PEAK Disclosure - Click to Study
As always we are always concerned about protecting our clients privacy. This updated from our professional organization shows that our industry has lots of room for improvement.
A few things that we are implementing in our practice from a practical doing business perspective.
1. Trusted Contact ~ in the event that we feel something is off , maybe your making decision that do not seem to reflect your normal behavior, maybe dementia is developing, your forgetful, requesting high risk investments, involing people in your deciisons that are not normal. A trusted contact authorization allows us to reach out to say a family member to check in with them to make sure you are ok.
2. Authorization to Release / Obtain / Exchange Confidential Information ~ this document allows us to share as an example your tax information with your bank or mortgage broker so they can secure a loan for you.
3. Online access to your portfolio, we have implemented a multi part authorization to ensure your privacy. ~ we want to be sure that it is you accessing your account.
There is many other best practices that we implement and maintain every day.
Brock Shores Financial
IFB Regulatory Update
Privacy Update – a cautionary tale
IFB is always working to keep Members updated on issues that can affect you, your clients and your business. In this Update, we draw your attention to the ever-growing need to be vigilant about protecting client information. Instances of privacy breaches are in the news more and more frequently.
Canada’s Office of the Privacy Commissioner (OPC) recently released an update on the privacy breach notifications it has received since reporting of breaches became mandatory under PIPEDA in November 2018. The results may surprise you! The OPC reports that the number of data breach reports have skyrocketed. While some of those reports have involved well-known corporate names, it has also seen significant volumes coming from small- and medium-sized businesses.
As 2019 draws to a close, this is a great time to make sure the important - often sensitive - information you retain in client files, on your computer, laptop, even on your phone is secure and protected. Do not keep more information on clients than is needed. Review files to evaluate whether you still need the information, and always ensure client information is destroyed in a safe and secure way.
680 breach reports – 6X higher than previous years – over 28 million Canadians affected!
· 58% of breaches involved unauthorized access: Snooping by employees or other unauthorized individuals for reasons that can range from curiosity to financial gain. Phishing and impersonation where fraudsters use sophisticated tactics to convince employees (or anyone they’ve targeted) that they are legitimate in order to gain access to information.
· 22% involved accidental disclosure: Documents containing personal information are provided to the wrong individual (for example, an incorrect email or postal address was used, or an email was sent without blind copying recipients) or are left behind accidentally.
· 12% from loss: Loss of a computer, storage drive or actual paper files.
· 8% from theft: Theft of documents, computers or computer components.
Some OPC tips to keep your business and your clients from exposure. Remember, under PIPEDA you have breach notification requirements.
1. Foster a culture of privacy. Ensure you, your business partners, and any employees understand the importance of safeguarding personal information, and the risks of not doing so.
2. Remind employees, associates, business partners, clients of your commitment to privacy.
3. Ensure everyone knows there will be consequences for failing to follow privacy policies, like engaging in snooping, or not taking steps to adequately protect client information.
4. Ensure access to files is on a need to know basis. Those who don’t need access should be restricted from seeing all, or the most sensitive, information in client files.
5. Faxing information has risks. Dialing a wrong fax number could accidentally send sensitive personal information or medical information to the wrong person. Locating a fax machine out in the open means personal information being sent or received may be visible to passers-by. Fax transmissions, like telephone calls, can be tapped and monitored. If you must fax personal information, consider buying a machine which encrypts transmissions.
More information and tips can be found on the OPC website.
Disclaimer: IFB Bulletins are provided for informational purposes for the convenience of IFB members. They are not intended to be a comprehensive review of the topics discussed, or to be used as a substitute for professional advice.