Privacy Policy and Information Security

Publication date: 21/03/2020, 14:35 | Update date: 17/01/2021, 14:49
Privacy Policy and Information Security, HaMagen Application

1. Who developed the app?

HaMagen was developed in a joint effort by developers from the Ministry of Health, commercial companies, and volunteers from various organizations and the developer community in Israel.  

2. What does the app do?

Once every set period of time (currently once an hour), the app downloads a file with an anonymous list of locations from the Ministry of Health's cloud (including dates and times) in which verified Coronavirus patients have visited (patients who were examined by the Ministry of Health and underwent epidemiological investigation by the various tools at the Ministry's disposal) as well as proximity data of verified Coronavirus patient on whose cellular devices this app was installed, and check these locations and proximity data against the locations and proximity data (including dates and times) that were stored on your device.

Information about locations and proximity data, including times, is cross-referenced within your device, and not on the cloud. Your locations are not sent to the Ministry of Health unless you have authorized the Ministry of Health to receive this information for purposes of help in identifying people who have been exposed and who must enter home isolation as soon as possible. Should the app determine that there is some probability that you were in the same place and the same time as a verified patient, you will receive a notification from the app with the details of the place and time of exposure to a verified patient and, you will be required to approve the details of this notification. Should the app identify an overlap by the proximity data to a verified patient, you will receive information instructing you to enter isolation. Should the app identify several instances of overlap with location data or proximity data with a verified patient, you will receive a notification with the latest date in which you came in contact with the verified patient.

Upon receiving the notification from the app, it is recommended that you take precautions and verify this information at the Ministry of Health's website where these lists are published, as well as maps with the locations where verified patients stayed. If you have any doubts regarding the precision of the information provided by the app, you may consult the Ministry of Health's hotline at *5400, regarding points of exposure.  

3. Where and in what manner is my information stored?

  • Information about your locations is only stored on your device and is not forwarded.
  • Information about your proximity data to other devices on which this app was installed is only stored on your device and is not forwarded.
  • Information is stored via the SQLite database, accessible only to the app.
  • Only if you have been identified as a verified patient, we will ask for your consent to send us the information on the routes that you have made, in order to help us carry out necessary epidemiological investigations in ever increasing numbers. In such case, the data sent will be securely stored on the Ministry of Health's servers. 

4. How does the app know where I've been, and why does it require authorizations to my device?

  • HaMagen requires authorization to access your tracking services and to activate Bluetooth services on your device, as well as internet access (for cellular surfing or WIFI) from your device.
  • Internet access is required in order to download the continuously updated data file containing the history of the locations and proximity data of verified coronavirus patients from the Ministry of Health's cloud (that is to say, the findings of the epidemiological investigations that the Ministry of Health has performed on verified patients) and to check your proximity to a verified patient.
  • The app compares data on verified patients' routes compares with your locations and proximity data in the 14 days preceding the date of each patient's diagnosis. Therefore, the app requires access to your locations and the Bluetooth services on your device. All cross-referencing is performed on your device and is not forwarded, uploaded to the Ministry of Health or any other agency, nor forwarded to other users or organizations.

5. What kind of information does the app keep about me?

  • Location history (dates, times, and place) according to the tracking services (and currently – not applicable to dates before you have installed the app) compared to the last two weeks only.
  • Proximity data history (dates, times, and place) collected by the Bluetooth services on your device compared to the last two weeks only.
  • History of wireless networks (WIFI) that you came across in the last two weeks only.
  • Cross-references of locations with verified patients (if any) – in the last two weeks only.
  • Everything is stored in the memory of your phone and is not forwarded.

6. Where do the verified patient files come from? How do I know it's genuine? Does it contain identifying information?

The file is generated in the Ministry of Health's epidemiological system. It contains only verified information that was received from laboratories and epidemiological investigations and is monitored by the Ministry of Health. Before sending, the file is digitally signed with the Ministry of Health's digital signature. Upon receiving the file, the digital signature is examined by the app, to verify that the file was received from the Ministry of Health in an orderly manner, in order to prevent the breach of malware into the app.  

We are aware of the existence of attack and breach attempts, and we are doing our best to protect the app so that it can protect you.

7. What stations do the verified patient files go through before reaching me?

  • The file passes from the Ministry of Health to its task-specific cloud via Azure (cloud services operated by Microsoft) by way of a secured virtual safe (CyberArk)  
  • The Ministry of Health's communication with Azure is carried out by ExpressRoute service, via task-specific communications lines (not via internet)
  • The file is saved to the cloud with Blob Storage service, and from the cloud, the app downloads the file
  • The information security experts approved information security services for cloud and for cloud communications of all the parties involved

