Timeframe for responding to access or privacy requests

The legislated timeframe for responding to an access to information or privacy request is 30 calendar days. The Access to Information Act permits an institution to extend the time limit to respond to a request beyond the 30 calendar days if:

• the request is for a large number of records or requires a search through a large number of records, and the original time limit would unreasonably interfere with the operations of the institution;
• external consultations are necessary and cannot reasonably be expected to be completed within the original time limit; or
• notice to a third party is required to advise him or her that his or her information is the subject of a request.

The Privacy Act permits an institution to extend the time limit to respond to a request for a maximum of 30 calendar days beyond the initial 30 days if:

• the original time limit would unreasonably interfere with the operations of the institution; or
• consultations are necessary and cannot reasonably be expected to be completed within the original time restriction.

Features