Privacy
Privacy Policy
Introduction
The Insurance Council of British Columbia (the “Council”) is a regulatory body under the
Financial Institutions Act (the “Act”) responsible for the licensing and regulation of insurance agents, insurance salespersons, and insurance adjusters. Council is committed to protecting the personal information of all individuals who come within its ambit, including applicants for licences issued by Council, licensees, members of the public who may be involved in Council’s investigation and discipline functions, and employees and members of Council.
Council’s Privacy Policy addresses Council's collection, use, and disclosure of personal information in the operations of Council, its obligation to secure personal information, and its obligations generally as a public body under the
British Columbia Freedom of Information and Protection of Privacy Act (“FOIPPA”).
Definitions
“Personal Information” is defined under FOIPPA as recorded information about an identifiable individual other than contact information. “Contact Information” is defined under FOIPPA as information to enable an individual at a place of business to be contacted, including the individual’s name, position or title, and business address, telephone number, email, and fax number.
“Licensee” includes an individual or an entity who holds, or who previously held, a licence with Council.
Accountability
Council is responsible for protecting personal information that is within its custody or under its control. Council is also responsible for ensuring that its employees and members comply with its privacy policies and with FOIPPA. Council has designated a Privacy Officer who is responsible for co-ordinating Council’s compliance with this policy and with Council’s obligations generally under FOIPPA.
Collection of Personal Information
Council collects personal information about individuals applying to write licence qualification examinations and individuals applying for a licence within the defined classes of licences issued by Council, including persons who are related to a licence, for the purposes of assessing the licence application and regulating the conduct of licensees in accordance with its statutory mandate under the Act. Council also collects personal information pertaining to third parties, including agencies, insurers, and service providers to Council.
Council may, in accordance with FOIPPA, collect personal information about licence applicants and licensees from third parties without consent of or notice to the applicant or the licensee, for the purpose of assessing licence applications and conducting investigations into a licensee’s conduct and compliance with the terms and conditions of the licence, Council Rules, and/or the Act. Council may also collect personal information about complainants and witnesses in a Council investigation for the purposes of the investigation.
Use and Disclosure of Personal Information
Council uses the personal information collected from examinations, licence applicants, and licensees for the purposes of communicating with applicants for examinations, assessing applicants for licences, and regulating the conduct of licensees in accordance with the Council’s statutory mandate under the Act. Council also uses the personal information of licensees for the purposes of administering Council’s continuing education program, compiling and maintaining licensee files, communications with licensees, to provide services to licensees, and when required or permitted by law.
Council may disclose personal information about an applicant or a licensee to other regulatory bodies, law enforcement agencies, an applicant’s or licensee’s employer, or insurers, without the consent or without notice to the applicant or the licensee in accordance with applicable law, including FOIPPA and the Act.
Council may disclose information, including personal information, obtained in accordance with a request made by Council or an obligation imposed on Council under the Act for the purpose of administering the Act and the regulations, for the purposes of a prosecution or if required by law.
Council may, in accordance with FOIPPA and the Act, disclose to the public, personal information about an applicant or licensee that is contained in a decision made by Council, which it is required to maintain. Council will, wherever possible, anonymize in its decisions any personal information of complainants and witnesses who are not applicants or licensees.
Accuracy and Correction of Personal Information
Council is required to make every reasonable effort to ensure that any personal information in its possession is accurate and complete. An individual can ask Council to correct any errors or omissions in his or her personal information. Requests for correction of individual information, other than information of Council employees or members, should be directed to Council’s Privacy Officer.
A request for a correction of information made by an applicant or licensee will take into consideration their obligations under the Act to provide certain information to Council.
Record Retention and Disposal
Council retains records containing the personal information of licence applicants and licensees in accordance with its obligations under the Act. Council retains all other records containing personal information in accordance with FOIPPA.
Council disposes of Council records in accordance with its policy on records management.
Physical and System Security
Council employees and members are required to keep all information related to Council matters confidential. Council employees and members may only access Council records that are necessary for the performance of their duties. Access to Council’s electronic records is protected by security measures.
Privacy Breach Response
Employees and members of Council are required to immediately report any breach of privacy, or suspected breach of privacy, to Council’s Privacy Officer. A breach of privacy includes unauthorized external or internal access to Council’s physical records or electronic records, misdirected communications, including mail, fax, and electronic communications, and the loss or theft of physical records or electronic records stored on portable data storage devices.
Council’s Privacy Officer will co-ordinate a review of the matter with Council’s management team and investigate all reported privacy breaches or suspected privacy breaches. Where a privacy breach has occurred, Council may notify the affected individuals and may report the breach to the Office of the Information and Privacy Commissioner or to the police.
Responding to Access Requests Under FOIPPA
Council is a public body and is therefore subject to the access provisions in FOIPPA. The public’s rights of access to Council records may include records containing the personal information of licensees and other individuals involved in Council’s regulatory functions.
All requests for access to Council records must be referred to Council’s Privacy Officer.
Complaints
Council is committed to having an accessible and responsible complaint-handling process in place to ensure the public is able to express concerns about Council’s compliance with FOIPPA. Concerns or complaints regarding Council’s collection, use or disclosure of an individual’s personal information or a breach or potential breach of an individual’s privacy, should be referred to Council’s Privacy Officer.
Unresolved privacy concerns may be referred to the Office of the Information and Privacy Commissioner of British Columbia.
Website Privacy
Council is committed to protecting the privacy of persons whose personal information it holds through responsible information management practices. Any personal information provided to Council is collected, used, and disclosed in accordance with the Freedom of Information and Protection of Privacy Act or other applicable legislation.
Information Automatically Collected
When you visit Council’s website to browse, read pages or download information, we will gather and store certain information about the visit. The following information is automatically collected and stored:
- The Internet Protocol Address and domain name used. The Internet Protocol Address is a numerical identifier assigned either to your Internet service provider or directly to your computer. This address can be translated to determine the domain name of your service provider (e.g. gov.bc.ca, xcompany.com or yourschool.edu);
- The type of browser and the operating system used;
- ·The date and time of the visit; and
- The web pages or services accessed.
Information collected automatically is used only for website management. Council does not use this data to determine your identity unless required to do so as part of an internal investigation or law enforcement purpose.
Links to Other Sites
Visitors should be aware that if they link to another site, this Privacy Policy will not apply. Council is not responsible for the privacy practices or content of external websites.
Cookies
A cookie is a small file stored on your computer by your web browser when using some internet sites. Cookies can also store personal information such as your name, e-mail address, home or work address, or telephone number. Persistent Cookies can use this type of personal information to identify you whenever you access a website. Sessional Cookies are used to help you move around our website and do not store personal information. Sessional Cookies are valid only during the time you are actually using the website.
Council does not use Persistent Cookies (which may store personal information) but may use Sessional Cookies (which do not store personal information).