Skip to main content
Unsupported Browser

Your Browser is out of date and is not supported by this website.
Please upgrade to Firefox, Chrome, Internet Explorer 11, or Microsoft Edge.

Privacy Policy

At Morneau Shepell, we are committed to protecting the confidentiality, security and accuracy of the personal information we receive about you. The management of personal information is fundamental to our services and this Privacy Policy explains our approach to honoring this commitment.

Collection, Use and Disclosure

Typically, Morneau Shepell receives your personal information directly from you or your authorized representatives, or from your employer, your employer’s authorized agents, association, insurer or benefits plan sponsor.

We limit the collection, use and disclosure of personal information to information that is necessary for the following purposes:

  • To perform services that we have been hired to do by your employer, association, insurer, benefits plan sponsor or by you. These services may include:
    • Employee and family assistance programs and services (“EFAP”);
    • Health management programs and services;
    • Organizational health and training programs;
    • Pension and benefits consulting services to assist in the design, delivery and management of the pension and benefits programs offered by an association, insurer or plan sponsors to their employees or members;
    • Pension, health & welfare and health benefit exchange administration services to assist in the administration of the pension, benefits, and/or insurance programs that associations, insurers or plan sponsors offer their employees or members; and
    • Group investment and benefits plans and programs developed and administered by Morneau Shepell;
  • To provide our employer, association, insurer and plan sponsor clients and their employees and members with information about our services, products and their usage and to enhance our overall service delivery.
  • To conduct research, compile aggregate data, statistics and reports and to perform analytics about Morneau Shepell’s services, service standards and trends for use by Morneau Shepell, its clients and our respective third party service providers.  These forms of data, statistics and reports do not contain any information that could reasonably be used to identify you personally.
  • For audit, quality control and legal and regulatory compliance purposes including the protection of our interests in civil or criminal proceedings, to resolve any disputes that we may have and to enforce our agreements.

We will retain personal information for as long as necessary for the purpose for which it has been collected, or as long as we are required and/or permitted to retain such information by law.

As Morneau Shepell continues to develop and grow, we may buy or sell parts of a business. As our businesses consist primarily of the delivery of services to clients, information regarding the particular accounts or services being purchased or sold could include personal information and be one of the transferred business assets.


We will collect, use and disclose your personal information with your consent and only for the purposes we disclose to you, or as otherwise required or permitted by law. Such consent may be expressed or implied. For example by participating in your benefits plan, you consent to our collection and use of your personal information for the purposes of providing services related to such plan. Further, your consent may be obtained directly by us or through your association, insurer, employer or benefits provider.

You may withhold or withdraw your consent for us to collect, use and disclose your personal information, as long as there are no legal or contractual reasons preventing you from doing so. Depending on the circumstances, however, withdrawal of your consent may impact our ability to continue to provide you with the products and services you have requested, or, in the case of insurance and group insurance benefits, it may prevent us from keeping your coverage in force, or properly evaluating and processing any claims.


We will employ safeguards to protect personal information from unauthorized access, disclosure, copying, or use, by using various methods of protection, appropriate to the sensitivity of the information.  The methods of protection include:

  • Physical measures (locked filing cabinets, restricted access to files and offices);
  • Technological measures (passwords, encryptions, firewalls, and audits);
  • Organizational controls (security clearances, limiting access on a "need-to-know" basis, staff training, confidentiality agreements, policies and procedures); and
  • Contractual confidentiality covenants.

Morneau Shepell will also ensure care has been taken in the disposal or destruction of personal information to protect against unauthorized parties from gaining access to the information.

Please note that confidentiality and security are not assured when information is transmitted through email or other electronic communication. While Morneau Shepell makes every effort to secure all communications within our control and on our premises, please be advised that no method of delivery is entirely secure and it is possible that any communication of personal information may be inadvertently or deliberately intercepted by third parties. 

Use by and Disclosure to Third Parties

We may need to share your personal information with third parties who support Morneau Shepell in providing or promoting our services. Such third parties will be required to keep your information confidential and secure and to have privacy policies and security standards with respect to personal information that are comparable to ours. When we disclose information to third parties, we will redact your personal information to the extent possible and will only share the personal information required to satisfy such third party requests.

