Forbes Andersen LLP (the “Firm”) and all its members shall safeguard and keep confidential any information collected relating to clients that is required to be kept confidential and safeguarded in accordance with governing laws, regulatory authorities, Rules of Professional Conduct / Code of Ethics, Firm policy and specific client instructions or agreements.
Scope of Policy
Confidential information includes, but is not limited to:
- Name or other unique identifiers;
- Addresses, phone, fax, e-mail;
- Age, sex, marital status, sexual orientation, personal relationships;
- Political, religious, social or other similar affiliations;
- Lifestyle information;
- Buying and consumption tendencies;
- Financial or business information of any nature;
- Proprietary trade information, secrets, processes, products or market knowledge;
- Government or other regulatory information identification numbers or similar identities; and
- Electronic documents, data and communications.
Collection and Retention of Information
The Firm and all its members shall collect and retain only such personal or business information as is necessary for the purposes required in fulfiling the Firm’s engagement responsibilities. Personal and client information shall be retained only as long as necessary for the fulfilment of those purposes or for professional, regulatory and legal requirements.
Access and Use of Information
Client information and any personal information obtained shall be used or disclosed only for the purpose for which it was collected, except with the consent of the individual or entity or as required by law.
Upon request, an individual or client shall be informed of the existence, use, and disclosure of their personal information and shall be given access to same. Such information does not necessarily include working papers, which are the property of the Firm.
Staff Confidentiality Agreement
Staff are required to sign a confidentiality agreement upon commencement of employment.
Role of the Privacy and Confidentiality Leader (PCL)
The Managing Partner may designate a partner or senior staff member to be responsible for overseeing compliance with the Firm’s policies and procedures with regard to privacy and confidentiality. The duties of the privacy and confidentiality leader are as follows:
- To review federal/provincial privacy legislation and any guidance provided by the CICA;
- To inform and train partners and staff on privacy and confidentiality policies and supporting documentation;
- To ensure a confidentiality agreement is signed by all staff upon commencement of employment;
- To ensure the Firm’s privacy and confidentiality policies and procedures are complete and up-to-date, including:
- Issue resolution and management guidance, documentation tools included in checklists, work programs and templates;
- Wording for inclusion in standard engagement letters and for general authorization; and
- Maintaining protocols for all Firm members to follow including electronic data, file and information safeguards;
- To develop and maintain the infrastructure required to protect the privacy and confidentiality of information held by the Firm;
- To be the authority for the Firm in resolving questions of privacy and confidentiality;
- To conduct periodic checks on compliance with the Firm’s policies and procedures; and
- To initiate and administer staff and partner disciplinary procedures and sanctions for non-compliance.
If you have any questions or comments about our policies and procedures regarding your privacy, we ask that you contact Managing Partner Paul Andersen at your convenience.