally as part of the Canadian Human Rights Act of 1977. While it built upon many of the principles and concepts in the American legislation, the Canadian initiative was notable for creating a watchdog and spokesman for personal information privacy.

Concerned about the possible impact on international trade of Europe's increasing regulation of personal information and the public's growing uneasiness about computer data storage, matching and manipulation capabilities, the Organization for Economic Co-operation and Development developed the landmark Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (1980). Building on the fair information practices first articulated in the United States, these international privacy standards were designed to apply to both the public and private sectors. Canada, having participated in the development of these Guidelines and becoming a signatory to them in 1984, adopted the Privacy Act and Access to Information Act in 1982. Together, these two statutes provided a full scheme of personal information protection and access rights to general government information in the federal sphere.

Starting with Québec in 1982, all Canadian provinces and territories now have public sector access to information and personal information protection legislation (Newfoundland and Labrador's Access to Information and Protection of Privacy Act was passed in 2002 but has not yet been proclaimed).   New Brunswick has followed the federal approach - it has a Right to Information Act and a separate Protection of Personal Information Act.  The other jurisdictions have combined access rights and personal information protection in one statute.  All Canadian jurisdictions have followed the fair information practices model in their protection of personal information legislation.

The advancement of electronic communications, particularly e-commerce, underscored the need to extend protection to the private sector.  The Canadian Standards Association and several commercial sectors, including banking, insurance, and direct marketing, have developed voluntary codes based on the principles of fair information practices. Faced with a proliferation of voluntary schemes and the need to ensure consistency, the Canadian government enacted the Personal Information Protection and Electronics Documents Act (Canada) in 2000.  Part 1 of this Act contains provisions respecting protection of personal information used by private sector organizations in the course of carrying on commercial activities.  As of January 2001, this federal Act applied to private sector organizations carrying on a federal work, undertaking or business or that disclosed personal information for consideration outside a province.  The Act provides that, as of January 2004, it will extend to all private sector organizations that collect, use or disclose personal information in the course of carrying out a commercial activity and to all private sector disclosures of personal information outside a province.  Other Canadian jurisdictions (for example, Alberta, British Columbia and Ontariol) are looking at their own private sector privacy legislation.

Principles of Access and Privacy Legislation

Access and privacy legislation is based on two fundamental rights of people in contemporary democratic society:

• the right to access information held by governments and other public bodies, including information about oneself, subject only to certain specified exceptions;

• the right to privacy for personal information collected, stored, used and disclosed by public bodies.

To ensure that these rights are respected, this form of legislation provides an avenue of independent review and redress. In some jurisdictions, the review officer has the power to issue orders binding the public bodies (for example, Alberta and British Columbia); in other instances, the review officer makes recommendations with final decisions respecting certain access matters being given by the courts (for example, Canada and Manitoba).

The access right is based on the principles of the accountability of governments and other public institutions to citizens and the desirability of having better informed members of society. The exceptions to access derive from recognition that certain types of decision making and transactions must be conducted in confidence. The practice of severance, which involves removing information that falls within an exception to disclosure from a copy of the document to be released, provides a means of disclosing as much information as possible while maintaining necessary confidentiality.

The right to privacy for personal information is based on principles of fair information practices. While these practices have been presented in various ways in different countries and organizations, they include the following minimum standards:

• collection
  Organizations must collect personal information from the individual concerned, except in specified circumstances, and collect only what is required.

• use
  Personal information collected for one purpose cannot be used for another purpose, without the consent of the individual.

• disclosure
  Personal information cannot be released to another organization or individual, except in specified circumstances.

• information management
  Records and data management procedures must be followed to ensure that personal information is secure and not retained any longer than necessary.

• individual access
  An individual must be able to access his or her own personal information and to correct or annotate this information.

• openness
  Documentation about information management policies and practices, as well as about personal information holdings, should be available to the public and easily understandable.

• accountability
  Organizations are accountable for their personal information policies, practices and holdings. They shall designate an individual who is responsible for the organization's compliance with fair information practices.

• independent review
  There should be an avenue of independent review for individuals concerned about the personal information policies, practices or holdings of an organization.

Manitoba's Freedom of Information Act

Manitoba has had access to government information legislation since The Freedom of Information Act was proclaimed in 1988. That Act provided for access to records held by the Manitoba Government and Crown agencies, subject to certain exemptions, with the Office of the Ombudsman and the Court of Queen's Bench serving as the review and final decision-making mechanisms. It provided limited protection for personal information by treating third party personal information as an exemption to access. However, it lacked a full scheme of protection for all personal information collected, stored, used and disclosed by the government, which is clearly necessary in the electronic information age. Moreover, the access and privacy rights in that Act were limited to records held by the Manitoba Government and Crown agencies and did not apply to other public bodies in the province.

