Blog

privacy (2)

Privacy Vigilance

Posted by Timothy Ross on December 5, 2019 at 7:30am

PEAK Disclosure - Click to Study

As always we are always concerned about protecting our clients privacy. This updated from our professional organization shows that our industry has lots of room for improvement. 

A few things that we are implementing in our practice from a practical doing business perspective. 

1. Trusted Contact ~ in the event that we feel something is off , maybe your making decision that do not seem to reflect your normal behavior, maybe dementia is developing, your forgetful, requesting high risk investments, involing people in your deciisons that are not normal. A trusted contact authorization allows us to reach out to say a family member to check in with them to make sure you are ok. 

2. Authorization to Release / Obtain / Exchange Confidential Information ~ this document allows us to share as an example your tax information with your bank or mortgage broker so they can secure a loan for you.

3. Online access to your portfolio, we have implemented a multi part authorization to ensure your privacy. ~ we want to be sure that it is you accessing your account. 

 

There is many other best practices that we implement and maintain every day. 

Tim Ross

CEO, Founder 

Brock Shores Financial

 

Here is a link to our dealerships privacy policy 

Peak Privacy Policy http://www.peakgroup.com/publicweb/index.php/en/privacy-policy.html?fbclid=IwAR0fIB13-tcpjeSlFIUHm0KkJrxepV_5Gtww9MlXGY00UH7FMG8LEFSI2EU

 

 

IFB Regulatory Update

December 2019

 

Privacy Update – a cautionary tale

 

IFB is always working to keep Members updated on issues that can affect you, your clients and your business. In this Update, we draw your attention to the ever-growing need to be vigilant about protecting client information. Instances of privacy breaches are in the news more and more frequently. 

 

Canada’s Office of the Privacy Commissioner (OPC) recently released an update on the privacy breach notifications it has received since reporting of breaches became mandatory under PIPEDA in November 2018. The results may surprise you! The OPC reports that the number of data breach reports have skyrocketed. While some of those reports have involved well-known corporate names, it has also seen significant volumes coming from small- and medium-sized businesses.

 

As 2019 draws to a close, this is a great time to make sure the important - often sensitive - information you retain in client files, on your computer, laptop, even on your phone is secure and protected. Do not keep more information on clients than is needed. Review files to evaluate whether you still need the information, and always ensure client information is destroyed in a safe and secure way.

 

680 breach reports – 6X higher than previous years – over 28 million Canadians affected!

·     58% of breaches involved unauthorized access: Snooping by employees or other unauthorized individuals for reasons that can range from curiosity to financial gain. Phishing and impersonation where fraudsters use sophisticated tactics to convince employees (or anyone they’ve targeted) that they are legitimate in order to gain access to information.

·     22% involved accidental disclosure: Documents containing personal information are provided to the wrong individual (for example, an incorrect email or postal address was used, or an email was sent without blind copying recipients) or are left behind accidentally.

·     12% from loss:  Loss of a computer, storage drive or actual paper files. 

·     8% from theft: Theft of documents, computers or computer components.

 

   
   

Some OPC tips to keep your business and your clients from exposure. Remember, under PIPEDA you have breach notification requirements.

 

1.  Foster a culture of privacy. Ensure you, your business partners, and any employees understand the importance of safeguarding personal information, and the risks of not doing so.

2.  Remind employees, associates, business partners, clients of your commitment to privacy.

3.  Ensure everyone knows there will be consequences for failing to follow privacy policies, like engaging in snooping, or not taking steps to adequately protect client information.

4.  Ensure access to files is on a need to know basis. Those who don’t need access should be restricted from seeing all, or the most sensitive, information in client files.

5.  Faxing information has risks. Dialing a wrong fax number could accidentally send sensitive personal information or medical information to the wrong person. Locating a fax machine out in the open means personal information being sent or received may be visible to passers-by. Fax transmissions, like telephone calls, can be tapped and monitored. If you must fax personal information, consider buying a machine which encrypts transmissions.

 More information and tips can be found on the OPC website.

Disclaimer: IFB Bulletins are provided for informational purposes for the convenience of IFB members. They are not intended to be a comprehensive review of the topics discussed, or to be used as a substitute for professional advice.
Read more…

Privacy Sleep

Posted by Timothy Ross on November 11, 2018 at 8:26am

https://www.sleepscore.com/privacy-policy/

I started using a sleep app last week and I frankly like the insight it gives me. Helps me understand what I am doing right and what needs to improve. I gt off to a rocky start with gettig setup, minor really, I figured it out in 2 minutes. 2 minutes, wow, how impatient we have become with technology. We are very instant in our expectations. So, I am going into day seven where the data I have will the opportunity to upgrade and get more from the system by subscribing to it. Free vs Paid, which will it be. Frankly, I like free, who doesn't, however, you do get what you pay for and I get to make a decision is it worth knowing. Now, sleep is a very important part of our health, next to diet and exercie, everything from what I understand hinges on your sleep, so a small investment in such a service is incredible value when you consider everything you can learn, and help you stay on track and nudge you back to safety if you get off track. 

 

Now, when you start to get a bit serious about such a personal matter, you truly have an interest in their privacy policy. Well, I read it through and it gave me continued confidence in their product. I will post a copy of what I read in the comment section below.  I may want to double check the term sin the future and having an independent copy may prove beneficial down the road, and interesting to see how policies change overtime as needs and changes evolve. 

 

This week at conference I listened and was counseled by some incredible industry experts in the financial services, legal, tax and charity industries.  One of the hot topics was privacy , PIPEDA  The Personal Information Protection and Electronic Documents Act (PIPEDA) (the Act) is a Canadian law relating to data privacy. It governs how private sector organizations collect, use and disclose personal information in the course of commercial business.

https://en.wikipedia.org/wiki/Personal_Information_Protection_and_Electronic_Documents_Act

One of our speakers who works out of the Privacy Office of Canada , https://www.priv.gc.ca/en/ ; described their role and the whole reason behind these acts. He summed it up rather profoundly for me. The purpose of the act is to give Canadians confidence in doing business online. That's about it. The rest is the how and all the little steps and rules you have to follow, the reason is to provide confidence in the system, make it secure to ensure confidence in doing business online.  When I see all the misuse of data by government, I think it helps protect us a bit from governent sharing across platforms. That theroy is pure speculation and I have no strong feelings either way, however they have been known to breach very often and that is just what we heard about. As of Nov 1st, breachs have to be reported by everyone. 

Check out the link on privacy commission presenation and listen in on some of the best practices that we endevor to uphold and practice. 

Part 1 https://www.spreaker.com/episode/16150054

Part 2 https://www.spreaker.com/episode/16150045

 

 

Read more…