Canadian National Insurance Crime Services (“CANATICS” or “we”) is a not-for-profit fraud consortium that works together with the Canadian insurance industry to combat organized and premeditated insurance crime in a manner that protects and respects individual privacy.
Our goal is to identify and prevent insurance fraud by using state of the art analytical tools to identify potentially suspicious claims by pooling data provided by individual member insurers (“Members”), to facilitate further investigation by individual insurers. In doing so, we are committed to protecting the information that we collect from our Members in accordance with applicable privacy laws and leading best practices.
This Privacy Statement sets out the way in which we collect, use, disclose and otherwise manage your personal information. For additional information you can watch the video on CANATICS’ Commitment to Privacy and Security.
What is personal information?
“Personal information” means information about an identifiable individual collected by CANATICS’ Members. Personal information may include but is not limited to the following: name; policy; claims data numbers; and intel (e.g. information intelligence gathered from other sources or organizations).
Collection & Use of Personal Information
We collect personal information indirectly from individuals, via each Member. We do so only where consent has been obtained from individuals, via a number of mechanisms, for the purpose of facilitating insurers’ investigations of potentially suspicious networks and claims through the use of analytical tools which examine insurance industry pooled data.
We also collect personal information directly from employees in order to establish, maintain and manage employment relationships between CANATICS and its personnel.
Sharing of Personal Information
The personal information CANATICS processes is not openly shared with Members - they do not have direct access to pooled data. Members receive tailored Alerts and Reports specific to their own claims. Each Member which provides personal information will continue to own that data.
We may need to transfer (or otherwise make available) your personal information to third parties who provide services on our behalf. For example, we partner with BAE Systems to provide our fraud prevention and detection services. Our service providers are located in Canada. All of our service providers are required to maintain the confidentiality and security of your personal information, and are prohibited from using or disclosing your personal information for any purpose other than providing the services on our behalf or as otherwise required by law.
We and our Canadian service providers may be required to provide your personal information in response to a search warrant or other legally valid inquiry or order, or to an investigative body in the case of a breach of an agreement or contravention of law, or as otherwise required or permitted by law. We may also disclose personal information where necessary to pursue or defend legal claims or to investigate or prevent actual or suspected loss or harm to people or property.
You can visit our Website without submitting any personal information. However, we collect the IP (internet protocol) addresses of all visitors to our Website and other related information such as page requests, browser type, operating system and average time spent on our Website. We use this information to help us understand our Website activity, and to monitor and improve our Website.
Access to Personal Information
CANATICS and its Members value the rights of individuals to access their personal information. Since CANATICS is a third party service provider to its Members, individuals should submit their access requests directly to the Member who is the original data collector of the individuals’ personal information.
We protect all of our data holdings against loss, theft, unauthorized access, disclosure, copying, use, modification, transmittal, disposal, and anticipated threats.
Our processes are designed to keep your personal information for no longer than we need to in order to fulfill the purposes stated above or to otherwise meet legal requirements.
Any personal information that we no longer require shall be securely erased and/or destroyed.
Changes to the Privacy Statement
This Privacy Statement may be updated from time to time to reflect changes to our personal information practices. The revised Privacy Statement will be posted on the Website. Please do refer to this Privacy Statement often for the latest information about our personal information practices.
If you have any questions or concerns about our privacy practices, please feel free to contact: firstname.lastname@example.org
Last updated: February 21, 2019