A privacy breach involving customers’ car insurance files has netted a Winnipeg insurance broker a $1,000 fine.
Manitoba Community Insurance determined that past slide broker Basil Galarnyk accessed client details 42 moments devoid of accomplishing any transactions and with “no discernible reason” for accessing the files, a willpower panel has found.
As a end result, MPI suspended Galarnyk’s authority to do MPI business enterprise for 1 week in October 2015.
MPI knowledgeable the Insurance Council of Manitoba, which regulates insurance brokers.
In the ICM investigation, Galarnyk admitted that in 11 circumstances he accessed client files for needs this sort of as seeking to discover a dropped insurance validation sticker and working with queries around a monthly bill of sale.
‘No discernable reason’
But the investigation also found 31 other situations in which Galarnyk accessed client accounts for “no discernible reason,” and attained details devoid of finding authorization and devoid of recording client remarks.
The April 2016 ICM decision stated these had been violations of privacy legislation, which include the Flexibility of Info and Security of Privacy Act, as very well as the Private Info Security and Digital Documents Act.
“Manitoba Community Insurance’s client details is to be accessed by company workers only in buy to respond to a client inquiry or method a transaction for the client,” say Autopac company working standards outlined in the decision.
“Autopac agents are not to accessibility any customer’s Autopac on the net file underneath any other circumstance, this sort of as to establish if a client has renewed their coverage,” the standards condition.
Answering client queries
In his rationalization to the insurance council, Galarnyk stated he was “basically answering client queries” when he accessed the files but unsuccessful to make entries indicating that.
“Every person companies their shoppers, but in my case, I failed to make any comment in the files ,” Galarnyk told CBC News.
“Clients phone us all the time and check with us queries, proper?” he discussed. “You go into the file and glimpse at it.”
Galarnyk stated brokers are often in and out of the program as a portion of day to day business enterprise.
“You response no matter what issue, you shut it, and then it’s done,” he stated.
Privacy education demanded
Galarnyk compensated the $1,000 fine plus $225 toward investigation costs and was demanded to full a privacy education system, the report stated.
“He pointed out he would adhere to the demanded exercise in the long term,” the decision stated.
MPI told CBC News it became informed of the privacy issue by means of a typical audit of client transactions processed by Autopac agents. A spokesperson stated commonly 4 or five incidents are discovered each year, though not all are found to be breaches of the Freedom of Info and Security of Privacy Act.
Manitoba has 295 Autopac organizations that had been collectively compensated $eighty million past year to deliver car insurance companies.
ICM views publication of its disciplinary conclusions to be in the community fascination and posts them on its website.
In a 2015 case, MPI notified the insurance council that contrary to coverage, 1 company was accessing client files “to advise the buyers of the expiration of their driver licences or vehicle insurance for the function of soliciting renewal business enterprise,” a willpower decision stated.
That case also netted a fine of $1,000.
In a 2014 decision, an insurance agent was fined for reasons that bundled retaining individual documents containing “details of a hugely private and sensitive nature” in an open and unsecure drawer in the office environment, fairly than shredding documents or retaining them in a locked cabinet.