Reinsurance Management Associates, Inc. (“RMA, Inc.”) receives personal information from various parties, whether they may be individual clients, insurance brokers, insurance companies, or reinsurers (“Companies”). It is in our highest interest to protect the privacy and handle such sensitive information with confidentiality and due care, and in accordance with the Personal Information Protection of Electronic Documents Act (“PIPEDA”) and other applicable governing laws and regulations.
Purpose of Personal Information Usage
RMA, Inc., uses and retains the data collected, in order to provide and conduct marketing, consulting, underwriting and administrative services for the production, underwriting and servicing of insurance and reinsurance business.
The purpose of the personal information collected will be identified prior and during the time of collection.
All personal information that is collected, used, processed or disclosed shall be accurate, complete, current and limited to what is necessary for the identified lawful purposes, in order for RMA, Inc., to manage and provide its services.
Collection of Personal Information
RMA, Inc., collects necessary personal information such as name, date of birth, social security, gender, occupation, health status, medical and financial history, directly with the consent of individuals or insurance entities.
RMA, Inc., does not collect personal information indiscriminately, but may collect personal information indirectly from insurers, reinsurers, insurance brokers, third party medical practitioners, agents or appointed consultants, in connection with and in the course of the insurance business services.
All personal information is collected, used and disclosed only with the consent of the individual, authorized representatives, and Companies with the exceptions outlined under PIPEDA and other governing applicable laws and regulations.
Consent for the collection, usage, and disclosure of such personal information for the purposes of RMA, Inc.’s services may be expressed or implied, and may be given verbally, electronically, in writing, or through an authorized representative.
Individuals or insurance entities may withdraw their consent, subject to legal or contractual limitations and reasonable notice. Consequences of withdrawal of consent may include the termination of a policy or the inability to process a claim.
RMA, Inc., is responsible for the personal information in its control, including information that has been transferred from sources such as, authorized representatives, insurance companies, brokers, reinsurers, consultants, contractors and third party medical practitioners.
An authorized individual may request to correct and update the personal information collected. Such authorized person also may be informed of the existence, the usage, and the disclosure of personal information collected.
This information will be provided to authorized individuals subsequent to the receipt of written requests.
RMA, Inc., retains and safeguards all copies of all documents. RMA, Inc. will provide all necessary documents to its client companies, in accordance with the terms of mutual written agreements. Inspection of records can be performed during normal business hours and is subject to prior written approval by our company clients.
In the case of reinsurance and/or retrocession transactions, RMA, Inc. does not have direct contact with the individual policyholder or insured, and therefor the accessibility of information by an authorized individual is not applicable.
Limiting use, disclosure and retention
RMA Inc., may disclose any personal information collected or received as mentioned above from authorized individuals, medical practitioners, agents, appointed consultants and Companies to other parties who assist us in providing the insurance business services, subject to Non-Disclosure and Confidentiality agreements. RMA, Inc., will not otherwise disclose any personal or confidential information to anyone without consent, unless such information is an exception under any applicable governing laws.
All personal information collected is retained only as required and permitted by applicable laws and regulations. Any information that is kept longer than legally required may be destroyed, erased or rendered anonymous.
RMA, Inc., has developed and implemented strong data security and privacy practices, including physical, organizational and technological measures, to ensure the security of the information collected and to safeguard the information from unauthorized and unlawful access, disclosure, and usage.
All RMA, Inc., partners, employees, contractors and consultants are made aware and trained to adhere to RMA, Inc.’s policies, and procedures for the collection, and handling of personal, confidential and proprietary information.
Any RMA, Inc., partners or employee who breaches the company’s policies and the professional code of conduct would be subject to disciplinary action. Any violation of the terms of the agreements with the contractors or consultants will stipulate the process of termination.
Security and Data Protection Procedures
All personal information collected or sent by RMA, Inc., is transmitted over LAN use, through administrative system and by the network. This administrative system is housed separately which allows restricted access for specified RMA, Inc., staff members, consultants and contractors.
All incoming and outgoing data to and from RMA, Inc., including personal information, is monitored and filtered on a regular basis by RMA, Inc., ‘s firewall, malware, spyware and anti-virus protection software. This IT management system is established to secure and protect all personal information against accidental, unauthorized, or unlawful destruction, loss, alteration, disclosure or access such personal and confidential information.
All access to employees’ desktop computers and RMA, Inc.’s Administrative Systems are individualistically password protected. RMA, Inc., staff and third party workers change their passwords frequently, in accordance with RMA, Inc.’s security policy guidelines.
The security of all information is maintained, at a minimum, using UserID and password protection. Higher risk information, such as sensitive data, is encrypted and uses different levels of administrative platforms and restrictions.
All hardcopy files are also stored in locked cabinets.
All personal and confidential information remains the sole property of RMA, Inc., upon completion of work assignment and upon request. All RMA, Inc., partners, employees shall return RMA, Inc.’s, property, including hardware, software, data and files.
If you have any inquiries and/or concerns regarding privacy information, please contact:
Chief Information Officer
170 University Ave, Suite 500
Phone: (416) 408-2797 | Fax: (416) 408-2262| Email: [email protected]