> For the complete documentation index, see [llms.txt](https://edehr.gitbook.io/edehr-compass/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://edehr.gitbook.io/edehr-compass/legal-and-compliance/privacy/privacy-and-security.md). # Privacy & Security ## Two Layers, Two Different Privacy Profiles When evaluating EdEHR, it helps to understand that privacy considerations apply at two distinct levels — and they are quite different from each other. ### EdEHR Compass (This Knowledge Base) EdEHR Compass is a publicly accessible documentation site. It contains no student data, no patient data, and no sensitive personal information. Accessing or contributing to Compass does not trigger institutional privacy requirements. The platform hosting Compass (GitBook) collects only basic browser and account information needed for access. GitBook does not sell user data, does not host advertising, and is compliant with the General Data Protection Regulation (GDPR). All data transmission is encrypted using HTTPS and SSL/TLS. **Bottom line:** No Privacy Impact Assessment (PIA) is required to use EdEHR Compass. ### The EdEHR Platform The EdEHR platform itself — used by students and instructors in the classroom — does handle some personal information, but it was designed with a minimal data footprint in mind. EdEHR operates in alignment with **British Columbia's Freedom of Information and Protection of Privacy Act (FOIPPA)**, the primary privacy legislation governing data collection and use by public post-secondary institutions in the province. Here's what EdEHR collects: * Student name * Learning management system (LMS) user ID * LMS role information * Assignment submissions Here's what EdEHR **does not** collect: * Email addresses * Dates of birth * Passwords or login credentials * Other personal identifiers commonly captured by educational technology platforms Authentication is handled entirely through the institution's own LMS via the LTI specification. EdEHR never manages user accounts or passwords directly. All data is stored in Canada on DigitalOcean servers located in Toronto, with encryption both in transit (HTTPS) and at rest. Institutions retain full control over the data lifecycle, including the ability to download student work and purge assignment data from EdEHR servers at their discretion. **Bottom line:** Institutions adopting the EdEHR platform will likely need to complete a PIA, but the process is simplified by EdEHR's minimal data footprint and Canadian hosting. ## Privacy Impact Assessments Under Section 69(5.3) of FOIPPA, public post-secondary institutions are required to complete a Privacy Impact Assessment when adopting new technology that involves personal information. EdEHR Technologies provides a PIA template that institutions can take through their proper internal channels with their privacy officer. The template covers: * What data elements are collected * How data flows between the LMS and EdEHR * Where data is stored and what security measures are in place * Risk mitigation strategies * Suggested collection notice language for students Each institution handles the PIA process on its own terms, reflecting its own compliance requirements and timelines. There is no one-size-fits-all approach — some institutions may need extensive internal review, while others may have more streamlined processes. ## Security Measures Access to the EdEHR platform is controlled through institutional LMS integration — there are no separate EdEHR login credentials. Administrative access to the production environment is limited to one or two vetted individuals via SSH using SSL keys, with no password-based access. The infrastructure is protected by dual firewalls (DigitalOcean and Debian OS). As an open-source platform, the codebase is publicly available on [GitHub](https://github.com/edehr/edehr) for transparency and independent review. ## Key Takeaways * **Compass** (documentation): No PIA required. Publicly accessible, no personal data involved. * **EdEHR platform** (classroom use): PIA likely required under FOIPPA, handled institution by institution. * **Data stays in Canada**: All EdEHR data is hosted on Canadian servers in Toronto. * **Minimal data collection**: EdEHR collects significantly less personal information than most educational technology platforms. * **Institutions stay in control**: You can download and purge student data at any time. * **No separate logins**: Authentication is handled entirely through your institution's LMS. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://edehr.gitbook.io/edehr-compass/legal-and-compliance/privacy/privacy-and-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.