Development and Enactment of FIPPA

The Freedom of Information and Protection of Privacy Act (FIPPA) was drafted after a public consultation process and extensive research on similar legislation in other Canadian jurisdictions and other countries. A Discussion Paper titled Access to information and Privacy Protection for Manitoba was distributed in May 1996, to which the public was invited to respond. Numerous individuals, organizations and government departments made oral and written submissions concerning new access and privacy legislation.

The draft legislation was introduced in the Manitoba Legislature on June 4, 1997 by the Minister of Culture, Heritage and Citizenship and passed on June 27, 1997. It was proclaimed in effect with respect to Manitoba government departments and government agencies on May 4, 1998 and for the City of Winnipeg on August 31, 1998. FIPPA was extended to local public bodies on April 3, 2000.

Purposes of FIPPA
[Section 2]

The purposes of FIPPA are set out in section 2 of the Act.

Public Bodies Under FIPPA
[Section 1]

FIPPA applies to Manitoba public bodies.

Departments, Ministers' Offices and Executive Council Office

As in other jurisdictions, FIPPA applies to the executive branch of the Manitoba government. The executive branch includes the departments of the Government of Manitoba, the offices of ministers of the Government and the Executive Council Office 2.

A department is "a department, branch or office of the executive government of the province" [section 1] 3. All Manitoba government departments, and their branches and offices, are covered by FIPPA. For example, special operating agencies, established under The Special Operating Agencies Financing Authority Act, are branches or offices of a department and fall under FIPPA.

"Minister" means a member of Cabinet appointed under The Executive Government Organization Act 4.

"Executive Council Office" means the executive council of the province (commonly called the "Cabinet"), established under The Executive Government Organization Act.

Government Agencies

FIPPA also applies to Manitoba government agencies, as defined in section 1 of the Act.

Clause (a) of the definition "government agency" is essentially the same as the definition "Crown agency" in the 1985 Freedom of Information Act. Those boards, commissions, agencies or other bodies whose members or whose board members are all appointed by a Manitoba statute or by order of the Lieutenant Governor in Council fall under the Act. Examples include Manitoba Hydro, Manitoba public Insurance Corporation, the Municipal Board, etc.

Under clause (b), FIPPA has been extended to apply to the additional government agencies identified in Schedule B to the Access and Privacy Regulation.

Local Public Bodies

FIPPA was extended to local public bodies such as municipalities, school divisions and regional health authorities on April 3, 2000 by proclamation of the Lieutenant Governor in Council. The 1985 Freedom of Information Act did not apply to local public bodies.

Local public body is defined in section 1 of FIPPA and means an educational body, health care body and local government body.

Legislative Assembly and Courts Not Under FIPPA

FIPPA does not apply to the legislative or judicial branches of the government. These bodies have their own legislation and rules respecting access to records and protection of privacy.

Specifically, the definition "public body" in section 1 of the Act does not include the following offices or bodies, and FIPPA does not apply to:

Records That Fall Under FIPPA
[Section 4; Defintition of "Record" in Section 1]

Section 4 of FIPPA states that the Act applies to "all records in the custody or under the control of a public body" except those records described in clauses 4(a) to 4(k).

Definition of "Record"

"Record" is given a broad definition by the opening words in section 1 of the Act; a record is "a record of information in any form". The definition also includes examples of records but these examples are not exhaustive as the word "including" is used.

A "record" for the purposes of FIPPA includes a copy of a record, a draft and other working materials, information recorded or stored by electronic means and any other "record of information in any form" in the custody or under the control of a public body.

In looking at a similar definition of "record" in the 1985 Freedom of Information Act, the Court of Queen's Bench, in Marchand v. Minister of Government Services of Manitoba, considered the following notes and found them to be a "record" for the purposes of the Act:6

Custody or Control of a Record

FIPPA applies to all records "in the custody or under the control of" a public body, except those records described in clauses 4(a) to 4(k).

For a record to fall under the Act, a public body need only have either "custody" or "control" of the record. In determining whether a public body has "custody" or "control" of a record, it is necessary to consider all aspects of the creation, maintenance or use of the record.7

In most cases, the term "custody" for the purposes of FIPPA means having physical possession of a record. Only in rare cases could it be successfully argued that a public body does not have "custody" of a record in its actual possession 8

The term "control" usually means the power or authority to make decisions respecting the use or disclosure of a record. Ordinarily, records that are stored on behalf of a public body by another party in an off-site records centre or that have been transferred for permanent preservation to an archival repository are under the control of the public body.

