Manitoba Patient Privacy Laws (2026)

Researched by , Founder & Head Researcher

Primary sources cited; not legal advice.

Last verified:

Source: PIPEDA, S.C. 2000, c. 5; Provincial health privacy statutes (Ontario: PHIPA, 2004; Alberta: HIA; Saskatchewan: HIPA)

About this article

Sourced from Canadian federal statutes and official sources. Provincial information reflects each province's own legislation and court rulings. Written in plain language for general understanding — this is educational content, not legal advice. Our editorial standards

Canadian Federal Law

What is this right?

Your health data is protected on two levels — PIPEDA federally for the private sector, and dedicated provincial health privacy statutes (Ontario's PHIPA, Alberta's HIA, Saskatchewan's HIPA, and so on). Whichever applies to you, the principles converge.

The core rules:

  • Collect, use, and disclose only what's necessary
  • Get your knowledge and consent (narrow exceptions for things like public-health reporting)
  • Keep the data secure
  • Retain records only as long as needed

You have the right to access your own medical records — providers usually have to respond within 30 days. You can request corrections for errors and file complaints with the privacy commissioner if your data is disclosed improperly.

When does it apply?

  • Every patient whose health information is collected by providers, hospitals, pharmacies, or labs.

What to Do If Your Medical Information Is Shared Without Your Consent in Canada

  • Request records in writing — providers have around 30 days to respond.
  • Ask who's accessed your information and why. Audit logs exist for a reason.
  • Request corrections for any errors you find.
  • File with the provincial privacy commissioner if your data was disclosed without consent.
  • Use patient portals where they exist — they make access logs visible.

What should you NOT do?

  • Don't assume providers share records automatically. Canada has no single national electronic health record system — your records can be in five different silos.
  • Don't ignore breach notifications. Follow up; document; ask what's being done.
  • Don't share your health card number casually. It's a vector for identity fraud.
  • Don't assume your employer can see your medical file. They get fit-for-duty information, not your diagnosis or treatment plan.
Manitoba Law
Choose your province
Canada NationalOntarioQuebecBritish ColumbiaAlbertaManitobaSaskatchewan

How Manitoba differs from federal law

Patient privacy in Manitoba is protected by The Personal Health Information Act (PHIA), CCSM c. P33.5, which is one of the most comprehensive health privacy laws in Canada.

  • PHIA governs how health information custodians (doctors, hospitals, clinics, pharmacies, Manitoba Health) collect, use, disclose, and protect your personal health information.
  • Your personal health information can only be collected, used, or disclosed for purposes that are necessary and authorized under the Act. Your healthcare provider cannot share your records with others without your consent, except in limited circumstances (such as providing information needed for your treatment, mandatory public health reporting, or court orders).
  • You have the right to access your own health records. A custodian must respond to your access request within 30 days.
  • You have the right to request corrections to your health records if information is inaccurate or incomplete.
  • Health information custodians must have security safeguards in place to protect your information from unauthorized access, theft, loss, or destruction.

Additional Steps in Manitoba

To access your health records, submit a written request to your healthcare provider or the health facility. They must respond within 30 days. If you believe your health information was improperly accessed or disclosed, file a complaint with the Manitoba Ombudsman (who oversees PHIA compliance) at 204-982-9130 or 1-800-665-0531. The Ombudsman can investigate and make recommendations.

Relevant Law: The Personal Health Information Act, CCSM c. P33.5

Common Questions

What is the patient privacy right in Canada?

Your health data is protected on two levels — PIPEDA federally for the private sector, and dedicated provincial health privacy statutes (Ontario's PHIPA, Alberta's HIA, Saskatchewan's HIPA, and so on). Whichever applies to you, the principles converge.The core rules:Collect, use, and disclose only what's necessaryGet your knowledge and consent (narrow exceptions for things like public-health reporting)Keep the data secureRetain records only as long as neededYou have the right to access your own medical records — providers usually have to respond within 30 days. You can request corrections for...

When does patient privacy apply?

Every patient whose health information is collected by providers, hospitals, pharmacies, or labs.

What should I do if my health information in Canada was disclosed without my permission?

Request records in writing — providers have around 30 days to respond.Ask who's accessed your information and why. Audit logs exist for a reason.Request corrections for any errors you find.File with the provincial privacy commissioner if your data was disclosed without consent.Use patient portals where they exist — they make access logs visible.

What mistakes should I avoid with patient privacy?

Don't assume providers share records automatically. Canada has no single national electronic health record system — your records can be in five different silos.Don't ignore breach notifications. Follow up; document; ask what's being done.Don't share your health card number casually. It's a vector for identity fraud.Don't assume your employer can see your medical file. They get fit-for-duty information, not your diagnosis or treatment plan.

Patient Privacy in other states

Same topic, different jurisdiction. Pick the one that applies to you.

More in Healthcare Rights

Medicare and Universal Coverage (in Manitoba)The Canada Health Act (CHA) sets five principles every province must satisfy to receive federal health transfers: public...Read more →Informed Consent (in Manitoba)Before any treatment, the law requires the doctor to give you enough information to make a real decision. The Supreme Co...Read more →Emergency Care (in Manitoba)Canadian emergency departments triage by medical urgency, not by your ability to pay or your status. The standard tool i...Read more →
← Browse all Healthcare Rights

You Might Also Need to Know

Family LawSpousal Support (in Manitoba)Spousal support is not automatic. The Supreme Court's Bracklow v. Bracklow (1999) set the framework: the person asking h...Read more
Workers' RightsWrongful Dismissal (in Manitoba)Federally regulated employees with 12 months or more of service get one of the strongest job-protection regimes in the c...Read more

Last verified:

You came here to know your rights — help someone else know theirs.

Support This Mission