Compliance & Data Protection
Security & Compliance
Enterprise security and regulatory compliance for Stormwater Management
Canadian Municipal Compliance
Municipal & Provincial Regulations
Purpose-built for Canadian municipalities, with full alignment to federal, provincial, and municipal legislation governing public-sector data management.
Ontario
Asset management plan generation for stormwater infrastructure meets Ontario's Asset Management Planning for Municipal Infrastructure regulation — including inventory, levels of service, lifecycle management strategy, risk assessment, and financial strategy per the 2025 requirements.
Ontario
Environmental Compliance Approval (ECA) management tracks every condition, monitoring requirement, maintenance obligation, and reporting deadline per the OWRA requirements for stormwater management facilities.
Ontario
Automated MECP annual performance report generation, upset condition notifications, and non-compliance reporting from system data — with submission tracking, deadline calendaring, and acknowledgement receipt archiving.
Ontario
Municipal Freedom of Information and Protection of Privacy Act compliance for property-level billing data — field-level access controls, audit trail, data retention policies, and RBAC protecting personal information in stormwater billing records.
Ontario
Stormwater billing module designed to meet Municipal Act requirements for defensible user fees — revenue linked directly to stormwater program costs with transparent reporting, appeal processes, and cost-recovery ratio tracking.
Canada
Stormwater infrastructure reported as tangible capital assets per PSAB standards — historical cost, useful life, amortization, and write-down tracking with financial reporting integration for the annual financial statements.
Ontario
Accessibility for Ontarians with Disabilities Act compliance — WCAG 2.1 AA-conformant public-facing portals, keyboard navigation, screen reader compatibility, and accessible document output for council reports and public notices.
“Compliance is not a feature we bolted on after launch — it is the architectural foundation every line of code is written against. Canadian municipalities deserve a platform that treats their legislative obligations as first-class requirements.”
Civic Engineering
· Platform Architecture TeamRegulatory Compliance
Industry Frameworks
Beyond municipal legislation, satisfies internationally recognized compliance frameworks.
Pipeline Assessment and Certification Program (PACP) and Manhole Assessment and Certification Program (MACP) standard defect coding and condition grading for automated structural and O&M scoring from CCTV inspection data.
- Standardized PACP defect coding applied to all CCTV inspection imports with automated validation against code tables
- MACP manhole condition grading with structural and O&M scores calculated per NASSCO methodology
- Inspector certification tracking ensures only PACP/MACP-certified personnel submit condition assessments
- Defect severity scoring linked to rehabilitation priority algorithms for capital planning
- CCTV inspection data integrity verified with file checksums and chain-of-custody logging from field to database
Canadian Standards Association standard for underground infrastructure inspection — supporting comprehensive condition assessment methodology aligned with municipal infrastructure management best practices.
- Condition assessment methodology aligned with CSA Z767-17 requirements for underground utility inspection
- Inspection frequency scheduling per asset criticality classification as recommended by CSA standards
- Data collection templates conforming to CSA Z767-17 data fields for consistent condition recording
- Risk-based prioritization using CSA consequence-of-failure and probability-of-failure framework
- Lifecycle cost analysis models informed by CSA deterioration curve methodologies
Service Organization Control audit covering security, availability, processing integrity, confidentiality, and privacy for the hosted platform — audited annually by an independent firm with reports available to customers.
- Logical access controls with role-based permissions for stormwater data — asset records, billing, and environmental monitoring
- Availability monitoring with automated failover ensuring continuous access to flood alert and SCADA systems
- Processing integrity controls validating billing calculations, impervious surface measurements, and ECA compliance data
- Confidentiality protections for property-level stormwater billing data and environmental monitoring records
- Annual independent SOC 2 Type II audit with full report available to municipal customers under NDA
Information security management system certification — covering risk assessment, access control, cryptography, physical security, operations security, and incident management for the stormwater management platform.
- Risk assessment and treatment methodology covering stormwater data assets including SCADA, IoT sensors, and billing records
- Access control policy with MFA enforcement, session management, and privileged access monitoring for stormwater systems
- Cryptographic controls with AES-256 at rest and TLS 1.3 in transit for all stormwater infrastructure data
- Operations security including change management, capacity planning, and malware protection for the platform
- Incident management procedures with escalation paths specific to environmental data integrity and SCADA security events
Data Sovereignty
Canadian Data Sovereignty
All stormwater management data — infrastructure records, CCTV inspections, environmental monitoring, property billing, and sensor telemetry — stored exclusively in Canadian data centres with full sovereignty controls.
Hosting
Canadian Only
Centres
3 Redundant
Encryption
AES-256
Sovereignty
PIPEDA / MFIPPA
Platform Security
Security Capabilities
Click any capability to explore the technical details behind each security layer.
Auditability
Audit Trail Features
Every action is logged, timestamped, and immutable — providing the complete audit trail required by provincial legislation and municipal accountability standards.
Every stormwater asset modification logged with before/after field-level snapshots and user identity
CCTV inspection imports tracked with source software, import date, file checksums, and validation results
Water quality data changes audited with analytical method, laboratory, and chain-of-custody reference preserved
Stormwater billing adjustments documented with reason, approver, amount, and affected billing periods
ECA condition changes tracked with amendment reference, effective date, and compliance status transition
Real-time anomaly detection for bulk billing record exports and mass property data access patterns
Audit reports exportable for MECP regulatory audits, MFIPPA requests, and insurance defence preparation
Configurable retention with minimum 7-year preservation — exceeding both regulatory and litigation hold requirements