Law: The Personal Information Protection and Identity Theft Prevention Act, CCSM c P33.7 (PIPITPA). Please note that PIPITPA is not yet in force and has been awaiting promulgation since 2013. Private organisations are regulated at the federal level by the Personal Information Protection and Electronic Documents Act 2000 (PIPEDA).

Regulator: The Manitoba Ombudsman (the Ombudsman)

Summary: The Personal Information Protection and Identity Theft Prevention Act, CCSM c P33.7 (PIPITPA) is not yet in force and has been awaiting promulgation since 2013. PIPITPA has several similarities to legislation in Alberta and British Columbia, but it is unclear when, and if, it will become effective. Private organisations are regulated at the federal level by the Personal Information Protection and Electronic Documents Act 2000 (PIPEDA).

Although Manitoba's Personal Health Information Act (PHIA), which became law in 1997, was the first provincial law directly concerning access and privacy rights of personal health information in Canada, Manitoba does not have a comprehensive private sector data protection law.

Unlike other provinces or territories that utilize privacy commissioners, Manitoba operates a Manitoba Ombudsman based regulatory system. The Ombudsman has conducted several investigations under the PHIA and released guidance on various privacy related topics.