Back Arrow Email Privacy Regulations

We’re not just securing email and eSigning.

We’ve been helping Canadian businesses safeguard client information by meeting the highest levels of privacy, bringing together peace-of-mind and protection.

And we’ve been doing it with them since 2003.

Privacy Compliance and Legality in the Canada

RMail Logo
Audit-Ready Compliance
Yes. Automates proof of compliance with Canadian Federal and provincial privacy regulations.
RMail Email Encryption
Relied upon in the Canada since 2003.
Geography
Canada.
Recommended Service
RMail® email encryption returns a Registered Receipt™ audit-ready proof of Canadian privacy compliance.

Common Use

RMail email encryption is used within the medical device, health care, life sciences, pharmaceutical, biotech, insurance, financial services, legal and other industries.

Watch full video of Natasja Voorsluijs discuss RMail at Optimize!2020.

Open Quotes

To us, the use of the RMail Registered Email™ service is essential. If the customer says, “I didn’t get it, I didn’t receive it,” we are now the ones that can prove that the customer received the letter.

Close Quotes
Natasja Voorsluijs

Natasja Voorsluijs

MSc Forensic Criminology, Data Analyst, Allianz

Legal Aspects

There are four private sector privacy statutes that govern the collection, use, disclosure and management of personal information in Canada. RPost financial services, insurance, and other customers in Canada reply on RPost’s RMail email encryption to comply with these privacy regulations.

Canadian Privacy Statutes:

There are five main private sector privacy statutes that govern the collection, use, disclosure and management of personal information in Canada, and one that focuses on public sector.

  1. Federal Personal Information Protection and Electronic Documents Act, S.C. 2000, ch. 5 (“PIPEDA”);
  2. Alberta’s Personal Information Protection Act, S.A. 2003, ch. P-6.5 (“PIPA Alberta”);
  3. British Columbia’s Personal Information Protection Act, S.B.C. 2003, ch. 63 (“PIPA BC”);
  4. Québec’s An Act Respecting the Protection of Personal Information in the Private Sector, R.S.Q., ch. P-39.1 (“Québec Privacy Act”). Collectively, referred to as the “Canadian Privacy Statutes”; and
  5. The Freedom of Information and Protection of Privacy Act, commonly abbreviated FIPPA, is an Act of the Legislative Assembly of Ontario. FIPPA legislates access to information held by public institutions in Ontario.

The private sector privacy statutes in Alberta, British Columbia and Québec have each been deemed “substantially similar” to PIPEDA. The health privacy statutes in Ontario, New Brunswick, Newfoundland & Labrador and Nova Scotia have also been deemed substantially similar to PIPEDA.

“Under Canadian Privacy Statutes governing the private sector, organisations are responsible for personal information in their custody or control, including personal information transferred to third parties for processing. In general, Canadian Privacy Statutes permit the non-consensual transfer of personal information to third-party processors outside Canada, provided the transferring organisation uses contractual or other means to provide a comparable level of protection while the information is being processed by the foreign processor.” Osler, Hoskin & Harcourt LLP, a Canadian privacy law firm; Section 11 of Chapter 7 of “The International Comparative Legal Guide to: A practical cross-border insight into data protection law” Published by Global Legal Group. 5th Edition Data Protection 2018.

RPost financial services, insurance, and other customers in Canada have opted to use RPost services connected to the RPost global infrastructure in Frankfurt, Germany, which operates under the European General Data Privacy Regulation (GDPR). RPost believes these Canadian customers of RPost services opt for this as it meets the desired privacy concerns in compliance with Canadian Privacy Statutes that permit the non-consensual transfer of personal information to third-party processors outside Canada as long as the (RPost) systems processing the data has a comparable level of protection to the Canadian Privacy Statutes while the information is being processed by the foreign processor (RPost). Additionally, RPost security gateway may be deployed by the customer on premise in Canada.

The Freedom of Information and Protection of Privacy Act, commonly abbreviated FIPPA, is an Act of the Legislative Assembly of Ontario. FIPPA legislates access to information held by public institutions in Ontario subject to specific requirements to safeguard the personal information of individuals. To the extent RPost customers are public institutions or affiliated or suppliers of and are operating under FIPPA, RPost retention, privacy, and disclosure policy comply with FIPAA for the benefit of those public institutions and any of their covered affiliates or suppliers. In the spirit of FIPPA, RPost applies these same (FIPPA) standards for the benefit of any RPost customers that are public institutions or their affiliates and suppliers across Canada.

Laws Referenced

Federal Personal Information Protection and Electronic Documents Act, S.C. 2000, ch. 5 (“PIPEDA”), Alberta’s Personal Information Protection Act, S.A. 2003, ch. P-6.5 (“PIPA Alberta”), British Columbia’s Personal Information Protection Act, S.B.C. 2003, ch. 63 (“PIPA BC”), Québec’s An Act Respecting the Protection of Personal Information in the Private Sector, R.S.Q., ch. P-39.1 (“Québec Privacy Act”). Collectively, referred to as the “Canadian Privacy Statutes”, and the Freedom of Information and Protection of Privacy Act, commonly abbreviated FIPPA.

Disclaimer: Neither RPost nor its affiliates provide legal opinions. The information on RPost and its affiliates and products websites is for general information purposes only and is not intended to serve as legal advice or to provide any legal opinions. Laws and regulations change from time to time and neither RPost nor its affiliates guarantee that all of the information on RPost and its affiliates’ websites are current, correct, or with sufficient detail for the purpose of each reader. You should consult your legal counsel for specific jurisdictional details and other issues.

Tradenames are owned by the named company. Service benefit is summary, not intended to be a case study.​ RPost technology is patented. RMail, RSign, and RPost are trademarks owned by RPost.