Communicating electronically is a great way to get your message out – but moving beyond traditional paper and ink brings with it new issues for consideration.
For example, the CBA’s Pensions and Benefits Law Section says in a submission to CAPSA, you need to start by defining what e-communication is: is it just email, or does it also encapsulate audio and/or video communication? What does requiring that a communication be capable of being reproduced mean in the case of a Skype conversation or a live chat session?
The Section was commenting on CAPSA’s consultation on its draft revised Guideline No. 2 – Electronic Communication in the Pension Industry. While the Section supports the use of electronic communications, it raised a number of issues in the guideline requiring further clarification.
For example, it suggests that the definition of e-communication take into consideration that members may initiate some communication with the administrator; and that the scope of “required” communication within the guideline should be clarified.
Consent is a hot topic these days, and it comes under scrutiny in the CAPSA guideline. The Section suggests that the guideline be revised to indicate that “where pension legislation permits deemed consent, the designation to the plan administrator or sponsor by a recipient of an information system is deemed to be consent by the recipient to e-communication.” The Section also suggests informing the recipient of the right to revoke consent immediately after an information system has been designated.
Among other things, the Section notes a number of areas where the onus could be put on the e-communications recipient to ensure that lines of communication are kept open and working: for example, it suggests the guideline “should explicitly recognize recipients’ obligation to keep their contact information, including e-contact information, up to date.” Recipients should also have an obligation to inform the administrator if an e-communication was not received as expected.
As well, the Section argues that the administrator can’t have the sole responsibility for data security, and the guideline should recognize this. The administrator can take all reasonable efforts to ensure the security of its own system, the Section says, but “there may be little that can be done by a plan administrator to safeguard e-communications accessed on the recipient plan member’s or beneficiary’s information system. By using electronic means to communicate with plan administrators, plan members must be understood to accept responsibility for the data protection and data security of their own information systems.”
Other concerns raised in the submission include whether an electronic signature is sufficient, the need to provide originals and retain e-communication, as well as the number of layers of authentication required to access information in an e-communication.