Incident Summary #11: Financial institution reacts quickly to mass-mailing error
A financial institution reported a breach to the OPC after a printing error resulted in a few hundred clients receiving incorrect RRSP tax contribution statements. Some statements mistakenly included the personal information of other individuals, including names, addresses, account numbers, and Social Insurance Numbers. The institution promptly investigated, notified affected clients, provided new statements, increased account monitoring, and offered credit alert monitoring. They also reviewed and enhanced internal procedures to prevent future errors.
- Adequacy of safeguards to prevent privacy breaches
- Timeliness and appropriateness of breach response
- Notification of affected individuals
- Review and enhancement of internal policies and procedures
Complaint resolved through prompt corrective actions by the institution.
The financial institution took immediate and comprehensive steps to address the mailing error, including notification, mitigation of harm, and procedural improvements, which were satisfactory to the OPC.
AI-generated summary for reference only. Always verify against the official decision ↗
The institution notified affected clients, provided new statements, increased account monitoring, offered credit alert monitoring, and enhanced internal procedures.
This summary is informational only and not legal advice.