Q: I recently learned that someone that I don’t care for nor trust is working at my local financial institution. When I talked to the manager of the branch I was assured my privacy is protected. What are the boundaries for bank employees?
A: With the advent of the internet and the widespread use of credit and debit cards as a mode of payment, privacy concerns have grown steadily the past few years. There is federal and provincial legislation to protect you in this regard.
Read Also
Well-being improvement can pay off for farms
Investing in wellness programs in a tight labour market can help farms recruit and retain employees
Usually, a person in your position should raise the concern with the manager, unless that is the source of your concern, to see what safeguards the institution has against breach of your privacy. Most managers take this seriously.
The two concerns that arise are actual misuse of your funds and misuse of the personal information that financial institutions have so much of. Most financial institutions have well developed privacy policies for employees and communicate these to their workers at the start of the employment relationship and at various stages afterward.
Often, employees are asked to sign agreements about the use of confidential information and a serious breach of the policy can result in serious consequences for the employee, including termination.
Bank employees should not search for information that does not involve a legitimate purpose. They are not allowed to sit at a computer keying in names of people they know just to see what they own and what they owe. Larger financial institutions may perform random checks or audits of employees’ computer time to see where they’ve been on the system and whether their cyber-travels appear to be for legitimate purposes.
If you have any good basis to suspect an employee is using your personal information to gossip or spread rumours about you, complain to the manager and ask if that person can be monitored for her information technology usage.
Many people have become so comfortable with technology that they forget most uses of it leave “trails” that can be followed by knowledgeable computer experts. Searches of accounts, cheques and credit facilities usually have an identifying number or code attached, which reveals to bank management just who did the search and when. The “why” comes from questioning of the employee, who had better have a good explanation for traipsing through the files, electronic or otherwise.
Your own financial institution should be able to assure you about the sanctity of your personal information.
If not, there is federal law dealing with such issues. Any institution that is a collector of such infor-mation is legally obligated to put in safeguards for the use of such information. Failure to do so could render it liable in court.
As well, the new privacy laws have established privacy commissioners and staff to whom you can take your concerns if you feel they are not being taken seriously by your local manager. Complaints can be investigated, with offenders liable for fines in the event of serious breaches.
As always, any system is only as good as its people. Your financial institution may have perfectly acceptable safeguards in place, but if a malicious gossip is prepared to risk the consequences, your privacy may be violated.
Keep close tabs on your personal information and if you have any indications there has been a leak, approach the manager, or go
to upper management. The final recourse is the government’s privacy commissioner.
Rick Danyliuk is a practising lawyer in Saskatoon with McDougall Gauley LLP. He also has experience in teaching and writing about legal issues. His columns are intended as general advice only. Individuals are encouraged to seek other opinions and/or personal counsel when dealing with legal matters.