FIPPA applies to all correspondence, reports and other documents and recorded information received by the public body from an outside organization or individual, as well as to those generated by the staff and officials of the public body in the course of their duties.

FIPPA applies to records created or obtained before the Act comes into effect, as well as to records created or obtained after the Act comes into effect.

Records That Do Not Fall Under FIPPA
[Clauses 4(a) to (k); Statutes Which Provide FIPPA Does Not Apply]

Records Excluded Under Clauses 4(a) to 4(k)

FIPPA does not apply to a limited number of records specified in clauses 4(a) to 4(k) of the Act, even if these records are in the custody or under the control of a public body.

Clause 4(a) - Court records

FIPPA does not apply to:

• "information in a court record;

• a record of a judge, master, magistrate or justice of the peace;

• a judicial administration record; or

• a record relating to support services provided to a judge or judicial officer of a court".

A "judicial administration record" is one type of court record excluded from FIPPA by clause 4(a); this phrase is defined in section 1 of FIPPA as meaning:

The courts are excluded from the scope of FIPPA 9; similarly, the records of the courts, even when in the hands of a public body, are excluded from the Act.

Clause 4(b) - Notes, etc. of persons acting in a judicial or quasi-judicial capacity

FIPPA does not apply to "a note made by or for, or a communication or draft decision of, a person who is acting in a judicial or quasi-judicial capacity".

A person is acting in a quasi-judicial capacity if he or she is carrying out a function that is partly administrative and partly judicial, and is required to investigate facts or ascertain the existence of facts, hold hearings, weigh evidence and draw conclusions as a basis for official actions, and to exercise discretion of a judicial nature.10 A person acting in a quasi-judicial capacity is generally under a duty to act in accordance with the rules of natural justice.

Clause 4(c) - MLA records

FIPPA does not apply to "a record of a Member of the Legislative Assembly who is not a minister".

Clause 4(d) - Minister's personal or constituency records

FIPPA does not apply to "a personal or constituency record of a minister". However, the records of a minister relating to his or her functions as a government minister do fall under FIPPA.

Clause 4(e) - Records made by or for an Officer of the Legislative Assembly

FIPPA does not apply to "a record made by or for an officer of the Legislative Assembly". "Officer of the Legislative Assembly" is defined in section 1 of the Act to mean "the Speaker of the Legislative Assembly, the Clerk of the Legislative Assembly, the Chief Electoral Officer, Ombudsman, the Children's Advocate, the Auditor General, and the commissioner appointed under The Legislative Assembly and Executive Council Conflict of Interest Act".

Clause 4(f) - Constituency records of elected officials of a local public body

FIPPA does not apply to "a record made by or for an elected official of a local public body relating to constituency matters".

Clause 4(g) - Teaching materials or research information

FIPPA does not apply to "teaching materials or research information of an employee of an educational institution". The phrase "educational institution" is not defined in the Act; it includes a school, community college, university, college, etc. The Manitoba School for the Deaf is an example of an "educational institution".

Clause 4(h) - Question to be used on an examination or test

FIPPA does not apply to "a question that is to be used on an examination or test".

This exclusion applies to questions to be used now or in the future on an examination or test. The exclusion applies, but is not limited, to questions to be used on examinations or tests given by educational institutions. For example, questions on a driver's licence test and on a government job competition test would also be excluded from FIPPA if the questions are currently being used or will be used in the future.

Clause 4(i) - Records relating to an ongoing prosecution or inquest

FIPPA does not apply to "a record relating to a prosecution or an inquest under The Fatality Inquiries Act if all proceedings concerning the prosecution or inquest have not been completed".

Once all proceedings have been completed records relating to a prosecution or an inquest are subject to FIPPA. A prosecution is completed once the trial is finished, a decision has been made and all appeal periods have expired.

Clause 4(j) - Archival records obtained from a person other than a public body

FIPPA does not apply to "records acquired by the Archives of Manitoba or the archives of a public body from a person or entity other than a public body".

Clause 4(k) - Record originating from a credit union

FIPPA does not apply to "a record originating from a credit union that is in the custody or under the control of the Credit Union Deposit Guarantee Corporation under The Credit Unions and Caisses Populaires Act". Only a record "originating from" a credit union is excluded from the Act. The other records of the Credit Union Deposit Guarantee Corporation fall under FIPPA.

Records Excluded by Other Legislation

A statute or regulation can specifically provide that FIPPA does not apply to certain records. The following statutes, passed or amended at the time FIPPA was passed, contain specific rules respecting access to and confidentiality of certain records and provide that these specific rules prevail over the more general provisions of FIPPA:

• The Personal Health Information Act
• The Adoption Act
• The Child and Family Services Act
• The Securities Act
• The Statistics Act
• The Vital Statistics Act
• The Workers' Compensation Act.

