PSHCP Privacy Statement

The Public Service Health Care Plan Privacy Statement is also posted on the website of the Treasury Board of Canada.

Definitions

The following definitions are for roles and terms used in the Public Service Health Care Plan (PSHCP) Privacy Statement:

Federal Public Service Health Care Plan Administration Authority

Is the without share capital corporation charged with the administration of the PSHCP. Its role is to ensure that benefits and services to Plan Members and their covered dependants are delivered in a manner that ensures the effective and efficient administration of the Plan. Its responsibilities are set out in its Letters Patent, and include hearing Members' appeals and conducting audits of the payment of benefits by the Plan Administrator. In fulfilling these responsibilities, the Administration Authority may collect the Member's personal information. The Administration Authority is managed by a Board of ten Directors.

Member

Means:

  1. An employee or a pensioner who has applied for and has been granted coverage under the PSHCP by a designated officer; or
  2. A member of the Canadian Forces (CF) or the RCMP who has applied for and has been granted coverage for their dependants under the PSHCP; or
  3. An individual who is a member of the Veterans Affairs Canada (VAC) client group as defined in Schedule III who has applied for and has been granted coverage under the PSHCP.

(For a complete definition please refer to the PSHCP Plan Directive, April 1, 2006)

Personal Information

As defined in section 3 of the Privacy Act, means information about an identifiable individual that is recorded in any form. A list of the elements of personal information collected to administer the PSHCP and deliver benefits and services to Plan Members can be found in section 2 of this Statement under "Collection of Personal Information".

Plan Administrator

Means the organisation under contract responsible to adjudicate and pay claims in accordance with the PSHCP Directive and direction from the Federal Public Service Health Care Plan Administration Authority.

Plan Participant

Is a person covered under the PSHCP and includes the Member and/or his or her eligible dependant.

(For a complete definition please refer to the PSHCP Plan Directive, April 1, 2006)

Treasury Board Secretariat

Is the administrative arm of the Treasury Board (TB) responsible for developing and overseeing the Policy Framework for the Management of pensions and employee benefits, including the Public Service Health Care Plan.

Introduction

The Public Service Health Care Plan

The Public Service Health Care Plan (PSHCP) is a private health benefits plan designed to reimburse Members for all or part of costs they incur for eligible services and products. The PSHCP covers public servants and other members of the federal public administration, parliamentarians, federal judges, dependants of members of the Canadian Forces and the Royal Canadian Mounted Police, those receiving a pension based on service in one of these categories, members of the Veterans Affairs Canada client group defined in Schedule III of the PSHCP Plan Directive, and the dependants of eligible Members.

The Treasury Board of Canada is accountable to Parliament and the Canadian electorate for the PSHCP's performance and for the benefits Canada derives from the investment of public funds in the Plan. However, certain responsibilities have been assigned to two governance bodies comprised of individuals appointed by the Treasury Board, the public service bargaining agents, and the National Association of Federal Retirees (representing pensioner members), so that the PSHCP may be managed collaboratively by these parties. These governance bodies are the PSHCP Partners Committee, which focuses on Plan design and policy, and the Federal Public Service Health Care Plan Administration Authority, a without share capital corporation which has responsibilities for contract management and overseeing the day-to-day administration of the Plan by the Plan Administrator.

For additional information on PSHCP benefits, please go to the following URLs:

The PSHCP Privacy Statement

The objective of the Public Service Health Care Plan (PSHCP) Privacy Statement is to inform individuals who are covered under the PSHCP about who is collecting their personal information; what personal information is being collected and for what purposes; when the information will be disposed of; how to get access to their personal information on file, and, if required, how to correct it. This is consistent with provisions in the Privacy Act.

The Statement applies to the vast majority of the employers participating in the PSHCP (Participating Employers) who are subject to the Privacy Act. They include the Treasury Board Secretariat, departments, agencies, separate agencies, special operating agencies, and boards and commissions.

