Insurance Claims and Privacy: A Rapidly Changing Landscape - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Insurance Claims and Privacy: A Rapidly Changing Landscape

Description:

PIPEDA recognizes public interest in collecting, using and disclosing personal ... Manitoba. Personal Health Information Act. Saskatchewan. Health Information ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 25
Provided by: ipc12
Category:

less

Transcript and Presenter's Notes

Title: Insurance Claims and Privacy: A Rapidly Changing Landscape


1
Insurance Claims and Privacy A Rapidly Changing
Landscape
  • Ann Cavoukian, Ph.D.
  • Information Privacy Commissioner/Ontario
  • CICMA and CIAA Joint Conference
  • February 3, 2004

2
Impetus for Change
  • Growth of privacy as a global issue
  • EU Directive on Data Protection
  • Increasing amounts of personal data collected,
    consolidated, aggregated
  • Consumer backlash heightened consumer
    expectations

3
Importance of Consumer Trust
  • In the post-9/11 world
  • Consumers either as concerned or more concerned
    about online privacy
  • Concerns focused on the business use of personal
    information, not new government surveillance
    powers
  • If consumers have confidence in a companys
    privacy practices, they are more likely to
  • Increase volume of business with
    company.... 91
  • Increase frequency of business.... 90
  • Stop doing business with company if PI
    misused83
  • Harris/Westin Poll, Nov. 2001 Feb. 2002

4
How The Public Divides on Privacy
The Privacy Dynamic - Battle Dr. Alan
Westin for the minds of the pragmatists
5
Information Privacy Defined
  • Information Privacy Data Protection
  • Freedom of choice control informational
    self-determination
  • Personal control over the collection, use and
    disclosure of any recorded information about an
    identifiable individual

6
Fair Information PracticesA Brief History
  • OECD Guidelines on the Protection of Privacy and
    Transborder Flows of Personal Data
  • EU Directive on Data Protection
  • CSA Model Code for the Protection of Personal
    Information
  • Canada Personal Information Protection and
    Electronic Documents Act (PIPEDA)

7
Summary of Fair Information Practices
  • Accountability
  • Identifying Purposes
  • Consent
  • Limiting Collection
  • Limiting Use, Disclosure, Retention
  • Accuracy
  • Safeguards
  • Openness
  • Individual Access
  • Challenging Compliance

8
Federal Private-Sector Privacy Legislation
  • Personal Information Protection and Electronic
    Document Act (PIPEDA)
  • Staggered implementation
  • Federally regulated businesses, 2001
  • Federal health sector, 2002
  • Provincially regulated private sector, 2004

9
Extension of PIPEDA
  • As of January 1, 2004, PIPEDA has extended to
  • ? all personal information collected, used or
    disclosed in the course of commercial activities
    by provincially regulated organizations
    (including insurance companies and independent
    insurance adjusters)
  • ? unless a substantially similar provincial
    privacy law is in force

10
Provincial Private-Sector Privacy Laws
  • Québec Act respecting the protection of personal
    information in the private sector
  • B.C. Personal Information Protection Act
  • Alberta Personal Information Protection Act
  • Ontario draft Privacy of Personal Information
    Act, 2002 not introducedso PIPEDA applies

11
PIPEDA General Consent Rule
  • Assume insurance company and adjuster are in
    Ontario (PIPEDA applies)
  • Knowledge and consent of the individual are
    required for the collection, use, or disclosure
    of personal information, except where
    inappropriate
  • In insurance claims where there is no suspicion
    of fraud, adjuster should only collect, use and
    disclose personal information with knowledge and
    consent of policyholder

12
Fraud Investigations
  • Privacy is not an absolute right it needs to be
    balanced against other interests
  • PIPEDA recognizes public interest in collecting,
    using and disclosing personal information without
    knowledge and consent of individual for fraud
    investigations

13
Consent Exceptions in PIPEDA
  • Investigative bodies designated in regulations
    may receive and disclose personal information
    without knowledge and consent of individual to
    investigate a breach of an agreement or a
    contravention of the laws of Canada or a province

14
PIPEDA Regulations
  • November 6, 2003 Industry Canada issued notice
    to amend PIPEDA regulations to include additional
    organizations as investigative bodies
  • Insurance adjusters and private investigators
    included in proposed list (among others)
  • Amended regulation expected to come into effect
    very soon (within the next month)

15
Protecting Privacy During Investigations
  • Investigative body status will not give
    insurance adjusters unlimited power to collect,
    use and disclose personal information without
    consent
  • Adjusters should only collect, use and disclose
    minimum amount of personal information necessary
    for purposes of investigation
  • They should also ensure that any third parties
    that are retained (e.g., private investigators)
    do not violate privacy laws when assisting with
    claims investigations

16
Personal Health Information
  • For some claims, insurance adjusters collect, use
    and disclose policyholders personal health
    information (PHI), which is considered highly
    sensitive
  • Justice Krevers Report on the Confidentiality of
    Health Information, 1980
  • The IPC has been calling for legislation to
    protect personal health information since 1987

17
Provincial Health Privacy Laws
  • Alberta
  • Health Information Act
  • Manitoba
  • Personal Health Information Act
  • Saskatchewan
  • Health Information Protection Act

18
Ontario Health Information Protection Act, 2003
(HIPA)
  • Ontario government introduced health privacy bill
    (Bill 31) on December 17, 2003
  • Referred to Standing Committee on General
    Government, which is currently holding public
    hearings and receiving submissions
  • Expected to come into effect July, 2004

19
General Principles
  • HIPA establishes rules governing the collection,
    use and disclosure of personal health information
    by health information custodians and other
    persons
  • Health information custodians are defined as
    persons who have custody or control of personal
    health information as a result of the work that
    they do or in connection with the powers or
    duties they perform

20
Consent
  • HIPA allows for implied consent for disclosure of
    PHI within a patients circle of care (e.g., from
    a family physician to a specialist or a lab for
    testing)
  • HIPA requires express consent for disclosure of
    PHI outside the circle of care (e.g., from a
    family physician to an insurance adjuster)

21
Disclosure Without Consent
  • HIPA allows health information custodians to
    disclose PHI without consent only in specific and
    limited circumstances (e.g., to reduce a risk of
    serious bodily harm to a group of persons)
  • Section 42 of HIPA deals with disclosures related
    to HIPA and other Acts

22
Investigations Section 42(1)(g)
  • Section 42(1)(g) of HIPA allows a health
    information custodian to disclose personal
    information about an individual to a person
    carrying out an inspection, investigation or
    similar procedure that is authorized by a warrant
    or under an Act of Ontario or Canada for the
    purpose of complying with the warrant or that
    Act.

23
Final Thought
  • The privacy landscape is rapidly changing
  • Be aware of both PIPEDA and Ontarios proposed
    health privacy legislation (HIPA) when
    investigating and settling insurance claims

24
How to Contact Us
  • Commissioner Ann Cavoukian
  • Information Privacy Commissioner/Ontario
  • 80 Bloor Street West, Suite 1700
  • Toronto, Ontario M5S 2V1
  • Phone (416) 326-3333
  • Web www.ipc.on.ca
  • E-mail commissioner_at_ipc.on.ca
Write a Comment
User Comments (0)
About PowerShow.com