What it is
BC PIPA — British Columbia’s Personal Information Protection Act — governs how private-sector organizations in BC collect, use, and disclose personal information. It runs parallel to PIPEDA and applies to us directly as a BC-based company serving BC clinicians and patients.
What it requires
- Collect, use, and disclose personal information only for reasonable purposes with appropriate consent.
- Make a reasonable security arrangement to protect it.
- Designate a privacy contact, be open about policies, and honour access/correction requests.
- Notify appropriately in the event of a privacy breach.
Where Coldstream stands
The same safeguards described under PIPEDA satisfy PIPA: encryption, data minimization, healthcare-approved infrastructure, audit logging, and a Canadian data-residency preference. Being physically and operationally in BC, we’re squarely within PIPA’s scope and designed for it.
What we’re doing
The forthcoming privacy policy (in legal review) names our privacy contact and documents access, retention, and breach-response processes under both PIPA and PIPEDA.
See also: Data protection & residency · Subprocessors. Privacy contact: Brett Poulin — contact@coldstream.info.