The provisions of The Mental Health Act respecting access to and disclosure of clinical records compiled in a psychiatric facility also prevail over the more general provisions of FIPPA.

In addition to these Manitoba statutes, there are some federal statutes which affect provincial records keeping, access to information and personal information protection. For example, records relating to young offenders held by the courts, police, government departments and social agencies are dealt with under the Youth Criminal Justice Act (Canada) (which replaced the Young Offenders Act in 2003), not under FIPPA.

These statutes are discussed in more detail later in this Chapter under the heading "Relationship of FIPPA to Other Legislation".

Procedures Not Affected by FIPPA
[Section 3 - Scope]

Clause 3(a) - Records normally available to the public

Public bodies have always provided public access to certain information and records in their custody. FIPPA does not replace existing procedures for gaining access to information or records which are normally available to the public. Nor does it affect any fees that may be charged for such access.

Not all requests for information or records need to be made under FIPPA. The Act should not be applied to preclude or reduce access to information (other than personal information) which is available by custom or practice. However, public bodies should review their routine channels for releasing information to ensure that personal information is protected.

Section 76 of FIPPA provides that the head of a public body may specify records or categories of records that are available to members of the public without making a formal application under FIPPA. A fee may be charged for a copy of these records.

Where records held by a public body are not available by any other means, the Act provides members of the public with a right of access to those records, subject to limited exceptions.

Clause 3(b) - Transfer, storage or destruction of records

FIPPA does not prohibit the transfer, storage or destruction of records by a public body, provided it is done in accordance with:

For Manitoba government departments and most government agencies, transfer, storage and destruction of records is governed by The Archives and Recordkeeping Act (which replaced The Legislative Library Act on February 15, 2003) and the records schedules under that Act.

In some circumstances, destruction of records by a department or government agency is governed by a statute of Canada - for example, the Youth Criminal Justice Act (Canada).

It is an offence under clause 85(1)(d) of FIPPA to wilfully destroy a record or erase information in a record that is subject to FIPPA with the intent to evade a request for access to records. A person found guilty of such an offence by a court is liable to a fine of up to $50,000.00.

Clause 3(c) - Information available to parties to legal proceedings

FIPPA does not limit the information and records otherwise available by law to a party to legal proceedings.

"Legal proceedings" include all proceedings authorized or sanctioned by law, and brought or instituted in a court or legal tribunal, for the acquiring of a right or the enforcement of a remedy.11 Civil court actions, a prosecution in a criminal court and proceedings before a quasi-judicial tribunal such as the Labour Board are examples of "legal proceedings".

Where a public body is required to produce records by the rules of court or the rules of a quasi-judicial tribunal, the exceptions to access in FIPPA and the provisions restricting disclosure of personal information do not apply.

Clause 3(d) - Powers of a court or tribunal

FIPPA does not affect the power of a court or tribunal to compel a witness to testify or to compel production of documents.

Where a public body is required to produce documents by a subpoena, search warrant or other order of production, the exceptions to access in FIPPA and the provisions restricting disclosure of personal information do not apply.

Key Definitions
[Section 1: Law Enforcment; Personal Information; Personal Health Information; Third Party]

Certain terms are defined in section 1 of The Freedom of information and Protection of Privacy Act, and are identified in bold type throughout this Manual. Some definitions are also included in the Access and Privacy Regulation made under the Act. The following is a discussion of the definitions "law enforcement", "personal information", "personal health information" and "third party".

The definition "record" was discussed earlier in this Chapter under the heading "Records That Fall Under FIPPA".

Law Enforcement

"Any Action Taken for the Purpose of Enforcing An Enactment"

Law enforcement means "any action for the purpose of enforcing an enactment".

"Enactment" means an Act or regulation [section 1]. An "Act" is a statute passed by the Legislative Assembly of a province or by the Parliament of Canada. A "regulation" is a law made under the authority of a statute by the Lieutenant Governor in Council (in the case of a province), the Governor General in Council (in the case of Canada), a minister, etc.

"Enforcement of an enactment" means compelling the observance of a statute or regulation.12

Law enforcement means activities undertaken by a public body to enforce compliance with standards, duties and responsibilities set out in a statute or regulation. The activities described in clauses (a), (b) and (c) of the definition are examples of "law enforcement". The examples are not exhaustive, as the word "including" is used.

Clause (a) - Policing

"Policing" covers the activities of police forces and related activities of the Manitoba Department of Justice, such as the investigation and prosecution of offences, prevention of crime, maintenance of law and order, security and protective services and related collection of intelligence, research and analysis.