The Statement does not apply to a small number of Participating Employers that are not subject to the Privacy Act[1], or the Plan Administrator (Sun Life Assurance Company of Canada). These entities may have their own statements in accordance with privacy legislation to which they are subject.  For example, Sun Life, which is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA), or in some cases to applicable provincial/territorial legislation in jurisdictions where it operates, makes available to the public its Privacy Policy and Privacy Code. They describe the company's commitment to privacy in the daily management of the personal information of its customers including the participants of the benefits plans it administers. They are available in a section entitled "Respecting Your Privacy" on their Website.

The purpose of this Statement is to describe for Plan Members the privacy practices of Participating Employers that are required to handle their personal information and that of their eligible dependants pursuant to requirements under the Privacy Act.

Nevertheless, information about the responsibilities of Sun Life and those Employers not subject to the Privacy Act is referenced in sections 1, 2 and 3, in order to provide a comprehensive picture of the roles and responsibilities of all parties handling personal information in the course of administering the PSHCP and delivering benefits and services to Plan Members.

The Privacy Landscape in Canada

The Office of the Privacy Commissioner of Canada provides a large inventory of facts sheets and links regarding Privacy in Canada that can be helpful in understanding applicable privacy legislation. This information is available at the following links:

1. Responsibilities

Participating Employers

Participating Employers subject to the Privacy Act:

  • Collect personal information in order to fulfill their respective mandate;
  • Are responsible for the protection of personal information they collect for the purposes described in section 3 of this Statement and to ensure that employees involved in the collection and management of this information comply with privacy policies (such as the Policy on Privacy Protection) in the day-to-day management of such information; and,
  • Have a designated Access to Information and Privacy Coordinator responsible for ensuring compliance with the Privacy Act and Access to Information Act.

Participating Employers that are not subject to the Privacy Act:

  • Are responsible for the protection of personal information they collect for the purposes of administering the PSHCP. They may or may not be subject to other federal, provincial or territorial privacy legislation. In those cases, Members are encouraged to contact the person within their organization responsible for their employers' privacy practices and to access additional information describing the varied privacy legislation in Canada.

Employees

  • All employees working for an Employer that is subject to the Privacy Act and involved in the collection of personal information for the administration of PSHCP are responsible to comply with procedures that are in place for the confidential and secure handling of personal information.

Plan Administrator

Sun Life, as the Plan Administrator, is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA) and to applicable provincial/territorial legislation in the jurisdictions where it does business on behalf of the PSHCP. To this end, Sun Life employs privacy professionals who continually review new and existing legislation, incorporating requirements into Sun Life's internal practices.

2. Collection of Personal Information

The collection of personal information under the PSHCP is limited to what is required for the purposes described in section 3 of this Statement.

The personal information collected under the PSHCP includes the following:

  • Members' data: last name, given name, date of birth, gender, employee, service, pension number, marital status, contact information, details on other health coverage.
  • Dependant personal information: last name, given name, date of birth, gender, relationship to Member, details on spouse/common-law partner's other health coverage, status of dependant child over age 20 and under age 25,
  • Details of Claim: certificate number, detailed receipts for eligible expenses (e.g. prescription drugs, other medical expenses such as chiropractor or vision care), physician's prescription, diagnostics and treatment plan, medical reports.

3. Purposes of Collection

Participating Employers subject to the Privacy Act and that have entered into an agreement with Public Works and Government Services Canada (PWGSC) for payroll services, collect personal information from Members under the PSHCP for the purposes of:

  • Certifying eligibility for coverage
  • Registering Members
  • Determining and amending status and coverage
  • Obtaining authorization for payment deductions

Pursuant to an agreement between the parties for payroll services, PWGSC's Superannuation, Pension Transition and Client Services collects personal information from Participating Employers and from pensioners for the purposes of:

  • Certifying eligibility for coverage (pensioners)
  • Registering Members (pensioners)
  • Determining and amending status and coverage (pensioners)
  • Obtaining authorization for payment deductions (pensioners)
  • Providing eligibility data to the Plan Administrator (employees and pensioners)
  • Applying pay deductions (employees and pensioners)

