Privacy And Security

OnSPARK's Committment to Security 

Privacy and security are paramount when handling sensitive long-term care (LTC) data. Our platform is designed to meet and exceed privacy, ethical, and security standards, ensuring that LTC homes, residents, researchers, and policymakers can confidently use OnSPARK’s insights for quality improvement and research.



Privacy & Security Compliance Measures

  • Compliant with PHIPA (Personal Health Information Protection Act)
  • End-to-End Data Encryption & Secure Storage
  • Oversight by McMaster University’s Privacy and Legal Office
  • Continuous Threat & Risk Assessments
Read our Data Governance Policy 
About Image

OnSPARK follows a privacy-first approach, ensuring that resident-level data is always protected while still enabling critical research and operational improvements. 

Data measures include: 

De-Identification & Anonymization

Removing all personally identifiable information (PII) from data before analysis

Limited Data Access

Only authorized individuals under strict governance rules can access secure datasets

Data Minimization

We only collect and use the minimum data necessary to support LTC quality improvement and research

Secure Data Linkages

Secure Data Linkages

Data Governance & Compliance

OnSPARK follows a strict data governance model that ensures compliance with Ontario’s Personal Health Information Protection Act (PHIPA) and international best practices for health data privacy.

Key Governance Policies 

  • Data Sharing Agreements – Formal agreements between OnSPARK, LTC homes
  • Research Ethics Board (REB) Approvals – All research projects undergo ethical review and approval before data access is granted​repository 
  • Data Access Controls – Only approved researchers and LTC operators with explicit permissions can access de-identified data​
  • Transparency & Accountability – Regular audits and reports to ensure compliance with privacy and security regulations​
Learn more about our governance framework
Compliance Image

Keeping data safe through cutting-edge technology  




Security Highlights : 

 Securely Hosted Data

Stored within a high-security, compliant infrastructure​

End-to-End Encryption

Protecting data in transit and at rest using advanced cryptographic standards

Role-Based Access Control (RBAC)

Ensuring only approved users can access specific datasets

Continuous Threat & Risk Assessments

Conducted by McMaster’s IT Security Office to mitigate cyber risks

Who oversees OnSPARK's Privacy and Security?

Key Oversight Responsibilities 

  •  Reviewing and approving all data access requests  
  • Ensuring compliance with PHIPA & international standards
  • Conducting regular security audits & risk assessments
  • Upholding ethical data usage in research & quality improvement

OnSPARK’s data security and privacy policies are guided by a dedicated advisory committee, which includes experts in ethics, cybersecurity, law, and health data governance.

Why OnSPARK's Privacy & Security Standards Matter

  • Trustworthy data handling ensures that LTC homes, residents, and researchers can rely on secure, ethical data use
  •  Future-Proofed Security offers continuous updates to meet evolving cyber and privacy threat
  • Ethical Data-Driven Decision-Making  empowers research and increases care improvements while safeguarding privacy
Read our full Privacy Policy

Security is not an afterthought
It's a core principle

Read our Data Protection Policy