Law: Freedom of Information and Protection of Privacy Act, SNS 1993 c 5 (FOIPOP). Please note that FOIPOP applies to public bodies only. Private organisations are regulated at the federal level by the Personal Information Protection and Electronic Documents Act 2000 (PIPEDA).

Regulator: Office of the Information and Privacy Commissioner of Nova Scotia (OIPC)

Summary: Aside from the Personal Information Protection and Electronic Documents Act 2000 (PIPEDA) that regulates private organizations at the federal level, Nova Scotia does not currently have a separate, provincial level private sector data protection law. The Freedom of Information and Protection of Privacy Act, SNS 1993 c 5 (FOIPOP) is only applicable to public bodies and obliges them to ensure the protection of individuals' personal privacy, adopt policies of accountability, openness, and transparency, and provide a right of access to information. In addition, the Personal Health Information Act (PHIA) sets out several data protection requirements for health information which are considered to be generally similar to PIPEDA.

The Office of the Information and Privacy Commissioner of Nova Scotia (OIPC) is the regulatory authority and has released tools and guidance that focus on FOIPOP and PHIA and emphasizes breach notification requirements under PHIA.