Clause (b) - Investigations or inspections that lead or could lead to a penalty or sanction being imposed, or that are otherwise conducted for the purpose of enforcing an enactment

"Investigation" means a systematic inquiry or search.13

"Inspection" means to look closely at or into, or to examine.14

"Penalty" involves the idea of punishment.15 A "sanction" is a punishment or penalty used to enforce obedience to a law.16 Penalties and sanctions are imposed for a violation of a statute or regulation, and include the imposition of imprisonment or a fine, the revocation of a licence or the issuance of an order requiring a person to cease an activity.

"Lead or could lead" indicates that an investigation or inspection is law enforcement if a penalty or sanction is possible, even if it is not ultimately imposed.

An investigation or inspection that would not lead to a penalty or sanction is law enforcement if it is "conducted for the purpose of enforcing" a statute or a regulation. For example, an investigation of a complaint under the Manitoba Human Rights Code is law enforcement, even where no penalties or sanctions will result.

Clause (c) - Proceedings that lead or could lead to a penalty or sanction being imposed, or that are otherwise conducted for the purpose of enforcing an enactment

This clause refers to the conduct of proceedings before a court or a quasi-judicial board or tribunal.

A quasi-judicial board or tribunal is a board or tribunal that carries out a function that is partly administrative and partly judicial, and that is required to investigate facts or ascertain the existence of facts, hold hearings, weigh evidence and draw conclusions as a basis for official actions, and to exercise discretion of a judicial nature. A quasi-judicial board or tribunal is generally under a duty to act in accordance with the rules of natural justice.17

Proceedings before a court or tribunal are law enforcement as long as they are could lead to the imposition of a "penalty" or "sanction" (imprisonment, fine, revocation of a licence, an order requiring a person to cease an activity) or are "conducted for the purpose of enforcing an enactment".

Personal Information

In Part 2 of FIPPA, the following exceptions to access deal with personal information: section 17 (Privacy of a third party); section 24 (Disclosure harmful to individual or public safety); section 30 (Confidential evaluation about the applicant); sections 33 & 34 (Third party intervention). The rules in Part 3 of FIPPA (Protection of Privacy) respecting collection, correction, protection, use and disclosure apply to personal information.

Clauses (a) to (n) of the definition "personal information" list examples of personal information. This list is not exhaustive, as the word "including" is used; clauses (a) to (n) do not set out the only information which is "personal information".

"Recorded Information About an Identifiable Individual"

The key portion of the definition personal information is the introductory wording:

Three requirements must be met for information to be personal information:

Clauses (a) to (n) of the Definition

Clauses (a) to (n) of the definition personal information list examples of personal information; the list does not exhaust the meaning of personal information as the word "including" is used. information which does not fall within these clauses will be personal information as long as it is "recorded information about an identifiable individual". 23

Most of the examples of personal information in clauses (a) to (n) of the definition are self-explanatory and this type of information will be easy to identify.

Clause (a) - Individual's name

While an individual's name is personal information, the name and title of a person writing to a public body in an official capacity on behalf of a corporation or an organization would not be personal information.24

Clause (b) - Home address or telephone

An individual's home address, telephone, facsimile or E-Mail number is personal information. A business address, telephone, facsimile or E-Mail number is not personal information.

Clause (d) - Ancestry, race, colour, nationality or national or ethnic origin

"Ancestry" means one's family descent.25 "Race" means each of the major divisions of humankind, having distinct physical characteristics; a group of persons connected by common descent. 26 "Nationality" means the status of belonging to a particular nation.27

"Ethnic origin" refers to a common national or cultural tradition. 28 These terms are also used in the Manitoba Human Rights Code.

Clause (f) - Personal health information

See the discussion of the definition "personal health information", which follows.

Clause (i) - Education, employment or occupation

"Education" and "educational history" refer to information respecting an individual's schooling and formal training, past and present, including names of educational institutions attended, courses taken and results achieved.

"Employment" and "employment history" refer to information respecting an individual's work record, past and present, including the names of employers, length of employment, employment duties, salary, evaluations of job performance, reasons for leaving employment, etc.

"Occupation" and "occupational history" refer to information respecting an individual's profession, business or calling, past and present, and can include how an individual spends his or her time.

Clause (j) - Source of income, financial circumstances, activities or history

"Income" means money or other assets received.29 "Financial circumstances" refers to the monetary resources of an individual.30 "Financial history" refers to any past information about an individual's monetary activities.

Clause (k) - Criminal history, including regulatory offences

"Criminal history" includes an individual's convictions under criminal laws such as the Criminal Code (Canada) and findings of guilt under the Youth Criminal Justice Act (Canada) or the former Young Offenders Act (Canada).

