Code of Conduct

Personal Information Code of Conduct for Organizational Users of ePACT

ePACT is a communication network and emergency preparedness resource centre service which enables registered users of the ePACT service (“Users“) to build support networks of relatives, friends and organizations, store and exchange critical information, and access communication tools for greater interaction and preparation in the event of an emergency. This Code of Conduct sets out basic obligations in relation to the use of personal information on the ePACT service.

“Personal Information” means any information which identifies or can be used to identify an individual. Via the ePACT service, you and your organization may have access to the following kinds of personal information:

  • Health information (which may include a Users physical and mental condition or medical requirements and records past and present)
  • Contact information (of a User or a User’s family members or other emergency contacts)
  • Optional information (eg. photographs uploaded by the individual as part of their ePACT information package and other optional information that a User might provide in connection with his/her ePACT account and profile)

In using the ePACT service you agree on behalf of your organization that:

  1. Permitted Use. Any personal information provided by ePACT or accessible through the ePACT service is NOT to be used for any purpose other than that for which it was collected. The personal information was disclosed to your organization with the consent of the individual. For greater certainty, the primary use of personal information by an organization is to ensure that a User receives timely and effective assistance in the event of an Emergency which uses may include (to the extent required):
  • Disclosing information to medical personnel attending to the User
  • Providing medical assistance to the User
  • Contacting the User’s family or emergency contacts, and
  • Any other action taken to ensure the health and safety of the User
  1. “Emergencies” may include:
  • Any event that presents a reasonable health or safety risk to the individual exclusively or as part of a collective
  • A sudden decline in the physical or psychological wellbeing of the individual rendering them in need of some assistance to ensure their health and safety, and
  • Any other circumstances under which a reasonable person would conclude that the use of the personal information is necessary to the health and safety of the individual

2. Limited Disclosure. As an administrator of personal information on behalf of your organization, you are responsible for ensuring that the information is not put to any use or disclosed in any manner that contravenes this Code of Conduct, ePACT’s Terms of Use and Privacy Policy or any other contractual agreement in place between your organization and ePACT. Personal information should be shared only with administrators or other persons within the organization who need access to the information in order to use the ePACT service (eg. to contact a User’s emergency contact in the event of an emergency). Personal Information is NOT to be disclosed to any other individual, organization or entity of any kind under any circumstances except, as provided under this Code of Conduct, ePACT’s Terms of Use and Privacy Policy or the contractual agreement between ePACT and your organization or where required by Applicable Law.

“Applicable Laws” means all federal, provincial, state or other applicable statutes, laws or regulations of any governmental or regulatory authority in any jurisdiction governing the Handling of information about an identifiable individual, including the Personal Information Protection and Electronic Documents Act (Canada) and equivalent provincial legislation (eg. Freedom of Information and Protection of Privacy Act).

3. Notifications. If there is any unauthorized access to, disclosure or loss of, or inability to account for personal information, you agree to co-operate with ePACT in providing any notices regarding impermissible disclosures caused by such disclosure or access which the ePACT deems appropriate. To the extent such unauthorized disclosure or access is attributable to a breach by any personnel of the organization (even if outside the scope of their employment or consulting duties), the organization will bear (a) the costs incurred in complying with legal obligations relating to such breach and (b) in addition to any other damages for which the organization may be liable for under this Agreement, reasonable direct costs incurred by ePACT in complying with its legal obligations relating to such breach

4. Personnel. On request, you will assign an individual acceptable to ePACT who will be responsible for all personal information to be handled by the organization and for ensuring that the organization complies with the requirements in the Terms of Service and this Code of Conduct.

For any questions regarding the collection, use and disclosure of personal information by ePACT please contact privacy@epactnetwork.com.