The experience, the integrity and the tools

ICU Consulting Inc

PIPEDA

INTRODUCTION

ICU Consulting Inc. is in the business of conducting investigations and gathering information. We are a Manitoba , Canada based company handling enquiries locally, nationally and internationally. We collect personal information on individuals daily. We understand the societal value in protecting personal information and ensuring its safekeeping. We embrace the new federal Personal Information Protection and Electronics Documents Act (PIPEDA) and acknowledge the importance of national standards to protect the personal information that we collect. Please note that our firm is properly licensed and regulated by the Province of Manitoba , Department of Justice. We will only collect personal information on individuals where there is a potential contravention of the law or breaches of agreements or other circumstances that permit us to legally collect this information under the laws of Canada . The ICU Consulting Inc. Code of Privacy follows and complies to the CSA Model Code of Personal Information Privacy and is as follows:

ACCOUNTABILITY

 ICU Consulting Inc. will be responsible for all personal information under our control. We have designated one person to ensure our compliance with the policies and procedures indicated in our Code of Privacy. The Privacy Officer for ICU Consulting Inc. can be reached at:

ICU Consulting Inc.
Rivergrove PO
Box 50002
17-2595 Main Street
Winnipeg, MB R2V 4W0
(204) 981- 2490

Upon receiving an enquiry, the Privacy Officer will respond to you within 30 days. It is ICU Consulting Inc.'s commitment to: * Protect personal information * Allow individuals to request information; seek amendments to their personal information; and file complaints against ICU Consulting Inc. with our Privacy Officer: * Train and educate our staff: * Develop information which explains these procedures to the public and our clients. Although we rarely, if at all, use third parties to process personal information, we will use reasonable means to ensure that all third party transferring of personal information is afforded a comparable level of protection to that which ICU Consulting Inc. maintains.

IDENTIFY PURPOSES

ICU Consulting Inc. will identify the purpose for which we collect personal information on affected individuals at or before the time of collection. All assignments received from our corporate, government, and other clients will be vetted to ensure their requests for information are compliant with PIPEDA. We may choose to orally explain to affected individuals the purposes for which personal information is being collected and then place a notation in the applicable file indicating that this has been done. Alternatively, an application form may be used. ICU Consulting Inc. may identify any new purposes that arise during the course of dealings with personal information and obtain prior consent required for this new use, even if we have already identified certain initial purposes. However, we will only do this when the intended new use purpose truly constitutes a "new" use, i.e., when the new purpose being proposed is sufficiently different from the purpose initially identified.

CONSENT

We will obtain the appropriate consent from individuals for collection, use or disclosure of personal information, except where the law provides an exception. We may obtain express consent for the collection, user disclosure of personal information, or when we determine that consent has been applied by the circumstances. Express consent is specific authorization given by the individual to ICU Consulting Inc., either orally or in writing. Implied consent is when ICU Consulting Inc. has not received a specific consent but the circumstances allow us to collect, use, or disclose personal information. In most incidences, obtaining the knowledge and consent of individuals would defeat the purpose of an investigation, in particular with respect to a breach of an agreement or contravention of a law. Personal information will only be collected, used and disclosed by ICU Consulting Inc. employees without consent in accordance with Section 7 of the Personal Information Protection and Electronic Documents Act, S.C. 2000, c.5 (PIPEDA) or under other lawful means.

LIMITING COLLECTION

The personal information that we collect will be limited to that which is necessary for purposes we have identified. We will only collect personal information for specific, legitimate purposes. We will not collect personal information indiscriminately. We will only collect information by fair and lawful means and not by misleading or deceiving individuals about the purpose for which the information is being collected. Our policies and procedures relating to the limitations on collection of personal information will be regularly communicated to our investigators who deal with collection, use and disclosure of personal information.

LIMITING USE, DISCLOSURE, AND RETENTION

Personal information will not be used or disclosed for purposes other than those for which it is collected, except with the consent of the individual or as permitted by law. We will only retain personal information as long as necessary for the fulfilment of those purposes. Personal information that is no longer required to fulfil identified purposes will be destroyed, erased, or made anonymous. Please note that there may be situations where ICU Consulting Inc. uses, discloses or retains personal information for legitimate purposes not identified to the individual to which the information pertains including those situations referred to in Section 3.

ACCURACY

The personal information we collect will be accurate, complete and up-to-date as necessary for its intended purposes. Our goal is to minimize the possibility that inappropriate information may be used to make a decision about any individual whose personal information we process. The process for ensuring accuracy and compliance will involve: * initial collection from client * client will be asked to verify accuracy and completeness * regular reviews; and * verifying accuracy by contacting third parties (e.g. motor vehicle and driving record authorities, etc.) If a significant error or omission is identified, we will correct or amend the information as appropriate. Where necessary, we will send such corrected or amended information to third parties who have had access to the information in question.

SAFEGUARDS

ICU Consulting Inc. will safeguard all personal information under our control in a manner that is appropriate to the sensitivity of the information. We will take all the physical security measures necessary including alarming and properly locking our facilities and/or locking all personal information in secure filling cabinets. All ICU Consulting Inc. staff, including investigators and administration staff have been properly trained in the policies of that pertain to these safeguards. Members of the public are not allowed access to our facilities unless identified, and escorted by properly trained staff. No sensitive personal information, pertaining to subjects of investigations will be electronically transferred to our clients unless the electronic files have been encrypted with an industry standard encryption program before being transferred. Distribution of personal information will be on a need-to-know basis. We will take precautions in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to information. These measures include: " ensuring that no one may retrieve personal information after disposal " shredding documents before recycling them " deleting electronically stored information

OPENNESS

We will make readily available to individuals requesting specific information about our policies and procedures relating to the management of personal information that is under our control. Investigators and staff of ICU Consulting Inc. will make available to the public easily understandable information about our company, it's privacy policies, the Code of Privacy, both in hard copy or by requesting a copy of same via contact co-ordinates listed under Section 1 above.

INDIVIDUAL ACCESS

A person making a request to ICU Consulting Inc. for access must, for their protection, have their identity verified by ICU Consulting Inc. before the existence, use and disclosure of his/her personal information is confirmed. Once an access request has been received and the identity of the person making the request has been verified, the individual will be informed of the existence, use and disclosure of his/her personal information which is under our control, and may be given access to and be permitted to challenge the accuracy and the completeness of that information. There are lawful exceptions that will prevent us from providing access, which include, but are not limited to the following: * Personal information about another person might be revealed. * Commercially confidential information might be revealed. * Someone's life or security might be compromised. * The information was collected without consent for the purposes related to an investigation of a breach or an agreement or contravention of a law or other lawful exemption. * The information was generated during the course of a formal dispute resolution process. * The information is protected by the Solicitor/Client privilege. * When restricted from providing this disclosure pursuant to the Private Investigators and Security Guards Act, revised Statutes of Manitoba 1987, Chapter P132 .

CHALLENGING COMPLIANCE

An individual may address a challenge concerning compliance with the aforementioned policies and procedures to our Privacy Officer whose details are listed in Section 1.