"Regulatory offences" are offences under other federal statutes or regulations (for example, the Immigration and Refugee Protection Act (Canada), under provincial statutes or regulations (for example, The Highway Traffic Act of Manitoba) or under municipal by-laws.

Clauses (l) and (m) - Personal views or opinions

The personal views or opinions of an individual are that individual's personal information, unless the views or opinions are about someone else.

Views or opinions expressed by a person about another individual are the personal information of the individual they are about.

Clause (n) - Identifying number, symbol, etc.

Examples of identifying numbers or symbols are an individual's Social Insurance Number, driver's licence number, etc. An individual's Personal Health Identification Number (PHIN) is personal health information.

Personal Health Information

Personal health information is a type of personal information. The definition personal health information is the same in FIPPA as in The Personal Health Information Act.

There are four key elements to the definition personal health information:

Personal health information includes information respecting an individual's past or present physical, mental or emotional state of health, past or current health care, payments made by or on behalf of the individual respecting health care, etc. It also includes identifying information (such as name, address, birth date, etc.) when this information is collected in the course of providing, and is incidental to, health care or payment for health care.

An individual's PHIN is personal health information. "PHIN" is defined in The Personal Health Information Act as meaning:

Third Party

"Person", when used in a Manitoba statute or regulation, means a natural person (a human being or an individual) and also includes "a corporation and the heirs, executors, administrators or other legal representatives of a person".31

An "organization" is an organized body, especially a business, charity, etc.32 For example, a trade union is an organization.

"Applicant" means a person who makes a request for access under Part 2 of FIPPA [section 1].

For the purposes of a request for access under Part 2 of FIPPA, a third party is a person, group or organization who is not the applicant requesting access and is not a public body.

The phrase third party is particularly important in the following provisions respecting exceptions to disclosure in Part 2 of the Act (Access to Information):

Relationship of FIPPA to Other Legislation
[Section 5]

 Subsection 5(1) of FIPPA was repealed n May 4, 2001.   Thus, the provisions in FIPPA respecting access to records and protection of personal information now prevail over the provisions in any other Manitoba statute or regulation, unless that other statute or regulation specifically provides to the contrary. The following is a brief discussion of those statutes which "expressly provide" that they prevail over FIPPA.

The Personal Health Information Act (CCSM c. P33.5)

The Personal Health Information Act is companion legislation to FIPPA. It was passed at the same time as FIPPA and proclaimed in effect on December 11, 1997. It incorporates many of the same principles and procedures as FIPPA, but deals exclusively with personal health information.

Personal Health Information 33

Personal health information is recorded information about an identifiable individual's health, health care history or the provision of or payment for health care to the individual, and includes the individual's PHIN (personal health identification number) and any identifying information about the individual that is collected in the course of, and is incidental to, providing health care to the individual or making payments for health care provided to him or her.

The Personal Health Information Act does not apply to anonymous or statistical health information.

The provisions of The Mental Health Act prevail over the provisions of The Personal Health Information Act.

Trustees under the Act

The Personal Health Information Act applies to "trustees" who maintain (have custody or control of) personal health information. "Trustees" under The Personal Health Information Act are:

Requests for access to personal health information

An individual requesting access to his or her own personal health information must do so under Part 2 of The Personal Health Information Act, not under FIPPA, even where the trustee maintaining the personal health information is a public body.34

Where a public body is authorized to disclose the requested personal health information under Part 3 of The Personal Health Information Act or where the request is made by a person authorized to act on behalf of the individual the personal health information is about under section 60 of The Personal Health Information Act, the public body should deal with the request under Part 3 of The Personal Health Information Act.  Other requests to a public body for access to personal health information about someone else should be dealt with under Part 2 of FIPPA (and access will usually be refused as disclosure of personal health information about someone else is deemed to be an unreasonable invasion of privacy).

Part 2 of The Personal Health Information Act sets out an individual's right to examine or receive a copy of his or her personal health information. Unlike FIPPA, a request for access under The Personal Health Information Act does not have to be in a prescribed form, although a trustee may require a written request. The trustee maintaining the personal health information is required to assist the applicant and to respond to the request for access promptly, and no later than 30 days after receiving the request. Unlike FIPPA, this 30-day time period for responding cannot be extended. The grounds for refusing an individual access to his or her own personal health information are those set out in section 11 of The personal health information Act.

An individual may also request a correction of his or her personal health information under Part 2 of The Personal Health Information Act. If the trustee refuses to correct personal health information, a statement of disagreement must be added to the record.

