Under Bill 194, new provisions of the Freedom of Information and Protection of Privacy Act, Ontario (“FIPPA”) came into force on July 1, 2025. One of these provisions adds a requirement for organizations to conduct a Privacy Impact Assessment (PIA) before entering into any new contracts or implementing changes that involve the collection, processing, or sharing of personal information.

While Humber has long been in the practice of completing PIAs, we are revising our PIA template to capture the additional information that is required to be included in PIAs.

Please contact the Legal, Risk and Privacy office if you are intending to purchase or use new software that collects or processes personal information, or if you are making changes to the existing use cases of software that expands or changes what, how, and/or with whom personal information is use or shared.

In addition, please contact our office if you are intending to purchase or implement new artificial intelligence (AI) driven tools or features. The PIA includes some questions about AI, and in anticipation of AI regulation, we are working on an updated AI assessment process.

Your cooperation and diligence in these matters are greatly appreciated, and are essential to maintaining the integrity and security of personal information at Humber, and to ensure we remain compliant with privacy legislation and best practices.

Please do not hesitate to contact the Legal, Risk and Privacy office at access.privacy@humber.ca with any questions or for assistance.