Compliance Frameworks
PIPEDA
Learn about achieving PIPEDA compliance on Aptible
Overview
Aptible’s platform is designed to help businesses meet strict data privacy and security requirements. With a strong background in serving security-focused industries, Aptible offers essential infrastructure security controls that align with PIPEDA requirements.Achieving PIPEDA on Aptible
1
Provision a Dedicated Stack to run your resources
Dedicated Stacks live on isolated infrastructure and are designed to support deploying resources with higher requirements like PIPEDA. As part of the shared responsibility model, Aptible automates and enforces the necessary infrastructure security and compliance controls to help customers meet PIPEDA compliance.
2
Review Aptible’s PIPEDA compliance resources
Aptible provides PIPEDA compliance resources, available upon request through trust.aptible.com. These resources outline how Aptible aligns with PIPEDA requirements, simplifying your path to compliance by inheriting many of Aptible’s pre-established controls.
3
Perform a PIPEDA Assessment
While Aptible’s platform aligns with the requirements of PIPEDA, it is the client’s responsibility to perform an assessment and ensure that the requirements are fully met based on Aptible’s devision of responsibilies. You can conduct your PIPEDA Self-Assessment using the official tool provided by the Office of the Privacy Commissioner of Canada, available here.
4
Request PIPEDA Compliance Assistance
Aptible supports your journey toward achieving PIPEDA compliance. While clients must conduct their self-assessment, Aptible ensures that critical security controls—such as access management, encryption, and secure storage—are actively enforced. Additionally, the platform can streamline the documentation collection process for your compliance program.
5
How to request PIPEDA Assistance from Aptible
To get started with PIPEDA compliance or prepare for an audit, reach out to Aptible’s support team. They’ll provide guidance on ensuring all infrastructure controls meet PIPEDA requirements and assist with necessary documentation.
Show off your compliance
Leverage the Security & Compliance Dashboard to demonstrate your PIPEDA compliance to clients and partners. Once compliant, you can display the “Secured by Aptible” badge to showcase your commitment to protecting personal information and adhering to PIPEDA standards.
FAQ
What is the relationship between PHIPA and PIPEDA?
What is the relationship between PHIPA and PIPEDA?
The collection, use, and disclosure of personal information within the commercial sector is regulated by PIPEDA, which was enacted to manage these activities within private sector organizations. PIPEDA does not apply to personal information in provinces and territories that have “substantially similar” privacy legislation. The federal government has deemed PHIPA to be “substantially similar” to PIPEDA, exempting custodians and their agents from PIPEDA’s provisions when they collect, use, and disclose personal health information within Ontario. PIPEDA continues to apply to all commercial activities relating to the exchange of personal health information between provinces or internationally.
Does Aptible also adhere to PHIPA?
Does Aptible also adhere to PHIPA?
Aptible has been assessed towards PIPEDA compliance but not specifically towards PHIPA. While our technology stack meets the requirements common to both PIPEDA and PHIPA, it remains the client’s responsibility to perform their own assessment to ensure full compliance with PHIPA when managing personal health information within Ontario.