This court decision was rendered on July 11, 2023 by Supreme Court of Yukon Chief Justice S.M. Duncan in regard to a court case between VinAudit Canada Inc and the Government of Yukon, with the Yukon Information and Privacy Commissioner as an intervener. The primary issue before the court was standard of review on a judicial review conducted pursuant to s.105 of ATIPPA.

This advisory is intended for anyone with responsibility for the operation or content of IT systems containing personal health information or personal information for custodians under the Yukon’s Health Information Privacy and Management Act and public bodies under the Yukon’s Access to Information and Protection of Privacy Act.

Public bodies and custodians in the Yukon have an obligation to perform logging and auditing on their electronic systems that contain personal information (PI) or personal health information (PHI). This guidance was issued to assist them in meeting this obligation.

This advisory was issued to inform custodians and public bodies about the risk of the Log4j vulnerability and about actions that can be taken to mitigate the risk of a breach of PHI or PI that could occur as a result of the vulnerability.

Ideas for individuals, businesses & public organizations - how to manage the risk of ransomware

This special report was developed by the Offices of the Yukon Ombudsman and Privacy Commissioner, together with the BC Ombudsperson and the BC Privacy Commissioner.  Released on June 17, 2021, it highlights fairness and privacy concerns related to the use of artificial intelligence in the public sector and makes recommendations for steps governments should take to use AI in a responsible manner.

This infographic summarizes key points of the special joint report on use of artificial intelligence in the public sector, Getting Ahead of the Curve: Meeting the Challenges to Privacy and Fairness Arising from the Use of Artificial Intelligence in the Public Sector.

Guidance for Public Bodies on Time Extension Request to the OIPC under s.63 of the ATIPP Act (2018).

This guide is written for public bodies who have received a request for review under the Access to Information and Protection of Privacy Act (ATIPP Act).

Public bodies are often called upon to undertake searches for records in response to access requests made under the ATIPPA. This guidance document offers suggestions and outlines steps that public body employees should consider when conducting a search for records in response to an access to information request.

Canadian privacy laws all contain provisions that allow for the disclosure of personal information or personal health information in the event of an emergency. This document provides guidance on the provisions in Yukon's privacy laws.

The Yukon Information and Privacy Commissioner is reminding public bodies and custodians to ensure the protection of personal information and personal health information when employees working from home use this information. This document provides guidance on how to do so.

The purpose of these guidelines is to assist public bodies identify when it is appropriate to use video surveillance and evaluate whether in using video surveillance involving the collection, use and disclosure of personal information the requirements of the ATIPP Act can be met.

The only way for a public body to effectively assess and manage privacy risks for any project involving personal information is to conduct a privacy impact assessment (PIA). Completing a PIA enables a public body to identify any risks associated with the collection, use or disclosure of personal information and ensure the information is properly managed in compliance with the ATIPP Act.

This document provides step-by-step guidance for Yukon's public bodies on how to implement an effective privacy management program.

This tool is designed as a resource for public bodies  to ‘self-evaluate’ the maturity of their privacy management program.

The COVID-19 pandemic has led to the development and use of new variations of cybercrime. In particular, texting, email, phone calls and social media are being used to trick people into giving out personal or financial information, often by playing on fears and concerns about COVID-19. This advisory is meant to create additional awareness of these problems and provide advice about what to do.

The Yukon Information and Privacy Commissioner (IPC) is issuing this advisory to inform Yukoners about a recent cyber security incident involving the Zoom videoconferencing application and to provide information about how to reduce risks to privacy.

The Yukon Information and Privacy Commissioner provides advice to government, public organizations, businesses, employees and the public in regard to protecting personal information while working from home or other remote locations, in particular in regard to applications that support remote work and the potential privacy risks of using them.