Data protection act 1998 (DPA)
The DPA lays down rules on how your client's personal information may be used. It exists to protect your clients and gives them the right to access information about them held on either computer or paper files.
Our application forms contain full information relating to the Data Protection Act 1998 in the sections headed 'Important information' and in the 'Declaration'.
To protect your client's interests, the following guidelines are in place to decide if it is appropriate to disclose your client's policy information to third parties.
Information relating to an individual client or a business will only be provided to that individual or business.
Medical evidence will not be disclosed to any third party, including you, without your client's express written consent.
Any policy information about the sum assured or surrender values will only be provided to the person entitled to the benefits under the policy, or with their written permission.
We will send information to your client if requested to do so by another third party.
Subject Access Requests (SAR's)
Under the Data Protection Act, individuals can ask to see the information about themselves (including medical records) that is held on computer and in paper records. This process is known as a Subject Access Request (SAR).