We have updated our Terms to ensure there is greater clarity on how our system works and what terms you accept when using ePACT. As we routinely undergo privacy and security audits, ensure we adhere to new legislation, or identify opportunities to strengthen ePACT, we have also adjusted our Terms to outline the various ways data is protected and managed in our network.
2) Privacy/Security Legislation: A large part of government and industry privacy and security requirements for systems like ePACT is around who owns data and who is allowed access to data.
For End Users: With ePACT, individual/family users own their own information and control which people (e.g. support network of friends and relatives you connect to) and organizations (e.g. your daycare, soccer team, school) they share data with. Your data will never be used for marketing, never be sold, and never be shared with any individual or organization that you do not give permission to connect to. These commitments have not changed. We have just made our Terms clearer in how ePACT works for you.
For Organizations: Our system is specifically structured to ensure that you can manage staff in your organization that can view data, make administrative notes (e.g. injury on the playground, Epipen used for an allergic reaction), run reports, etc. You are responsible for identifying and giving access to authorized personnel in your organization, and you can remove their access at anytime. These commitments and capabilities have not changed. We have just made it clearer how our system works, which helps better demonstrate how ePACT addresses legislative requirements around data management, such as HIPAA, PIPEDA, and GDPR.