Privacy Policy

Overview & Commitment to Privacy

At Beneplan Inc. (“the Company”, “Beneplan”, “we”, “our” and “us”), one of our main priorities is the privacy of our clients and visitors to our website (www.beneplan.ca). This Privacy Policy document governs in general terms how we collect, use, retain, and disclose your personal information and that of any other person(s) whose personal information is collected by us or that is disclosed to us as part of your relationship with us, in accordance with the requirements of applicable legislation and our continuing commitment to privacy.  It also contains details on the types of information that is collected and recorded by us and how we use it.

The appropriate collection, use and disclosure of clients’ personal and/or health information(PHI) is fundamental to our day-to-day operations and to client care. Protecting the privacy and the confidentiality of client’ personal information is important to all the staff at Beneplan. We strive to provide our clients with exceptional service. Every employee of Beneplan Inc. must abide by our commitment to privacy in the handling of client personal information.

Applicability of This Privacy Policy

When you do business with us, we will ask you for your consent to collect, use and disclose your personal information. We will explain what personal information we need, what we will use and disclose it for, and who we will share it with. We will not share your personal information except with your consent or as required or permitted by law. Our Privacy Policy attests to our commitment to privacy and demonstrates the ways we ensure that client privacy is protected. Our Privacy Policy applies to the personal and the health information of all our clients that is in our possession and control. You can withdraw your consent at any time. You may access and correct, if needed, the personal information we have about you by sending us a request in writing at ea@beneplan.ca or the mailing address below.

What is Personal Health Information (PHI)?

Personal health information (PHI) means identifying information about an individual relating to their physical or mental health (including medical history), the providing of health care to the individual, payments or eligibility for health care, organ and tissue donation and health number. Please review Section 2 below.

The 10 Principles/Directives of Beneplan Inc.’s Privacy Policy

Our Privacy Policy reflects our compliance with fair information practices, all applicable laws and regulations and ethical standards of practice.

1. Accountability

We take our commitment to securing client privacy very seriously. Each employee associated with the Company is responsible for the personal information under his/her control. Our employees are informed about the importance of privacy and receive information periodically to update them about our Privacy Policy and related issues.

2. Identifying Purposes: Why We Collect Information & What Information We Collect

We ask you for information to establish a relationship, to perform a contract with you, to establish your identification, to provide you and/or your dependants with applicable benefit coverage services, for claims processing and payment(s), to protect you and us from error & fraud, to serve your ongoing group benefits administration needs or provide ongoing access to other services of Beneplan Inc.

We obtain most of our information about you directly from you, or from other health practitioners whom you have seen and authorized to disclose to us (in the event of a claim). You are entitled to know how we use your information & this is described in this Privacy Statement. We will limit the information we collect to what we need for those purposes, and we will use it only for those purposes. We will obtain your consent if we wish to use your information for any other purpose.

The type of information we collect from you includes but is not limited to, your name, your residential address, your email address, your phone number, your employment information relevant to the administration of the group health benefits program and associated services, Basic OHIP information as necessary, identification numbers (e.g., an employee number or driver’s license number), Social Insurance Number (SIN) for tax reporting purposes, or other Canada Revenue Agency reporting, as well as verification of non-permanent Canadian residency, your insurance needs, health information from your medical practitioner or related medical services (labs etc.), information contained in legal documents (death certificates, court orders, powers of attorney etc.), information related to a specific claim or investigation (including information contained in police reports, investigation reports, and mobile phone records), your marketing preferences, which is used in claims adjudication, your banking information used in the direct deposit of claims reimbursements and other relevant information necessary for the facilitation of group benefits administration. We will never collect information about you that is not a requirement for the administration or facilitation of the group benefits program.

3. Consent

You have the right to determine how your personal and health information (PHI) is used and disclosed. For most benefits administration purposes, your consent is implied as a result of your consent to avail of the group benefits plan(s) and its features and services, your consent can be either express or implied. Express consent can be verbal or written.

We ask you for information to establish a relationship, to perform a contract with you, to establish your identification, to provide you and/or your dependants with applicable benefit coverage services, for claims processing and payment(s), to protect you and us from error & fraud, to serve your ongoing group benefits administration needs or provide ongoing access to other services of Beneplan Inc.

