Feds investigating credit score mishandling
Concerns about insurance companies using credit scores improperly have reached the federal government.
The Office of the Privacy Commissioner of Canada (OPC) has been looking into a complaint that an insurer accessed a customer’s credit score without the client’s consent.
“We are investigating this particular issue,” explains Anne-Marie Hayden, spokesperson for the commission, which investigates and reports on privacy issues under the auspices of Privacy Commissioner Jennifer Stoddart.
Hayden explained during a mid-March interview that the OPC can’t disclose the names of the complainant and the respondent organization. However, the government privacy watchdog has to assess whether or not the issue violates Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), which lays out just what companies are allowed to do with personal customer information.
Judging from OPC documents, the organization was at the second stage of the investigation process when Canadian Insurance spoke with Hayden. The second stage is the initial analysis, where staff members review the matter to determine if the allegations could contravene the Act.
The investigator assigned to the case then has to report back to the parties involved and tell them what he or she plans to recommend to the Privacy Commissioner, who makes the final decision on whether to give the organization recommendations on remedying the situation.
If the commissioner decides PIPEDA has been contravened, she provides the recommendation to the company and requests that firm fixes the situation within a certain time frame.
“The federal Privacy Commissioner is an ombudsman and does not have order-making powers,” Hayden says. “She can, however, take the matter to the Federal Court if the organization determines that it will not implement her recommendations.”
Industry advocates suggest brokers should connect with the Privacy Commissioner if they come across incidents of carriers using credit scores without customer consent. However, Hayden suggests a preliminary step: Connect with the insurance company’s own information-privacy officer first. If the issue isn’t resolved that way, then contact the Privacy Commissioner, says Hayden.
© Copyright 2010 Rogers Publishing Ltd. This article first appeared in the April 2010 edition of Canadian Insurance Top Broker magazine.