Privacy and the Internet

Morneau Shepell collects information about you through your visits to our websites using cookies. Cookies are files sent to your browser from a web server and stored on the hard drive of your device to allow a website to identify that device whenever a user returns to the website. We use these cookies for a variety of reasons, most commonly to distinguish you from other users and to help us compile aggregate statistics about our websites. We also use cookies to personalize your visit and make it more efficient.

Morneau Shepell websites may contain links to other third party sites that are not governed by this Privacy Policy. Although we endeavor to link only to sites with high privacy standards, our Privacy Policy will no longer apply once you leave our websites. We are not responsible for privacy policies employed by other third parties. We suggest, therefore, that you examine the privacy statements of those sites to learn how personal information may be collected, used and/or disclosed.

Personal Health Information – Employee Support Solutions and  Absence Management Services

For clients using Absence Management Services or Employee Support Solutions, including Employee and Family Assistance Programs, the personal health information collected for the purpose of providing one service will not be used or disclosed for the purpose of providing any other service. Separate files are created for each service used by a client, and the personal health information from one file is not shared or combined with any other file.  Internal access to personal health information is granted on a role-based “need to know” basis. This information may later be combined for use by Morneau Shepell in data analytics, in which case it will not be disclosed in a way that can reasonably be used to identify you personally.

Accuracy and Access

We will employ measures to keep personal information collected by us accurate and complete in order to minimize the possibility of using or disclosing incorrect personal information. Upon request, we will inform you of the existence, use, and disclosure of your personal information that we maintain. 

You may also have access to your personal information at a cost intended to cover actual expenses and subject to the exceptions noted below. We may deny access to certain personal information we hold about an individual if the information is prohibitively costly to provide, if it contains references to other individuals, if it cannot be disclosed for legal, security or commercial proprietary reasons, if it is subject to solicitor-client or litigation privilege, if it contains information that may be harmful to your mental health or the mental health of others, or if such disclosure is otherwise prohibited by law. In such circumstances, we will advise you of the reason for denying the access request.

You are entitled to challenge the accuracy and completeness of the information we maintain and we will update or correct any factually inaccurate information.

Enforcement, Amendments and Privacy Concerns

Under the leadership of Morneau Shepell’s Privacy Officer, privacy working groups comprised of individuals from across the organization are accountable for Morneau Shepell’s compliance with this Privacy Policy and the development and implementation of privacy practices and procedures.

Morneau Shepell uses a self-assessment approach to ensure compliance with this Privacy Policy, and periodically verifies that the policy accurately describes our practices, is publically accessible and conforms to the guiding principles of privacy and the protection of personal information. This Privacy Policy may be amended from time to time as a result. We will post any revised policy on this website.

If you have any concerns related to privacy issues or our handling of your personal information, or would like to withdraw a consent that you have previously provided to us, please do not hesitate to communicate in writing with our Privacy Officer so that your concerns can be investigated and resolved:

By regular mail:
Privacy Officer
Morneau Shepell Limited
115 Perimeter Center Place NE, Suite 1050
Atlanta, GA 30346
United States

By electronic mail:


Privacy Across Borders

Morneau Shepell may transfer and/or receive certain personal information across geographical borders to and/or from Morneau Shepell entities or service providers in other countries working on our behalf in accordance with applicable law.

Morneau Shepell respects the principles set out in cross-border privacy programs such as the Privacy Shield and Safe Harbour. These include notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability (the “Principles”). 

Any questions or concerns regarding personal information received by Morneau Shepell from the EU/Switzerland should be directed first to our Privacy Officer as noted above.  Morneau Shepell will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information by reference to the Principles contained in this Policy. For complaints of EU and Swiss individuals that cannot be resolved between Morneau Shepell and the complainant, Morneau Shepell agrees to participate in an internationally recognized dispute resolution process.  

Compliance with Privacy Laws

It is Morneau Shepell’s policy to comply with the privacy legislation of each jurisdiction where we provide our services. Sometimes the privacy legislation and a person’s right to privacy are different from one country to another. If you are providing your personal information to us from a country other than the United States, you are consenting to the potential transfer of your personal information to these countries. Please note that that your personal information may be subject to access by law enforcement authorities in your country and in the United States if that is where your personal information is stored.