Note that the consent directive may result in delays in provision of services or in claims adjudication due to Beneplan Inc. and its partners, lacking complete information about your or your dependants.

You can withdraw your consent any time after you've given it to us, provided there are no legal or regulatory requirements to prevent this. If you don't consent to certain uses of personal information, or if you withdraw your consent, we will not be able to administer your benefit coverage. If so, we will explain the situation to you to help you with your decision.

4. Limiting Collection, USE OF COOKIES, WEB ANALYTICSTOOLS & SIMILAR TECHNOLOGIES

We collect information by fair and lawful means and collect only that information which may be necessary for purposes related to the provision to you of the group benefits administration and its affiliated services.

Cookies - Beneplan Inc. may use cookies (small text files placed on your device) and similar technologies to provide our website(s)s and online services and help collect data. Cookies allow us, among other things, to store your preferences and settings; enable you to sign-in; provide interest-based advertising; combat fraud; and analyze how our websites and online services are performing. We also use web beacons to help deliver cookies and gather usage and performance data.

Our website - may also include web beacons and JavaScript from third-party service providers. Like cookies, JavaScript, or Web Beacons are used in their respective advertisements and links that may appear on Beneplan Inc.’s website, are sent directly to end users' browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit.

Third Party Privacy Policies – Beneplan Inc.'s Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.

Web analytics provide non-personally identifiable statistical information about how visitors interact with our website and applications. Beneplan uses a variety of web analytics tools on websites and applications. We may also use Google reCaptcha v3 in order to secure our website and to help prevent fraud.

Beneplan Inc. has enabled Google Analytics (which includes the following features: Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics Demographics and Interest Reporting). We may use information collected through Google Analytics in conjunction with other data we have collected about you.

Note that Beneplan has no access to or control over these cookies that are used by third-party advertisers. You have a variety of tools to control cookies, web beacons, web analytics tools and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons. Your browser and other choices may impact your experiences with our products. To opt out of Google Analytics for Display Advertising and customize Google Display Network ads, please use the Ads Settings.

To view the currently available opt-outs for the web, please visit Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout/).Google’s Privacy Policy is available through this link https://policies.google.com/privacy?hl=en.

To opt out of a third-party vendor's use of cookies on your web browser, you can visit www.aboutads.info/choices

5. Limiting Use, Disclosure and Retention

The information we request from you is used for the purposes previously defined. We will seek your consent before using the information for purposes beyond the scope of this posted Privacy Policy Statement. Under no circumstances do we sell client lists or other personal information to third parties.

There are some types of disclosure of your personal health information that may occur as part of Beneplan fulfilling its routine obligations and/or practice management. This includes providers, consultants and suppliers to Beneplan Inc., on the understanding that they abide by our Privacy Policy, and only to the extent necessary to allow them to provide business services or support to Beneplan Inc.

We will retain your information only for the time it is required for the purposes we describe and once your personal information is no longer required, it will be destroyed. Beneplan Inc will maintain, keep and archive the information collected on clients, in the course of administering benefit plans for a minimum period of five years, but not longer than seven years.

Beneplan Inc will destroy the information both electronic and in paper form in a manner which ensures that the information cannot be used in any form by others. Please note however, due to regulatory, legal or other internal administrative process requirements, some information is kept for a longer period. Clients may be required to sign and date a Consent to Disclose PHI form prior to release of information.

6. Accuracy

We make every effort to ensure that the personal information we collect is accurate, complete, and as up to date as possible to properly satisfy the purposes for which it is to be used. It is important that you promptly notify us of any change to your contactor other personal information. If we are unable to verify your personal information or unable to contact you, we may be limited in our ability to provide you with our products and services.

7. Safeguards: Protecting Your Information

We protect your information with appropriate and commercially acceptable safeguards and security measures. Beneplan Inc. maintains personal information in a combination of paper and electronic files. Recent paper records concerning individuals’ personal information are stored in files kept onsite at our office. Older records may be stored securely offsite or in a secure digitized format.

