Security & trust

Every byte, every time, in Canada.

Residential care data is some of the most sensitive material in the public record. Our security posture is the product, not a page. Every default is the conservative one. Every exception is documented.

Data residency

Canadian-hosted is a bright line, not a marketing claim.

Application

Canada

All server-side processing in a Canadian region. No US fallback.

Data at rest

Canada

Database, storage, and backups all in-region. Encrypted with per-tenant keys.

Cross-border flow

No PII leaves Canada, ever. Edge layers never touch resident data.

AI retention

ZDR

Zero data retention on every model call. Anonymization layer mandatory.

Defence in depth

Six layers, no weak one.

01 — Transport

TLS 1.3, HSTS, and certificate pinning.

Every request is encrypted end-to-end with modern transport standards. HSTS with preload across every surface. Certificate pinning for the native shell.

02 — Storage

AES-256 at rest, per-tenant KMS.

Object storage, database disks, and backups are encrypted with per-tenant keys. Column-level encryption for financial and identity fields.

03 — Access

Row-level security, not wishful thinking.

Row-level security on every table — enforced at the database, not the app. No privileged keys in the browser. TOTP MFA for staff + directors. Device attestation on managed tablets.

04 — Audit

Append-only. Signature-chained. Forever.

Database-level triggers capture every mutation. Entries are cryptographically chained — tamper-evident by construction. Retention follows the longest applicable provincial statute.

05 — AI

Anonymization before inference. ZDR on.

Every model call passes through a redaction layer — names, addresses, identifiers are stripped before inference. Zero data retention enabled at the boundary. Canadian-region inference.

06 — Response

A runbook, not an aspiration.

Incident response drill every 90 days. 24-hour client notification SLA. Forensic preservation and counsel contact pre-arranged.

Compliance matrix

Per province. Not per-promise.

Every Canadian jurisdiction has its own privacy act and its own child & family services framework. Here's what Caremynd honours today, and what's on the roadmap.

Jurisdiction

Privacy act

CFS framework

Residency

Status

Manitoba

PHIA · FIPPA

CFS Act

Canada

Live

Ontario

PHIPA · FIPPA

CYFSA

Canada

Live

Alberta

HIA · FOIP

CYFEA

Canada

Live

British Columbia

PIPA · FIPPA

CFCSA

Canada

Live

Saskatchewan

HIPA · LA-FOIP

CFS Act

Canada

Live

Nova Scotia

PHIA · FOIPOP

CYFSA

Canada

Roadmap

Newfoundland & Labrador

PHIA · ATIPPA

CYFSA

Canada

Roadmap

Quebec

Law 25

LPJ / DPJ

Canada

Roadmap

Live · serving residents in this jurisdiction todayRoadmap · compliance review in progress, not yet deployed

OCAP® & Indigenous data

Indigenous data stays Indigenous.

We follow the First Nations principles of ownership, control, access, and possession (OCAP®). Nation-specific data is tagged at the record level. Anonymized datasets cannot be derived from Indigenous-identified records without nation consent, and we don't sell data — ever.

For procurement, directors, and privacy officers

Bring the hardest question.

We'll walk your privacy officer through the whole stack — edge, functions, database, backup, AI boundary — with log samples from a live tenant.

Request the security brief →Browse the modules