Compliance & Data Protection
Built on burial-sector trust requirements
FBCSA-compliant perpetual care fund tracking, MFIPPA-aligned living person data protection, and BAO audit-ready reporting — security architecture designed specifically for cemetery operations.
Canadian Municipal Compliance
Municipal & Provincial Regulations
Purpose-built for Canadian municipalities, with full alignment to federal, provincial, and municipal legislation governing public-sector data management.
Ontario
Comprehensive FBCSA compliance covering interment rights sales agreements, perpetual care fund contribution calculation per O.Reg. 30/11, rights transfer and surrender processing, and consumer protection disclosures — all enforced through workflow automation.
Ontario
BAO licence compliance with annual return preparation, PCF reporting in prescribed format, complaint response documentation, and cemetery bylaw compliance verification — ensuring uninterrupted operator licensing.
Ontario
MFIPPA-aligned privacy controls ensuring living person data is protected in the public genealogical portal while enabling open access to deceased individual records — with configurable retention schedules and audit logging.
Ontario
WCAG 2.1 AA compliance across all public-facing components including the genealogical portal, GIS cemetery map, digital memorial pages, and virtual tour platform — ensuring equitable access for all community members.
Canada (Federal)
PIPEDA-compliant handling of personal information collected during rights sales, interment processing, and digital memorial submissions — with purpose limitation, consent management, and data minimization.
Ontario
Burial permit verification workflows ensure compliance with the Vital Statistics Act — no interment proceeds without validated burial permit documentation. Coroner notification integration for cases under investigation.
Ontario
Environmental compliance for green burial programs, scatter garden operations, and cemetery grounds — covering soil protection, water table management, and biodegradable material requirements.
“Compliance is not a feature we bolted on after launch — it is the architectural foundation every line of code is written against. Canadian municipalities deserve a platform that treats their legislative obligations as first-class requirements.”
Civic Engineering
· Platform Architecture TeamRegulatory Compliance
Industry Frameworks
Beyond municipal legislation, satisfies internationally recognized compliance frameworks.
Annual SOC 2 Type II audit covering security, availability, and confidentiality trust principles for cemetery platform operations — including perpetual care fund data and genealogical records.
- Security: multi-factor authentication, role-based access, encryption at rest and in transit
- Availability: 99.9% uptime SLA with auto-scaling and failover
- Confidentiality: cemetery data access limited to authorized operators with purpose-specific entitlements
Information security management system aligned with ISO 27001 controls — covering cemetery record protection, PCF financial data security, and public portal hardening.
- Cemetery data classification: burial records (confidential), PCF data (restricted), genealogical index (public)
- Cryptographic controls: AES-256 at rest, TLS 1.3 in transit for all cemetery data
- Business continuity planning for cemetery operations with automated backup and disaster recovery
Full WCAG 2.1 AA compliance across all public-facing cemetery services — genealogical portal, digital memorials, virtual tours, and GIS map interface.
- Keyboard navigation support for all interactive elements
- Screen reader compatibility with ARIA labels and semantic markup
- Color contrast ratios meeting AA standards across all interfaces
Cloud Security Alliance STAR registry listing for the Civic Platform cloud infrastructure — covering cemetery data hosting, encryption, and multi-tenancy controls.
- Cloud security posture management with continuous compliance monitoring
- Multi-tenancy isolation controls for cemetery data segregation
- Encryption key management with customer-controlled keys option
Data Sovereignty
Canadian Cemetery Data Sovereignty
All cemetery records — plot inventories, rights holder information, burial records, perpetual care fund data, and genealogical indexes — stored exclusively in Canadian data centres. No cemetery data crosses Canadian borders at rest or in transit.
Hosting
Canadian Only
Centres
3 Redundant
Encryption
AES-256
Sovereignty
PIPEDA / MFIPPA
Platform Security
Security Capabilities
Click any capability to explore the technical details behind each security layer.
Auditability
Audit Trail Features
Every action is logged, timestamped, and immutable — providing the complete audit trail required by provincial legislation and municipal accountability standards.
One-click BAO audit export
Interment record audit trail
Rights transaction ledger
PCF contribution reconciliation
Public portal access logging
Configuration change tracking
Document retention compliance
Multi-cemetery segregation audit