Canadian Information Privacy Protection Framework
What this Standard Covers
This standard specifies minimum requirements for organizations that handle personal information in Canada, and which offer any benefit or consideration regardless of whether or not payment is made for it. It provides a baseline framework for organizations seeking to harmonize conformance to provincial/territorial, federal, and international legislation and treaties.
It is not intended to prescribe how an organization should implement controls, but instead provides guidance that is agnostic of jurisdiction and technology.
This standard applies to all sectors, including public and private companies, government entities, and not-for-profit organizations.
About this Standard
Intended for Conformity Assessment?
Comment on the Latest Draft
Drafts available for public review appear below
Draft number: D1
Date posted: 2023-03-13
Comments due by: 2023-05-12
Download This Standard
Our standards are always free for non-commercial use.
This standard is subject to technical committee review beginning no later than one year from the date of publication. The completion of the review may result in a new edition, revision, reaffirmation or withdrawal of the standard.