2017 presented a whirlwind of corporate scandals: United Airlines, Wells Fargo, Facebook, Uber, Chipotle, Equifax, WannaCry…the list goes on and on. Many of these companies suffered second and even third scandals when they failed to learn their lesson from the…Read more →
This September, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) published a much-anticipated update to their 2004 “Enterprise Risk Management—Integrated Framework,” a renowned and widely used risk management framework. The new release is formally called “Enterprise Risk Management—Integrating…Read more →
The hot water in which Uber has been simmering has just reached new thermal heights. Back in October 2016, hackers stole the personal data of 57 million customers and drivers containing their names, email addresses, phone numbers, and in the…Read more →
Recently, Forrester Research published “GRC Vision 2017-2022: Customer Demands Escalate As Regulators Falter,” which explores challenges the GRC industry will inevitably face as it develops, and the proven solution that enterprise risk management provides. We’ve broken this report down to…Read more →
On September 7, big-three credit reporting company Equifax reported that hackers gained access to the personal information of about 143 million U.S. consumers, and have now recently reported that as many as 100,000 Canadian consumers were affected as well. As…Read more →
The third step in the Risk Management and Own Risk and Solvency Assessment Model Act (RMORSA) is the implementation of a risk appetite and tolerance statement. This step is meant to set boundaries on how much risk your organization is…Read more →
The blows keep on coming for Wells Fargo. Within a year of their cross-selling scandal, two more scandals have risen to the top of news headlines. In part one of this series, I set out to make good on a…Read more →
Every business, in every industry, is liable to suffer a scandal. However, in all my years of experience, I have never come across a scandal that wasn’t entirely preventable. In a recent interview I had with business journalist L.A. Winokur…Read more →
The first step in Risk Management and Own Risk and Solvency Assessment Model Act (RMORSA) implementation, risk culture and governance, lays the groundwork and defines roles for your risk management function. The second step, risk identification and prioritization, defines an ongoing risk…Read more →
The National Association of Insurance Commissioners adoption of the Risk Management and Own Risk and Solvency Assessment Model Act (RMORSA) of 2015 required insurance organizations to take a broader approach to risk management. I would like to revisit this regulation and…Read more →
Your professional development has never been more cutting-edge. Consider the fascinating research of Qui Trieu, manager of personal insurance at Perth Insurance, a wholly owned subsidiary of Economical Insurance. Qui (pronounced as ‘key’) is currently a candidate in the Insurance…Read more →
For a broker interested in writing and retaining commercial accounts, there is a lot to be said for conducting a thorough review of a business owner’s operations, making recommendations for appropriate limits and types of coverage, and then ensuring that…Read more →
The role of the Chief Risk Officers (CROs) today is more multifaceted than it used to be. The financial crisis has expanded the CRO role, making risk management in the insurance industry more of a team sport than ever before.…Read more →
The Court of Appeal for Ontario has held that a hospital can be sued (in a proposed class action) for a privacy breach.
In Hopkins v. Kay, the class plaintiff alleged that her records as a patient at the Peterborough Regional Heath Centre were improperly accessed. She based her claim on the common law tort of intrusion upon seclusion, set out in Jones v. Tsige.
The hospital brought a Rule 21 motion to dismiss the claim on the ground that the Personal Health Information Protection Act (“PHIPA”) is an exhaustive code that ousts the jurisdiction of the Superior Court to entertain any common law claim for invasion of privacy rights in relation to patient records.Read more →