Many concerns linger one year after privacy implementation: OIAA Claims 2005

A full year into the implementation of the federal Protection of Information Privacy and Electronic Documents Act (PIPEDA), many issues remain unresolved for insurers, lawyers told delegates of the Ontario Insurance Adjusters Association (OIAA) Claims 2005 Conference in Toronto Wednesday.
Lawyer Lee Samis, of Samis & Co., says there is still a great deal that is undecided about how the Privacy Commission will react to issues insurers may face. He gives the example of an adjuster taking a claimant’s accident information and giving this to company underwriters to use in assessing rates for the policyholder’s next renewal. Even if the claimant has given consent to have the information used to process their claim, they are not likely to consent to its use in underwriting. “If you actually applied the legislation to the letter, all commerce would stop,” Samis says, partly because the language in the act is so broad.
Another example is if a claimant were to give information about others involved in an accident passengers in the vehicle, or the driver of the other car, etc. there exists the potential for those other parties to claim a breach of privacy because they have not given the insurer consent to collect or use their information, Samis explains.
Other areas where he sees potential problems are in poorly written company privacy statements which Samis says in some cases are “a joke”. And also, there is a potential problem in the expectation that claimants can request to view and potentially change what they perceive as “errors” in their claim file information. And there remains the question of what insurers can disclose to their reinsurers in the course of obtaining reinsurance.
Insurers may also have issues when it comes to surveillance used investigating claims, adds Neil Colville-Reeves, also of Samis & Co. He says recent cases suggest there is some grounds for using surveillance but that insurers may have to show that there was some reasonable expectation of fraud based on other information or assessments to justify the surveillance. Unfortunately, “many claims files put in surveillance as a matter of course,” he says, and this may no longer be acceptable. The question now is, “how much evidence do you need before you undertake surveillance?”