EpiTrace© Privacy

We take privacy seriously

Security and privacy of data are paramount in the interconnected world we live in today. The same technology that enables remote learning, working from home, and all the wonders in our smartphones allows our personal data to become grist for the mill of commerce and bad actors. Big tech companies know that in this world, we are the product and our personal data is used to generate advertising revenue at our expense.

EpiTrace Sentinel is “highly privacy protective!”

Ann Cavoukian, former Information and Privacy Commissioner of Ontario, Canada

At EpiTrace Sentinel Solutions Inc., we’re aware of this concern, and we take it very seriously. Our flagship product, EpiTrace Sentinel, is a new tool designed for Public Health Authorities to aid in managing pandemics. EpiTrace Sentinel augments the ability of these authorities in their manual events tracing efforts, the cornerstone of effectively minimizing a virus outbreak.

EpiTrace Sentinel and the data it collects is managed ONLY by Public Health Authorities within the community. As a society we collectively agree to provide limited and relevant personal information to health authorities, when necessary, to receive care and to allow those health authorities to protect our well-being. This is a realistic compromise in order for our society to remain healthy.

How EpiTrace Sentinel Secures Privacy

When a CONTACT is entered into the system — by a professionally trained and certified operator — a unique random alphanumeric identifier (ID) is assigned to that contact record at the system level and remains associated (within the database) with that contact as long as they are in the system. This provides an anonymous representation of the contact in the system.

How EpiTrace Sentinel Secures PrivacyWe store the contact’s personal data, including name, address, and phone number, as well as relevant travel and medical information, separately. Where applicable, this requires regulated linkages to travel and relevant medical records, where individuals have already given permission/authorization for that data to be used for such a purpose.

The system maps CONTACT EVENTS including time and location, with the system-generated ID, however, all CONTACT CASE DATA remains separated, private, and neither viewable nor accessible until and unless the following conditions are met:

1)  SSL/HTTPS-only systems access: all mechanisms allowing access to EpiTrace Sentinel are protected using the latest cryptographic technology, system access is restricted by primary layer SSL/HTTPS secure login and;

2)  Role-based data-masking is implemented at the application layer (variable administrative access). This means data can be accessed only by authorized users with the appropriate credentials — lower-level access only allows users to see the anonymous ID and icon and;

3)  If and only if, there is a need to access personal private information as a result of a health emergency, such as exposure to a confirmed infected contact

In EpiTrace Sentinel, no data is collected for, stored by, or shared with any commercial organization.