People Corporation has policies in place with respect to privacy and accessibility, applicable to all entities and divisions. Full details are provided below.


People Corporation and you – Partner in Privacy

In responding to the requirements of PIPEDA, People Corporation has developed its Privacy Policy and Complaint Procedure, identifying how plan member information will be handled, shared, stored and destroyed. Please review our policy and complaint process statements to ensure they are in alignment with your own privacy policy and practices. It is the responsibility of each employer to obtain the consent of each employee and where applicable, each employee’s spouse/partner, identifying how their personal information will be used and shared with respect to outsourced services, such as group health plans. It is our expectation that such consent will be obtained by you prior to providing People Corporation with personal information about an individual.

Knowledge and Consent

The central concepts of PIPEDA are Knowledge and Consent. Under PIPEDA, organizations are required to obtain the consent of individuals before acquiring and handling their personal information. In obtaining consent, it is the responsibility of the organization to identify the purpose(s) for which the personal information is being collected, as well as how it will be used, disclosed, etc., when the information is collected. The use or disclosure of such information is limited only to those purposes consented to by the individual.

People Corporation Privacy Policy

People Corporation will make every effort to ensure that personal information regarding group benefit plan members, their spouses/partners and/or eligible dependents is handled, secured, shared and destroyed using means that reflect the spirit of enacted privacy legislation. Only the information necessary to effectively administer each group benefits plan; obtain quotes for underwritten/insured products within that plan; verify the identity and eligibility of a plan member, spouse or eligible dependent; adjudicate and pay eligible claims; and audit plan expenditures will be collected and used by People Corporation. Such information will only be provided to those insurers/adjudicators contracted by People Corporation to provide services within the plan. Health benefit providers contracted to provide services through People Corporation will be required to have their own privacy policy and practices defined and in operation. People Corporation will endeavour to strike a reasonable and appropriate balance between individuals’ privacy rights, and the requirements of People Corporation to collect, use, disclose and report such information in the operation of the plan. People Corporation’s Privacy Policy will be reviewed from time to time to ensure it is accomplishing its purpose and as may be necessary to respond to changes in legislation.

People Corporation Privacy Practices

Enrolment and claims information will be collected from plan sponsors for their plan members:

  • To enrol the employee (and spouse/partner/eligible dependents where applicable) in the elected plan coverage, to correct or amend member information, or to implement changes to coverage that may be enacted over the term of the plan;
  • To verify eligibility and authenticate the identity of the employee and/or eligible dependents;
  • To ensure benefits are paid in accordance with the policy provisions;
  • To protect the plan from undue expenses due to error or fraud by auditing and reporting on plan activity to the plan sponsor;
  • To only use such information as is required to provide the services outlined in the group benefits contract.

Enrolment and other plan member records will be secured in locked cabinets while on People Corporation premises. Such documentation will be retained for a reasonable period of time after the member has left the plan, or after the plan has terminated, to ensure any and all outstanding claims can be adjudicated in accordance with the plan design. When documentation is destroyed it will be shredded.

People Corporation Complaint Process

The following process will be used when responding to Privacy Act complaints:

  • The complaint should be made in writing to the People Corporation Privacy Officer at
  • The Privacy Officer will investigate the complaint and provide a written report of his/her findings to the Executive Team of People Corporation. The investigation will require sufficient time so as to be thorough; however, will be completed in a timely manner;
  • The Executive Team will respond to the complainant outlining the outcome of the investigation and if necessary, identify any remedial steps that will be taken to resolve the complaint and the timeframe in which such steps will be completed;

A copy of the complaint, the investigation report, the outcome, along with a record showing the completion of any required remedial steps will be retained by People Corporation and will be made available to the Privacy Commission at their request.