Forbes Andersen LLP and/or Forbes Andersen Limited (the “Firm”) and all its members shall safeguard and keep confidentialany information collected relating to clients that is required to be kept confidential and safeguarded in accordance withgoverning laws, regulatory authorities, Rules of Professional Conduct / Code of Ethics, Firm policy and specific clientinstructions or agreements.
Confidential information includes, but is not limited to:
Name or other unique identifiers;
Addresses, phone, fax, e-mail;
Age, sex, marital status, sexual orientation, personal relationships;
Political, religious, social or other similar affiliations;
Buying and consumption tendencies;
Financial or business information of any nature;
Proprietary trade information, secrets, processes, products or market knowledge;
Government or other regulatory information identification numbers or similar identities; and
Electronic documents, data and communications.
The Firm and all its members shall collect and retain only such personal or business information as is necessary for thepurposes required in fulfiling the Firm’s engagement responsibilities. Personal and client information shall be retained only aslong as necessary for the fulfilment of those purposes or for professional, regulatory and legal requirements.
Client information and any personal information obtained shall be used or disclosed for the purpose for which it wascollected, and for the Firm’s ancillary programmes as required.
Upon request, an individual or client shall be informed of the existence, use, and disclosure of their personal information andshall be given access to same. Such information does not necessarily include working papers, which are the property of theFirm.
Staff are required to sign a confidentiality agreement upon commencement of employment.
The President and/or the Managing Partner may designate a partner or senior staff member to be responsible for overseeingcompliance with the Firm’s policies and procedures with regard to privacy and confidentiality. The duties of the privacy andconfidentiality leader are as follows:
To review federal/provincial privacy legislation and any guidance provided by authoritative bodies;
To inform and train staff on privacy and confidentiality policies and supporting documentation;
To ensure a confidentiality agreement is signed by all staff upon commencement of employment;
To ensure the Firm’s privacy and confidentiality policies and procedures are complete and up-to-date, including:
Issue resolution and management guidance, documentation tools included in checklists, workprograms and templates;
Wording for inclusion in standard engagement letters and for general authorization; and
Maintaining protocols for all Firm members to follow including electronic data, file and informationsafeguards;
To develop and maintain the infrastructure required to protect the privacy and confidentiality of information held bythe Firm;
To be the authority for the Firm in resolving questions of privacy and confidentiality;
To conduct periodic checks on compliance with the Firm’s policies and procedures; and
To initiate and administer staff and partner disciplinary procedures and sanctions for non-compliance.