In the case of those Participating Employers that are subject to the Privacy Act and have not entered into an agreement with PWGSC for payroll services, personal information is collected by these employers under the PSHCP for the purposes of:

  • Certifying eligibility for coverage
  • Registering Members
  • Determining and amending status and coverage
  • Obtaining authorization for pay deductions
  • Providing eligibility data to the Plan Administrator
  • Applying pay deductions

The Administration Authority collects personal information under the PSHCP for the purposes of:

  • Hearing Plan Member appeals, overseeing claims adjudication and plan administration [2]
  • Communicating with Plan Participants
  • Auditing the Plan Administrator regarding the payments of benefits

Sun Life collects personal information under the PSHCP for the purposes of:

  • Administering the benefits
  • Adjudicating claims
  • Coordinating benefits with other public or private insurance plans

4. Notification and Consent

At the time of their application to the PSHCP, Members are informed by their compensation advisors or pension office of the purposes for the collection of personal information. The Member provides express consent for use and disclosure by the Plan Administrator of the Member's personal information and that of eligible dependants by signing each benefits claim form.

5. Use and Disclosure

Personal information under the PSHCP is used and disclosed solely for the purposes for which it was collected and identified in section 3 of this Statement.

Participating Employers ensure that policies and procedures are in place to address any improper or unauthorized disclosure of personal information.

6. Accuracy

Participating Employers that are subject to the Privacy Act and their employees administering personal information under the PSHCP, ensure completeness and accuracy of the personal information by having procedures in place that:

  • Regularly update the personal information;
  • Keep a record of the source of the information used to make the changes;
  • Ensure notification of the changes to other parties to whom the information was disclosed; and,
  • Ensure that participants are able to access, and request correction of their personal information.

7. Retention

Personal information concerning an individual that has been used by a Participating Employer subject to the Privacy Act for an administrative purpose shall be retained by the Employer

(a) for a minimum of two years following the last time the personal information was used for an administrative purpose unless the individual consents to its earlier disposal; and

(b) where a request for access to the information has been received, until such time as the individual has had the opportunity to exercise all his or her rights under the Act.

Other than the required minimum 2 years under the Privacy Act, the retention period may vary by Participating Employer.

8. Access to Personal Information

Plan Participants are informed and will, consistent with the Access to Information and Privacy Acts, be given access, upon their request, to their personal information used and disclosed by the Participating Employer. Plan Participants are able to challenge the accuracy and completeness of the information and request correction, by contacting the designated privacy officers listed in section 9 of this Statement.

There exist several reference tools to assist members of the public in exercising their rights under the Access to Information Act and the Privacy Act.

One of these reference tools is called "Info Source". It is a series of publications containing information about the Government of Canada, its organization and information holdings. It supports the government's policy to explain and promote open and accessible information regarding its activities. Info Source is available at the following URL:

Other reference tools can be found at the following URLs:

9. Right of Complaint

Plan Participants can address any questions and/or complaints regarding compliance with the above sections using the following contacts:

Treasury Board of Canada Secretariat

Access to Information and Privacy Coordinator
Telephone: 613-957-7154
Email: Denise Brennan

Participating Employers Subject to the Privacy and Access to Information Acts

Access to Information and Privacy Coordinators (list of)

Participating Employers That are not Subject to the Privacy Act

Participants can address their questions and/or complaints to their respective organization.

Public Works and Government Services Canada

Access to Information and Privacy Coordinator
Telephone: 819-956-2133
Email: Rachelle Delage

Federal Public Service Health Care Plan Administration Authority

Access to Information and Privacy Coordinator
613-565-1762   Ext. 241
Email: Access to Information and Privacy

Sun Life Assurance Company of Canada

Privacy Officer
Telephone: (416) 408-8850
Email: Privacy Officer


[1] Federal organizations and their affiliation to the Privacy Act are identified in the "Population Affiliation Report". Click on the type of organization in the diagram under "Overview", and then look under "AIPA".

[2] This may require the Administration Authority to discuss a Member's personal information with service providers and other stakeholders.