Utilizing permission levels
MyCompass has tiered permission levels, each user level has access to specified information. For example, the MyCompass Briefcase is only accessible to users who are either support workers or administrators. Data and files are separated between institutions.
Invite only user access
User access is granted on an invite-only basis, all users confirm the MyCompass Terms of Use upon acceptance. In addition, each agency utilizing MyCompass is responsible to follow their privacy and confidentiality policies and procedures.
Secure servers and data transmission
MyCompass uses the latest security protocols to store and transmit your data. All servers are in SSAE16 SOC-1 and SOC-2 certified Canadian data centres. MyCompass also features auto log out after 15 minutes of user inactivity.
SSL (Secure Sockets Layer)
MyCompass applies SSL to each of the applications. SSL establishes an encrypted link between the server and a browser. This link ensures that the data passed between the server and the browser remains private and secure.
Password Protection
Users passwords are stored and protected using industry standards set out by the National Institute of Standards and Technology. They are encrypted by an irreversible 256 bit encryption algorithm.
Privacy Impact Assessment (PIA)
MyCompass contracted an external party to complete a thorough Privacy Impact Assessment (PIA) to determine any current privacy risks that exist for implementation, and to provide mitigation recommendations.