Privacy And Security

OnSPARK's Commitment to Security

Privacy and security are paramount when handling sensitive long-term care (LTC) data. Our platform is designed to meet and exceed privacy, ethical, and security standards, ensuring that LTC homes, residents, researchers, and policymakers can confidently use OnSPARK's insights for quality improvement and research.

Privacy & Security Compliance Measures

Compliant with PHIPA (Personal Health Information Protection Act)
End-to-End Data Encryption & Secure Storage
Oversight by McMaster University's Privacy and Legal Office
Continuous Threat & Risk Assessments

Read our Data Governance Policy

OnSPARK follows a privacy-first approach, ensuring that resident-level data is always protected while still enabling critical research and operational improvements.

Data measures include:

De-Identification & Anonymization

Removing all personally identifiable information (PII) from data before transfer and analysis

Limited Data Access

Only authorized individuals under strict governance rules can access secure datasets

Data Minimization

We only collect and use the minimum data necessary to support LTC quality improvement and research

Secure Data Linkages

Secure data linkages with secure servers

Data Governance & Compliance

OnSPARK follows a strict data governance model that ensures compliance with Ontario's Personal Health Information Protection Act (PHIPA) and international best practices for health data privacy.

Key Governance Policies

Data Sharing Agreements – Formal agreements between OnSPARK LTC homes
Research Ethics Board (REB) Approvals – All work undergo ethical review and approval before data access
Data Access Controls – Only users with explicit permissions can access de-identified data
Transparency & Accountability – Regular audits and reports to ensure compliance with privacy and security regulations

Learn more about our governance framework

Keeping data safe through cutting-edge technology

Security Highlights:

Securely Hosted Data

Stored within a high-security, compliant infrastructure

End-to-End Encryption

Protecting data in transit and at rest using advanced cryptographic standards

Role-Based Access Control (RBAC)

Ensuring only approved users can access specific datasets

Continuous Threat & Risk Assessments

Conducted by McMaster's IT Security Office to mitigate cyber risks

Who oversees OnSPARK's Privacy and Security?

Key Oversight Responsibilities

Reviewing and approving all data access requests
Ensuring compliance with PHIPA & international standards
Conducting regular security audits & risk assessments
Upholding ethical data usage in research & quality improvement

OnSPARK's data security and privacy policies are guided by a dedicated advisory committee, which includes experts in ethics, cybersecurity, law, and health data governance.

Why OnSPARK's Privacy & Security Standards Matter

Trustworthy data handling ensures that LTC homes, residents, and researchers can rely on secure, ethical data use
Future-Proofed Security offers continuous updates to meet evolving cyber and privacy threats
Ethical Data-Driven Decision-Making empowers research and increases care improvements while safeguarding privacy

Read our full privacy policy

Security is not an afterthought

It's a core principle