Protection of personal health information

Part 3 of The Personal Health Information Act sets out the rules respecting collection, protection, use and disclosure of personal health information by trustees, including public bodies. Part 3 of FIPPA does not apply to personal health information to which the Personal Health Information Act applies.35

Part 3 of The Personal Health Information Act also restricts the sale of personal health information by a trustee, regulates personal health information in the hands of information managers and governs the disclosure of personal health information for health research projects. It includes a requirement that a health research projects involving personal health information be approved by the Health Information Privacy Committee established by the Minister of Health, in the case of a request to the government or a government agency, or by an institutional research review committee, in the case of a request to other trustees.

Part 3 of The Personal Health Information Act restricts the collection and use of the PHIN (the personal health identification number) by any person (not just trustees). No person, other than a trustee, may require the production of another person's PHIN or collect or use another person's PHIN unless it is

Review, monitoring and complaints

The Ombudsman has the same role respecting complaint resolution, investigation and audit, and public commentary under The Personal Health Information Act as under FIPPA. In handling complaints respecting access or the unauthorized collection, use or disclosure of personal health information, the Ombudsman can make recommendations but not orders. The Personal Health Information Act also provides that a complaint by an individual who has been refused access to his or her own personal health information can be appealed to the Manitoba Court of Queen's Bench and to the Manitoba Court of Appeal (with that court's permission).

Offences and penalties

Offences under The Personal Health Information Act include collecting, using, selling or disclosing personal health information contrary to that Act, and the court can impose a fine of up to $50,000 for such offences.

Relationship with other Acts

Section 4 of The Personal Health Information Act provides that:

The Adoption Act (CCSM c.A2)

Part 4 of The Adoption Act contains provisions prohibiting disclosure of identifying information about persons involved in an adoption proceeding in court and limiting access to court records respecting an order of adoption. Part 4 also contains provisions prohibiting disclosure of records relating to the granting of an order of adoption that are in the custody or under the control of the Director of Child and Family Services, a child and family services agency or an adoption agency, except in very limited circumstances. The post-adoption registry is established under Part 4, which sets out the rules respecting who can have access to information in this registry and under what circumstances. Section 99 of The Adoption Act provides that the provisions of Part 4 of The Adoption Act prevail over the provisions of the 1985 Freedom of Information Act and any Act that replaces it (that is, FIPPA).

The Child and Family Services Act (CCSM c.C80)

Part VI of The Child and Family Services Act contains access and confidentiality provisions which govern disclosure of records "made under" that Act. Section 86.1 of The Child and Family Services Act provides that its provisions prevail over the provisions of FIPPA where there is an inconsistency or conflict.36

In general, the provisions of The Child and Family Services Act respecting access and confidentiality will apply to records "made under" that Act, such as records generated by the Department of Family Services or a child caring agency in the course of providing child protection and other services under the Act. FIPPA will generally apply to other records of the department or the child caring agency including general administrative records, personnel records, general policy and program development records.

The Mental Health Act (CCSM c.M110)

The Mental Health Act contains provisions respecting a patient's access to his or her clinical record compiled and maintained in a psychiatric facility and prohibiting disclosure of these clinical records except in very limited circumstances. Section 39 of The Mental Health Act states that FIPPA does not apply to a "clinical record" to which The Mental Health Act applies.   The information in these records is personal health information to which The Personal Health Information Act, rather than FIPPA, would ordinarily apply. However, subsection 4(3) of The Personal Health Information Act provides that the provisions of The Mental Health Act prevail over the provisions of The Personal Health Information Act. In effect, the more protective provisions in The Mental Health Act respecting clinical records compiled in a psychiatric facility apply to those records; neither FIPPA nor The Personal Health Information Act apply to these clinical records.

The Securities Act (CCSM c.S50)

The Securities Act establishes the Manitoba Securities Commission and sets out a comprehensive scheme for the regulation of securities. This Act contains provisions requiring the filing of sensitive third party financial and commercial information with the Commission and governing access to and confidentiality of this and other sensitive information. Section 154.1 of The Securities Act provides that its provisions prevail over the provisions of FIPPA where there is an inconsistency or conflict.37 In general, where The Securities Act contains provisions respecting access to records and confidentiality, those provisions (and not FIPPA) will apply.

