Working from home? Careful with your client information

Brokers need to be mindful of how they protect their clients’ information in the digital age, particularly when they transfer information to and from their office to work remotely from home.

“We recognize that the digital era is upon us, but along with that, none of the rules have changed with respect to protecting clients’ privacy,” says Tim Goff, director of department of complaints and investigations at Registered Insurance Brokers of Ontario (RIBO), Ontario’s broker regulator.

“It really isn’t any different when you are looking at paper. If you took the hard copy of a file out of the office, you have to protect it, you have to take necessary steps — you wouldn’t leave it exposed in a car, for example. You certainly would take care that you don’t lose this confidential information and expose the consumer.”

A broker in Windsor, Ont. recently got into hot water when she forwarded emails containing a client list of the brokerage to her personal email account. Melissa-Lynn Colleen Wiszowaty pleaded guilty and received a reprimand from RIBO. If she decides to reinstate her license, her registration would require her to act under supervision for at least five years.

Section 14.5 of RIBO’s Code of Conduct requires a member to hold in strict confidence all information related to the business and affairs of the client acquired during the course of a professional relationship.

Section 14.6 of the Code of Conduct states the broker “shall observe all relevant rules and laws when regarding the preservation and safekeeping of property of the client entrusted to the member.” If no such laws exist, or if there is any doubt, the broker is required to “take the same care of such property as a careful and prudent person would take of the person’s own property of like description.”

Speaking generally, and not about any specific case, Goff acknowledges a variety of reasons for a broker to transfer client information from one place to another, some legitimate, others not.

“A brokerage and or the principal broker is expected to put the necessary steps in place when they do have people working remotely,” he said. “There are certainly all kinds of technological choices to make in protecting that information, so the brokerage should certainly take the necessary steps to make sure that they have a secure, outside station to which they can advance their information and also have some form of monitoring in effect on that.”

RIBO is currently putting together a best practices guide that deals specifically with keeping clients’ information safe in the digital age of working remotely.

“Certainly, this goes on all the time where people work remotely and it’s going to become a normal way of life, so the steps [towards protecting client information] are necessary,” Goff said.