When you work in a long-term care home or retirement community, you will come in contact with and need to communicate many types of health-related information about the residents in your care. This information can include facts about their medical condition and treatments, as well as personal and financial information. Did you know that health-related information about your residents, as well as any personal information that identifies a resident, is protected by provincial and/or federal law? Did you know that if you do not keep this information private and confidential, it could result in a hefty fine, imprisonment, or both? Depending on your actions, you could also be personally liable for not protecting residents’ privacy. Canada has two federal privacy laws: the Privacy Act and the Personal Information Protection and Electronic Documents Act, also called PIPEDA. In addition, every province and territory in Canada has privacy legislation that governs the collection, use, and disclosure of personal information. Your organization is required to comply with privacy legislation and establish rules and limits on who can access and receive information for its respective province or territory. You are responsible for understanding and complying with privacy legislation to protect the confidentiality of residents’ medical and personal information. This includes understanding the rules concerning the release of resident information, the responsibility for breach notification, and the security and storage of all personal information.