Skip Navigation

Saskatchewan Enacts Major Data Protection Amendment

Bookmark and Share

26 December 2017

The province of Saskatchewan is officially amending its existing privacy legislation by adding a breach notification requirement- a “duty to protect” - and an obligation of government institutions and local authorities to enter into written agreements with information management service providers. In addition, under the amendment government institutions must take “reasonable steps” to post their policies and guidelines, which could be useful in holding them accountable.

The amendment comes via Bill No. 31, An Act to amend The Local Authority Freedom of Information and Protection of Privacy Act, which goes into effect January 1, 2018.  

According to the province’s published statement, “The amendments to the Acts and the Regulations are the most significant amendments to this legislation since its introduction in 1992 and 1993.”

The complete text of the amendment is available at the Saskatchewan government’s official website.  

NAID has long maintained that the provisions of the upcoming European Union General Data Protection Regulation (GDPR) will force other jurisdictions to update their data protection laws. While Saskatchewan has taken the lead, it may well fall short of suspected changes to Canada’s Personal Information and Electronic Document Act (PIPEDA) expected to be announced in later in 2018.