Children's Information – Another of our key priorities is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their children/ward’s online activity. Beneplan Inc. does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.

All our employees must agree to and abide by our Code of Ethics/Code of Conduct and related internal policies. In addition, we have developed and implemented privacy guidelines and practices which are reviewed and audited periodically. Access to personal information will be authorized only for employees of Beneplan Inc., and other agents who require access in the performance of their duties, and to those otherwise authorized by law. We provide client information to insurance providers acting on our behalf, on the understanding that they are also bound by law and ethics to safeguard your privacy. Other organizations and agents must agree to abide by our Privacy Policy and may be asked to sign contracts to that effect. We will give them only the information necessary to perform the services for which they are engaged, and will require that they not store, use or disclose the information for purposes other than to carry out those services.

Our computer systems are password-secured and constructed in such a way that only authorized individuals can access secure systems and databases. If you send us an e-mail message that includes personal information, such as your name included in the "address", we will use that information to respond to your inquiry. Please remember that e-mail is not necessarily secure against interception. If your communication is very sensitive, you should not send it electronically unless the e-mail is encrypted or your browser indicates that the access is secure.

To mitigate and manage our exposure to information security risks, our organization has implemented a security risk management program with both governance and operational components, including training and awareness at all levels, secure password protection, standard security practices and tools, and internal policies and practices such as limiting access on a need-to-know basis based on the consent you provided. Our internal technology governance has been designed to meet both regulatory requirements and industry best practices. Our program is also designed to protect systems with consideration of confidentiality, integrity, and availability of information. Key activities include monitoring our systems for events to detect and prevent system intrusions, as well as conducting scans of the internal and external environments to identify and remediate vulnerabilities. Along with an extensive business continuity management program, we continually assess our security program to ensure we are well-positioned to meet the needs of our business and clients.

8. Openness: Keeping You Informed

Beneplan Inc. has prepared this plain-language Privacy Policy to keep you informed. You may view a copy by visiting our website at https://beneplan.ca/privacy-policy/. If you have any additional questions or concerns about privacy, we invite you to contact us by phone and we will address your concerns to the best of our ability.

9. Access and Correction

With limited exceptions, we will give you access to the information we retain about you within a reasonable time, upon presentation of a written request and satisfactory identification. We may charge you a fee for this service and if so, we will give you notice in advance of processing your request.

If you find errors of fact in your personal or dependant’s personal information, please notify us as soon as possible and we will make the appropriate corrections. You have a right to append a short statement of disagreement to your record if we refuse to make a requested change. If we deny your request for access to your personal information, we will advise you in writing of the reason for the refusal and you may then challenge our decision.

10. Challenging Compliance

We encourage you to contact us with any questions or concerns you might have about your privacy or our Privacy Policy. We will investigate and respond to your concerns about any aspect of our handling of your information. In most cases, an issue is resolved simply by telling us about it and discussing it. You can reach us at:

1. Accountability
2. Identifying Purposes
3. Consent
4. Limiting Collection
5. Limiting Use, Disclosure and Retention
6. ACCURACY
7. Safeguards: Protecting Your Information
8. OPENNESS: KEEPING YOU INFORMED
9. ACCESS AND CORRECTION
10. CHALLENGING COMPLIANCE

Beneplan Inc.

150 Ferrand Drive, Suite 500
Toronto, On M3C 3E5
416 863 6718 (Tel)
416-863-5157 (Fax)
ea@beneplan.ca (Email)

Beneplan’s Privacy Officer will acknowledge your complaint, and will respond to you within a week of receiving your enquiry, to tell you the problem has been resolved, or, in more complex cases, advise you what further steps are being taken and when you may expect a resolution. If, after contacting us, you feel that your concerns have not been addressed to your satisfaction, you have the right to complain to the Information and Privacy Commissioner/Ontario. The Commissioner can be reached at:

2 Bloor Street East, Suite 1400
Toronto, Ontario M4W 1A8
1-800-387-0073 (Tel)
1-416-325-9195 (fax)

This policy is amended from time to time. The most current version of this policy was updated on July 4, 2023.

To receive a copy of our Privacy Policy in French, please contact us by sending an email to ea@beneplan.ca