The Statistics Act (CCSM c.S205)

The Statistics Act regulates the collection and use of information by the Manitoba Bureau of Statistics for social and economic statistics. Section 9 contains restrictions respecting access to or disclosure of information respecting an identifiable person, business or organization. Subsection 9(4) provides that the provisions of section 9 of this Act prevail over the provisions of FIPPA where there is an inconsistency or conflict.38

The Vital Statistics Act (CCSM c.V60)

The Vital Statistics Act governs access to records of births, adoptions, marriages, and deaths held by the Office of Vital Statistics. Prescribed information is provided upon application and payment of a required fee. Section 49.1 of The Vital Statistics Act provides that the provisions of that Act prevail over the provisions of FIPPA where there is an inconsistency or conflict.39

The Workers Compensation Act (CCSM c.W200)

Provisions of The Workers Compensation Act require compensation claimants, health care professionals attending compensation claimants, and employers to provide information to the Workers Compensation Board. The Board is also given the authority to examine an employer's records and to collect information in connection with its employer assessment duties. Section 116 of The Workers Compensation Act provides that the provisions of that Act prevail over the provisions of FIPPA where there is an inconsistency or conflict.40 In general, where The Workers Compensation Act contains provisions respecting access to records and confidentiality, those provisions (and not FIPPA) will apply.

Federal Legislation

In addition to these Manitoba statutes, there are some federal statutes which affect provincial records keeping, access to information and personal information protection. Among the most important are the Youth Criminal Justice Act (Canada) and the former Young Offenders Act (Canada) which govern the retention and disclosure of records relating to young offenders held by the courts, police, government departments and social agencies that deal with young offenders. Such records must be dealt with in accordance with the Youth Criminal Justice Act (Canada) and the former Young Offenders Act (Canada); FIPPA does not apply to them.

Footnotes

1. Terms and phrases in bold in the text of this Manual are defined in section 1 of FIPPA. back

2. These bodies also fell under the 1985 Freedom of Information Act. back

3. The definition "department" is essentially the same as in the 1985 Freedom of Information Act.back

4. "Minister" and "Cabinet" are defined in section 1 of FIPPA.back

5. This definition is similar to the definition "record" in the 1985 Freedom of Information Act. back

6. (1990), 74 D. L. R. (4th) 186 (Man. Court of Queen’s Bench) at page 15.back

7. Order 120, Ontario Access and Privacy Commissioner (Re Ministry of Government Services, June 27, 1989). back

8. Order 120, Ontario Access and Privacy Commissioner (Re Ministry of Government Services, June 27, 1989). back

9. See "Public Bodies Under FIPPA" earlier in this Chapter.back

10. Dictionary of Canadian Law and Black’s Law Dictionary, 6th edition.back

11. Black’s Law Dictionary, 6th edition. back

12. The Concise Oxford Dictionary, 9th Edition. back

13. The Concise Oxford Dictionary, 9th Edition. back

14. The Concise Oxford Dictionary, 9th Edition. back

15. Black’s Law Dictionary, 6th edition.back

16. The Canadian Dictionary of Law. back

17. Dictionary of Canadian Law and Black’s Law Dictionary, 6th edition. back

18. Order 17, Ontario Information and Privacy Commissioner (Re Ministry of the Solicitor General, Oct. 6, 1988). back

19. The Interpretation Act of Manitoba, section 17 and the Schedule of Definitions. back

20. Order 16, Ontario Information and Privacy Commissioner (Re Ministry of Agriculture & Food, Sept. 8, 1988). back

21. Order P-300, Ontario Information and Privacy Commissioner (Re Ministry of Community & Social Services, May 21, 1992). back

22. Order P-316, Ontario Information and Privacy Commissioner (Re Archives of Ontario, June 16, 1992). back

23. Order 61, Ontario Access and Privacy Commissioner (Re Ministry of Health, May 26, 1989). back

24. Order 113, Ontario Access and Privacy Commissioner (Re Ministry of the Attorney General, Nov. 9, 1989). back

25. The Concise Oxford Dictionary, 9th Edition. back

26. The Concise Oxford Dictionary, 9th Edition. back

27. The Concise Oxford Dictionary, 9th Edition. back

28. The Concise Oxford Dictionary, 9th Edition. back

29. The Concise Oxford Dictionary, 9th Edition. back

30. The Concise Oxford Dictionary, 9th Edition. back

31. The Interpretation Act of Manitoba, section 17 and the Schedule of Definitions. back

32. The Concise Oxford Dictionary, 9th edition. back

33. The definition personal health information is the same in The Personal Health Information Act as in FIPPA. This definition is discussed under "Key Definitions", earlier in this Chapter. back

34. See section 6 of FIPPA. back

35. See section 35 of FIPPA. back

36. Similar to clause 66(a) of the 1985 Freedom of Information Act. back

37. Similar to clause 66(c) of the 1985 Freedom of Information Act. back

38. Similar to clause 66(d) of the 1985 Freedom of Information Act. back

39. Similar to clause 66(c) of the 1985 Freedom of Information Act. back

40. Similar to clause 66(b) of the 1985 Freedom of Information Act. back