Have you ever stopped to think about just how much personal information your insurance company has about you, including your…
- Driving record (accidents, etc.)
- Loss history
- Marital status
- Medical information
- Home’s value and the value of its contents
- Financial details – including mortgage holder and credit history
- Employment information
- Analysis or opinions about you
- Information that may be traced back to you
- Video images or observations
Your information can be passed around, too; your insurance company can share your personal information with, and glean more information about you from…
- Other insurance companies
- Insurance brokers or agents
- Credit organizations
- Financial institutions
- Medical professionals
- Professionals working for the insurance company – such as adjusters, lawyers, benefit providers
- Motor vehicle and driver licensing authorities
- Law enforcement officials
Fortunately, your information is protected, supervised by the Privacy Commissioner of Canada who oversees the Personal Information Protection and Electronic Documents Act (PIPEDA), which began to be applied to the provincially regulated private sector in 2004, including the insurance industry in Ontario. Among other things, the PIPEDA legislation ensures that:
- All organizations, including in the insurance industry, must have your full consent to give your personal information to them – either by telephone or in writing.
- The purposes for which personal information is collected must be identified by the organization at or before the time the information is collected.
- You can refuse to let your broker obtain, use or share your personal information.
- You can withdraw a previously given consent at any time.
- Your personal information cannot be used or disclosed for purposes other than that for which it was collected, except with the consent of the individual or as required by law.
- Your personal information is retained only as long as necessary for the fulfilment of those purposes.
- Adequate security safeguards must be in place to protect your information in the organization’s database.
- You can have your information removed from a database upon your request.
- Upon request, you will be informed of the existence, use and disclosure of your personal information and will be given access to that information.
It’s important to know your rights when it comes to your information – especially in a day and age when identity theft and hacking is not uncommon. Whom you appoint to handle your insurance policies and claims is a critical decision – the more you know about the person/organization who will hold that role in your life, the better. Choosing an insurance broker [link to Why Use a Local Insurance Broker blog post] is a wise choice; he/she is heavily regulated by the insurance industry, which of course includes compliance with PIPEDA and all other relevant legislation.
As one Canadian privacy lawyer blogged recently, “the [Privacy] Commissioner is getting more proactive and businesses need to be more vigilant.” That’s great news for consumers; expect vigiliance from your insurance broker.