Governance
PIPEDA
PIPEDA (Personal Information Protection and Electronic Documents Act) is Canada's federal private-sector privacy law. AI deployments handling personal information of Canadians must satisfy PIPEDA's consent, purpose, and accountability principles, and — for cross-border transfers — disclose foreign processing in the privacy policy. Provincial laws (Quebec Law 25, Alberta PIPA, BC PIPA) add stricter requirements in their jurisdictions.
Related terms
- HIPAA — HIPAA (Health Insurance Portability and Accountability Act) is the US federal law governing protected health information (PHI).
- AI Compliance — AI compliance is the demonstrable conformance of AI deployments to applicable laws and standards — GDPR, PIPEDA, the EU AI Act, NIST AI RMF, ISO/IEC 42001, sector-specific rules in healthcare, finance, and government.
- Data Residency — Data residency is the requirement that data be stored and processed within a specific geographic jurisdiction.