8. Why is this information necessary for the Ministry of Health, and how does it use it?

  • A user who was identified as a verified Coronavirus patient (or his or her legal guardian) may choose to agree to share the location history stored in the app with the Ministry of Health in order to assist in carrying out epidemiological investigations for locating individuals who were exposed to him or her and are at risk of becoming sick, as well as his or her proximity data stored by the app in  order to notify other users that they stayed in the same place and the same time as a verified Coronavirus patient. 
  • Sharing this information with the Ministry of Health shall be done only with the user's consent. If the user agrees to share this information with the Ministry of Health, this consent will be carried out in a two-stage process: First, the user will receive a link where he or she approves that they agree to share this information with the Ministry of Health. Subsequently, the user will agree to send this information from the app to the Ministry of Health. The user has the choice of whether the information about locations history and proximity data history is to be shared jointly or separately.    
  • The raw information that the user shares with the Ministry of Health about his or her locations history will be examined together with the user within the framework of the epidemiological investigation. Information regarding locations that were confirmed by the user will be stored as part of the epidemiological investigation and published without any identifying details, in order to notify and alert the public and the app users who were in the same places. These locations will be published in the Ministry of Health's website, in the Coronavirus exposure point map, and returned to the app as part of the file containing the location history of verified Coronavirus patients. 
  • The information about locations confirmed by the user will be stored in the Ministry of Health's epidemiological investigations system for a duration of at least 7 years, including information labeled as "irrelevant" in the epidemiological investigation process.
  • Proximity data that the user shares with the Ministry of Health will be returned to the app, without any identifying information, as part of the information on verified Coronavirus patients, in order to identify other users' possible overlaps with verified Coronavirus patients. 
  • Proximity data and the rest of the raw information that will be shared with the Ministry of Health and not used for epidemiological investigations will be deleted within 30 days from the date of sharing with the Ministry of Health, including from the logs and any stations that this information passed through on its way to the Ministry of Health. During this period, the Ministry of Health may use this data for bettering the information and for improving technological capacities for identifying Coronavirus contamination points.
  • Information shared with the Ministry of Health will not be forwarded to any third parties.    

9. How is the information shared with the Ministry of Health secured?

  • The Ministry of Health puts great emphasis on the information's confidentiality and privacy. Accordingly, any information shared with the Ministry of Health will go through an encrypted channel and stored in the Ministry's servers in accordance with all procedures and protocols on information security and protection of privacy applicable to the Israeli healthcare system, and compliance with the law.
  • The Ministry of Health runs routine maintenance checks of the measures ensuring information security and protection of privacy and updates them as needed.

10. If everybody installs the app, won't there be a problem with congestion?

  • Location and proximity data comparison calculations are performed on your device only. Therefore, the only possible congestion that may be caused is if too many devices will download the Ministry of Health's data file from the cloud at the same time.
  • Therefore, in some instances (such as if there are many new verified patients with many epidemiological investigations), the check and the downloading of information from the cloud may take a few minutes and consume some battery power.
  • We have performed a successful check of 1.6 million readings in 9 minutes. This is congestion suitable for several millions of users, as we hope that the app will have in Israel. However, we are working to improve this matter as well.

11. On what technologies and infrastructures is the app based?

  • The app was written with React Native + Native components
  • The information on the device is stored in SQLite
  • We have also used additional open code components
  • Using FireBase to deliver silent push notifications lets the App run efficiently and smoothly

12. Where is it possible to see the app's source code?

The app's source code is managed and published on GitHub: https://github.com/MohGovIL/hamagen-react-native

13. Some apps monitor use. Do you also do that?

  • We use Google's Firebase service
  • The service collects anonymous information for purposes of monitoring the app's functionality only
  • We use anonymous information to learn the app's functionality so that we can improve it for the benefit of the user public, and for this purpose only
  • We do not collect identifying information about your use of the app, your use of other apps, network traffic, internet use, phone calls, or any other content related to your device. The app will neither collect nor store information on anything that does not pertain to your location: place, date, and time and/or your proximity data

14. Should I do anything to maintain the privacy of my information?

  • Physically protect your smartphone device – as usual
  • Lock your device with a password when it is not in use – as usual 

15. What security checks did this app pass?

The Ministry of Health takes extra precautions to protect your privacy and confidentiality. Accordingly, the app was tested by several cyber and information security agencies, including staff from Israel National Cyber Directorate, specialists from the commercial sector, and leading information security and cyber experts from the civil cyber and information security community in Israel. Security checks included architectural checks, code reviews, and PT (breach checks). Adjustments were made according to the recommendations received, and we are currently convinced that the app is sufficiently secure for use, adequately protected from attacks and malfunction, and capable of providing user services in accordance with its purposes.   

The Ministry of Health regularly monitors data security and privacy protection software and updates it accordingly.

16. How should we act in the case of an information security incident?

Although we spared no effort, professional experience, and controls, there is no such thing as a completely secure system. Therefore, we are committed to informing the user public of information security incidents that affect them, so that they can take necessary precautions.

17. You are welcome to send us your questions, and suggestions for improving the application or reports of information security, or privacy issues to Hamagen@MOH.GOV.IL

Back To Top