Buffett & Company provides corporate wellness consulting and administrative services.
In this regard, we regularly access, obtain and manage a variety of personal information on behalf of our clients. Personal information, for the purpose of this policy, means information that identifies an individual.
Specifically, this information can include:
- Age
- Name
- Weight
- Height
- Marital status
- Information regarding dependents
- Medical records
|
- Identification numbers
(e.g. employee numbers)
- Income
- Ethnic origin
- Blood type
- Opinions, evaluations, comments
|
Note: Personal information does not however include business name, title, business address and phone/fax number of a particular client and/or employee.
Given the focus of our work, much of what we do at Buffett & Company involves working with health, benefits or other personal employment data from our clients. Given our longstanding commitment to and understanding of privacy responsibilities, the way we have traditionally managed personal information continues to exceed external legislative requirements and remains fundamental to the way we have always done business. Effective January 1, 2004, the new Personal Information Protection and Electronic Documents Act (PIPEDA) came into effect for personal information collected, used or disclosed in the course of commercial activity. The legislation, among other things, clearly requires the disclosure of the purpose for which personal information is collected at or before the time the information is collected. Appropriate consent to the collection, use and disclosure of personal information must be obtained.
In order to ensure that our clients are assured that, as a third party provider, we comply with this legislation, this document outlines our current philosophies and practices with respect to personal client data. Moreover, given the spirit and intent of this legislation,
we believe that, as an external agent, we can provide added assurance to employees
that sensitive health and benefits information remains separate and secure in the custodianship of a third party provider apart from other workplace information and
contact personnel resident onsite. We are proud of our commitment to ensure that we continue to review and evolve our privacy practices to maintain the ongoing trust of both our clients and partners.
>> next page |
