PHAC Regulatory Compliance and Enforcement Framework

Health Security and Infrastructure Branch

Centre for Biosecurity


The Government of Canada works closely with partners and stakeholders to identify, develop, and implement measures that protect the health and safety of Canadians every day. As part of one of the Public Health Agency of Canada's (PHAC) priorities, PHAC focuses on preparing for and responding to public health events and emergencies, mitigating travel related public health risks, and regulating pathogens and toxins in Canada. PHAC also works with stakeholders to deal with the public health implications of broader global threats to public health, such as climate change, and other naturally occurring, deliberate, or accidental threats.

Background and Scope

In the 2016-2017 Report on Plans and Priorities, PHAC committed to enhancing the transparency and efficiency of the regulatory authorization and compliance processes for regulated parties and stakeholders by developing a Regulatory Compliance and Enforcement Framework.

The Regulatory Compliance & Enforcement Framework articulates the key activities carried out by PHAC's regulatory programs to verify and bring regulated parties into compliance. The Compliance & Enforcement Framework also sets out PHAC's general approach and philosophy to Compliance & Enforcement while supporting coherence, flexibility and consistency in a changing environment. This framework is applied equally to all areas regulated by PHAC.

Phac Regulatory Activities

All regulatory activities at PHAC lie in the Health Security Infrastructure Branch's (HSIB) Centre for Biosecurity and the Centre for Emergency Preparedness and Response.

The Centre for Biosecurity (CB) reduces risks to the health and safety of the public posed by activities involving human and terrestrial animal pathogens and toxins by establishing and maintaining comprehensive risk-based regulatory and policy instruments and programs for pathogen oversight. The CB administers and enforces the Human Pathogens and Toxins Act (HPTA)/Human Pathogens and Toxins Regulations (HPTR) and certain provisions of the Health of Animals Act (HAA)/Health of Animals Regulations (HAR) (administration shared with CFIA with penal enforcement lead by CFIA).

The Centre for Emergency Preparedness and Response (CEPR) strengthens national emergency preparedness and response capacity and mitigates risks associated with public health events/emergencies of national and international interest. It also protects the health and safety of the public by mitigating travel related public health risks. CEPR administers and enforces the Quarantine Act, the Department of Health Act, the Potable Water on Board Trains, Vessels, Aircraft and Buses Regulations and certain provisions of the Food and Drugs Act (administration and enforcement shared with CFIA).

Phac Compliance and Enforcement Activities

Compliance Promotion

Compliance promotion focusses on helping regulated parties access, understand and comply with acts and regulations to minimize risk and it includes the following activities:

  • Raising awareness and providing guidance
    • Providing public health information, advice and leadership by developing and offering education, guidance and information to regulated parties, to other stakeholders and to the public to raise awareness and empower Canadians to improve their health.
    • Developing regulations, standards, guidelines and policies.
  • Engaging and collaborating
    • Collaborating and consulting with regulated parties, stakeholders and other regulatory departments on health and safety requirements.
Compliance monitoring and verification

Compliance monitoring and verification focusses on identifying risks and verifying compliance to the law by performing of the activities by:

  • Reviewing documentation
    • Take actions to record, gather, obtain and/or analyze information on regulated parties and activities.
  • Inspecting
    • Carry out inspections, report on findings, sample and analyse to evaluate compliance with laws and identify risks.

Enforcement focusses on bringing regulated parties into compliance with the laws, stopping non-compliance, preventing future non-compliance, or imposing penalties on the regulated party for non-compliance. Enforcement activities may include regulatory administrative enforcement, inspection enforcement and penal enforcement. Actions of enforcement include:

  • Notifications
    • Issue of warning letters
    • Issue of notices of non-compliance
  • Impose control measures
    • Refuse issuance of a licence/certificate
    • Vary the conditions and/or term of a licence/certificate
    • Suspend, refuse to renew or revoke a licence/certificate
    • Refuse to issue, suspend or revoke security clearance
    • Issuance of orders
  • Seizure/Detention/Quarantine
  • Investigation
    • Activities involved in the gathering of information and evidence relevant to suspected non-compliance where the purpose is to build a case for prosecution.
  • Prosecution

Guiding Principles

PHAC follows guiding principles to determine the appropriate choice of action and Compliance & Enforcement activities.


PHAC is accountable to Parliament and Canadians to help ensure Compliance & Enforcement actions and decisions are consistent with its mandate, values, policies, legal and operational frameworks, the public interest, and any applicable international requirements.

Fairness, Consistency, and Predictability

Acts and Regulations are applied in a fair, consistent, and predictable manner through qualified and authorized personnel in a reasonable, professional, unbiased, and an unprejudiced way.

Openness and Transparency

PHAC's Compliance & Enforcement activities and decisions are clear and communicated to regulated parties. PHAC also strives to provide information about its activities and decisions under both PHAC's Regulatory Transparency and Openness Framework and the Government of Canada Open Government Plan, while still respecting confidential information. PHAC also provides regulated parties with clear information on how to meet the regulatory requirements (required under the Red Tape Reduction) through Regulatory Interpretation Policies.

Evidence Based Decision

PHAC's Compliance & Enforcement activities and decisions are based on the best available evidence, knowledge and science and apply the precautionary principle to the decision making process which recognizes that the absence or limited science or evidence should not be used as a reason for postponing decisions where there is a risk or serious or irreversible harm. These decisions are supported by accurate and thorough documentation.

Decision Factors

PHAC considers several decision factors in addition to the guiding principles to appropriately select the most appropriate Compliance & Enforcement activity to address an issue. These include:

Risk of Regulated Activity

To determine the level of existing and potential risks, PHAC uses a risk-based approach and relies on an evaluation of many risk indicators.

Health Impact

This takes into account the characteristics of the non-compliance and its consequence on the health and safety of Canadians. It includes existing and potential risks associated with a non-compliance to the health and safety of Canadians.

Compliance History of the Regulated Party

This includes a review of the history of the regulated party, such as previous efforts to achieve compliance and previous levels of cooperation with PHAC and other relevant regulators. The review can include one-off issues or repeated non-compliance.

Behavior of the Regulated Party

This includes taking into account the conduct of the regulated party with respect to the compliance issue, as well as their willingness and ability to comply with the law. This review includes situations where non-compliance was not intended to deliberate avoidance of obligations under the law, and includes being careless or negligent.

Annex 1 : PHAC Regulatory Compliance and Enforcement Framework
Figure 1 - Text Equivalent

Figure 1: PHAC Regulatory Compliance and Enforcement Framework

The Compliance & Enforcement actions taken by PHAC follow a risk-based continuum. The key actions are listed in an inverted pyramid to illustrate that most of PHAC's Compliance & Enforcement activities and efforts to bring regulated parties in compliance fall in the compliance promotion, monitoring and verification category. Fewer efforts are deployed for regulatory and penal enforcement actions.

The key compliance promotion actions taken by PHAC are:

  • Raising awareness;
  • Providing guidance;
  • Engaging; and
  • Collaborating.

The key compliance monitoring and verification actions taken by PHAC are:

  • Documentation review; and
  • Inspection.

The key regulatory enforcement actions taken by PHAC are:

  • Notifications;
  • Seizure and detention; and
  • Impose control measures.

The key penal enforcement actions taken by PHAC are:

  • Investigation; and
  • Prosecution.

The PHAC will consider four decision factors in addition to the guiding principles to appropriately select the most appropriate Compliance & Enforcement action to address this issue. These four decision factors are:

  • Risk posed by regulated activity;
  • Health impact;
  • Compliance history of regulated party; and
  • Behaviour of regulated party.

Page details

Date modified: