All businesses engaged in commercial activities must comply with the Personal Information Protection and Electronic Documents Act (the “Act”) and the Canadian Standards Association Model Code for the Protection of Personal Information, which it incorporates. These obligations extend to lawyers and law firms, including Maxine M. Kerr, Family Law & Mediation. The Act gives individuals rights concerning the privacy of their respective personal information. I am responsible for the personal information I collect and hold. To ensure this accountability, I have developed this policy.
WHY DO I NEED PERSONAL INFORMATION?
In order to provide prospective clients and clients with advice and opinions, and to act on a client’s behalf, I need to know personal information relevant to the matters in issue.
WHAT PERSONAL INFORMATION DO I COLLECT?
Personal information is any information that identifies a person, or by which a person’s identity could be deduced. If I did not collect and use a client’s personal information, I could not provide that client with legal services.
HOW DO I COLLECT A PERSON’S PERSONAL INFORMATION?
I collect information only by lawful and fair means. Wherever possible, I collect personal information directly from a client. Where a client has provided consent, I may obtain information from a third party. Sometimes, information will be available from the public record.
In most cases, a client’s consent to the collection, use or disclosure of information for agreed-upon purposes will be express. Depending upon the circumstances, that consent may be written or oral. Sometimes, a client’s consent may be implied through his/her conduct with me.
USE OF A CLIENT’S PERSONAL INFORMATION
I use a client’s personal information to provide legal advice and services and to administer client-related databases (such as time, billing and direct marketing).
I do not disclose a client’s personal information to any third party to enable that party to market its products and services. To do so would, in any event, constitute a breach of the duty of confidentiality that I owe a client.
DISCLOSURE OF A CLIENT’S PERSONAL INFORMATION
Under certain circumstances, I will disclose a client’s personal information:
– when required or authorized by law to do so, for example, pursuant to Court Order or obligation;
– when a client has consented to the disclosure;
– when the legal services I am providing requires me to disclose information to third parties;
– where necessary to establish or collect fees;
– if I engage expert witnesses or agents on a client’s behalf;
– if I retain another law firm to act as an agent on a client’s behalf; or
– if the information is already publicly known.
UPDATING A CLIENT’S PERSONAL INFORMATION
Since I use a client’s personal information to provide legal services to that client, it is important that the information be accurate and up-to-date. If, during the course of a retainer, any of a client’s information changes in a way that is material to the matters that are the subject of my retainer, I should be updated of such changes.
IS A CLIENT’S PERSONAL INFORMATION SECURE?
I take all reasonable precautions to ensure that a client’s personal information is kept safe from loss, unauthorized access, modification or disclosure. Among the steps taken to protect a client’s information are:
– premises security;
– restricted file access to personal information; and
– technological safeguards, like security software and firewalls, to prevent hacking or unauthorized computer access.
A CLIENT’S ACCESS TO PERSONAL INFORMATION
A client may ask for access to any personal information that I hold about him or her. Summary information is available on request. More detailed requests which require archive or other retrieval costs may be subject to reasonable professional and disbursement fees.
If I hold information about a client that is not accurate, complete and up-to-date, of which a client advises me, I will take reasonable steps to correct the error.
CAN A PERSON BE DENIED ACCESS TO HIS/HER PERSONAL INFORMATION?
A person’s rights to access personal information are not absolute. I may deny access in circumstances including the following:
– denial of access is required or authorized by law (for example, when a record containing personal information about a person is subject to a claim of legal professional privilege by a client of mine); or
– where the request is frivolous or vexatious.
If I deny a request for access to or refuse a request to correct information, I shall explain why.
I do not use a person’s Social Insurance Number as a way of identifying or organizing the information I hold.
CAN A PERSON REQUEST ANONYMITY?
General information may be accessed through my website. Any request for specific advice or service will require a person to disclose his/her identity.
COMMUNICATING WITH ME
Since e-mail is not a 100% secure medium, that fact should be kept in mind in sending any e-mail containing personal or confidential information.
REQUESTS FOR ACCESS
If there are any questions, or if a person wishes to access his/her personal information, please write to me at the contact information reflected on my website, www.maxinemkerr.ca.
If my response is not satisfactory, the Privacy Commissioner of Canada can be reached at
112 Kent Street,
Ottawa Ontario, K1A 1H3
On my website, like most other commercial websites, I may monitor traffic patterns, site usage and related site information in order to optimize my web service.