Privacy & Security Services in Regina
End-to-end privacy and security support for organizations in Regina.
Saskatchewan's private-sector businesses are governed by federal PIPEDA, administered by the Office of the Privacy Commissioner of Canada. That federal law sets ten fair information principles that shape how organizations must collect, use, and disclose personal information in commercial activity. Saskatchewan has not enacted a general private-sector privacy law of its own — PIPEDA is the applicable regime for businesses outside the health sector. The province does have The Health Information Protection Act (HIPA), which has been in force since September 2003, but HIPA applies specifically to trustees in the health system — hospitals, physicians, pharmacies, and related entities. It does not govern general commercial activity, which remains squarely within the federal framework. Getting that distinction right is foundational to building a program that addresses the rules that actually apply.
Regina sits at the centre of Saskatchewan's government, agricultural, and financial services sectors, and organizations in each of those spaces face their own version of the compliance challenge. A professional services firm collecting client information, a technology company handling employee data, a financial institution managing customer records — each operates under PIPEDA but faces different practical questions about how its principles apply. Privacy Horizon works with Regina organizations to answer those questions in concrete terms: what data you hold, how you use it, where you are exposed, and what a defensible program looks like for your specific situation.
Our services for Saskatchewan clients include Privacy Impact Assessments that examine new systems or programs before they go live, gap analyses that measure current practices against PIPEDA's requirements, and guided compliance programs that translate the results into documented policies and procedures. Threat and risk assessments address the security dimension — identifying vulnerabilities and the controls that reduce your exposure. When your team needs to understand their obligations in plain language, custom training delivers that without the jargon. And when a specific incident, regulatory inquiry, or business decision requires senior expertise on short notice, on-call advisory gives you access to experienced practitioners who know the applicable framework.
Privacy & security regulation in Regina
Regulator: Saskatchewan Information and Privacy Commissioner
Regina businesses are governed by Canada's federal private-sector privacy law, PIPEDA, overseen by the Office of the Privacy Commissioner of Canada. Personal health information in Saskatchewan is separately governed by The Health Information Protection Act (HIPA), with oversight by the Saskatchewan Information and Privacy Commissioner.
PIPEDAPersonal Information Protection and Electronic Documents Act
PIPEDA is Canada's federal private-sector privacy law. It sets out ten fair information principles governing how organizations collect, use, and disclose personal information in the course of commercial activity. It applies wherever a province has not enacted substantially similar legislation — and, even in provinces that have (Alberta, British Columbia, Québec), it continues to apply to federally regulated businesses such as banks, airlines, and telecommunications, and to personal information that flows across provincial or national borders.
HIPA (Saskatchewan)The Health Information Protection Act (Saskatchewan)
Saskatchewan's health-sector privacy law, proclaimed in force on September 1, 2003. It sets the rules trustees must follow when collecting, using and disclosing personal health information and protects individuals' access and privacy rights. Oversight is by the Saskatchewan Information and Privacy Commissioner. General private-sector activity in Saskatchewan is governed by federal PIPEDA, not HIPA.
What Privacy & Security includes
From assessments to compliance programs and ongoing advisory, we provide the full range of privacy and security support organizations need under Canadian law.
Assessments
Privacy impact assessments, threat & risk assessments, and gap analysis.
Compliance Programs
Guided programs to reach and maintain compliance.
Advisory
On-call senior privacy and security guidance.
Training
Practical training for staff and leadership.
The federal framework and where it applies
PIPEDA governs private-sector commercial activity in Saskatchewan directly — the province has not enacted a substantially similar law that would displace it. That means the Office of the Privacy Commissioner of Canada is the enforcement authority, and the ten fair information principles are the standard your program needs to meet. PIPEDA also applies to personal information that crosses provincial or national borders, so a Regina-based business with customers, vendors, or operations elsewhere in Canada needs to account for those flows. Privacy Horizon advisors help you map your obligations accurately — not over-engineer for rules that do not apply, and not leave gaps in the ones that do.
HIPA's scope: what it covers and what it does not
Saskatchewan's Health Information Protection Act is a health-sector statute, not a general private-sector privacy law. It applies to trustees — a defined category of health-system participants — and governs personal health information specifically. If your organization is not a trustee under HIPA, general commercial activity falls under PIPEDA, not HIPA. Privacy Horizon advisors work with both sets of organizations: we help HIPA trustees build programs that satisfy their specific obligations, and we help other Saskatchewan businesses understand that PIPEDA is their applicable framework and what that means in practice.
Other services in Regina
Privacy & Security elsewhere
What's Protecting Your Business from the Next Threat?
Don't wait for a breach to expose your vulnerabilities. Let Privacy Horizon secure your data, ensure compliance, and build lasting trust.

