Privacy Policy and Information Security

Publication date: 21/03/2020, 14:35 | Update date: 15/06/2020, 09:36

 
 

1. Who developed the application?

HaMagen was developed in a joint effort by developers from the Ministry of Health, commercial companies, and volunteers from various organizations and the developer community in Israel.  

 
 
 
 

2. What does the application actually do?

Once every set period of time (currently once an hour), the application downloads a file with an anonymous list of locations in which diagnosed COVID-19 patients have visited (patients who were examined by the Ministry of Health and underwent epidemiological investigation by the various tools at the Ministry's disposal) from the Ministry of Health's cloud (including dates and times) and then the application will cross-reference these locations against your locations (including dates and times) that are stored in your device.

Information about locations and times is cross-referenced within your device, and not on the cloud. Your locations are not sent to the Ministry of Health, unless you have authorized the Ministry of Health to receive this information for purposes of help in identifying people who have been exposed and who must enter home isolation as soon as possible. Should the application discover that there is a possibility that you have been at the same place and at the same time as a diagnosed patient, you will receive a notification from the application with the details of the location and times where you have been exposed to a patient.

Upon receiving the notification from the application, it is recommended that you take precautions and verify this information at the Ministry of Health's website where these lists are published, as well as maps with the locations where verified patients stayed. If you have any doubts regarding the precision of the information provided by the application, you may consult the Ministry of Health's hotline at *5400, or the hotline of your HMO, regarding points of exposure.  

 
 
 
 

3. Where and in what manner is my information stored?

  • Information about your locations is only stored on your device and is not transmitted.
  • Information is stored via the SQLite database, accessible only to the application.
  • Only if you have been diagnosed as a confirmed patient, we ask for your consent to send us the information on the routes that you have made, in order to help us carry out necessary epidemiological investigations in ever increasing numbers. In such case, the information sent will be securely stored on the Ministry of Health's servers. 
 
 
 
 

4. How does the application know where I've been, and why does it require authorizations to my device?

  • HaMagen requires authorization to access your location, as well as internet access (for cellular surfing or WIFI) from your device.
  • Internet access is required in order to download the continuously updated data file containing the history of the locations of diagnosed coronavirus patients from the Ministry of Health's cloud (that is to say, the findings of the epidemiological investigations that the Ministry of Health has performed on diagnosed patients).
  • The application compares the locations of every diagnosed patient to your locations in the 14 days preceding the date of each patient's diagnosis. Therefore, the application requires access to your locations. All cross-referencing is performed on your device and is not forwarded, uploaded to the Ministry of Health or any other agency, nor forwarded to other users or organizations.
 
 
 
 

5. What kind of information does the application keep about me?

  • Location history of last two weeks only (dates, times, and places) according to the tracking services (and currently – not applicable to dates before you have installed the application).
  • History of wireless networks (WIFI) that you came across in the last two weeks only.
  • Cross-references of locations with diagnosed patients (if any) – in the last two weeks only.
  • Everything is stored in the memory of your phone and is not forwarded.
 
 
 
 

6. Where do the diagnosed patient files come from? How do I know its genuine? Does it contain identifying information?

The file is generated in the Ministry of Health's epidemiological system. It contains only verified information that was received from laboratories and epidemiological investigations and is monitored by the Ministry of Health. Prior to sending, the file is digitally signed with the Ministry of Health's digital signature. Upon receiving the file, the digital signature is examined by the application, to verify that the file was received from the Ministry of Health in an orderly manner, in order to prevent the breach of malware into the application.  

We are aware of the existence of attack and breach attempts, and we are doing our best to protect the application so that it can protect you.

 
 
 
 

7. What stations do the diagnosed patient files go through before reaching me?

  • The file passes from the Ministry of Health to its task-specific cloud via Azure (cloud services operated by Microsoft) by way of a secured virtual safe (CyberArk)  
  • The Ministry of Health's communication with Azure is carried out by ExpressRoute service, via task-specific communications lines (not via internet)
  • The file is saved to the cloud with Blob Storage service, and from the cloud, the application downloads the file
  • The information security experts approved information security services for cloud and for cloud communications of all the parties involved
 
 
 
 

8. Why is this information necessary for the Ministry of Health, and how does it use it?

  • A user who was diagnosed as a verified Coronavirus patient (or his or her legal guardian) may choose to consent to sharing the location history stored in the application with the Ministry of Health in order to assist in carrying out epidemiological investigations for locating individuals who were exposed to him or her and are at risk of becoming sick.
  • Sharing this information with the Ministry of Health shall be done only with the user's consent. If the user consented for sharing this information with the Ministry of Health, this consent will be carried out in a two-stage process: First the user will receive a link where he or she approves that they consent for sharing this information with the Ministry of Health. Subsequently, the user will consent for sending this information from the application to the Ministry of Health.   
  • The raw information that the user shares with the Ministry of Health will be examined together with the user within the framework of the epidemiological investigation. Information regarding locations that were confirmed by the user will be stored as part of the epidemiological investigation and published without any identifying details, in order to notify and alert the public and the application users who were in the same places. These locations will be published in the Ministry of Health's website, in the Coronavirus exposure point map, and returned to the application as part of the file containing the location history of verified Coronavirus patients.  
  • The information about locations confirmed by the user will be stored in the Ministry of Health's epidemiological investigations system for a duration of 7 years, including information labeled as "irrelevant" in the epidemiological investigation process.
  • The rest of the raw information that will be shared with the Ministry of Health and not used for epidemiological investigations will be deleted within 30 days from the date of sharing with the Ministry of Health, including from the logs and from any stations that this information passed through on its way to the Ministry of Health. During this period, the Ministry of Health may use this data for bettering the information and for improving technological capacities for identifying Coronavirus contamination points.
  • Information shared with the Ministry of Health will not be shared with any third parties.    
 
 
 
 

9. How is the information shared with the Ministry of Health secured?

  • The Ministry of Health puts great emphasis on the information's confidentiality and privacy. Accordingly, any information shared with the Ministry of Health will go through an encrypted channel and stored in the Ministry's servers in accordance with all procedures and protocols on information security and protection of privacy applicable to the Israeli healthcare system, and in accordance with the law.
  • The Ministry of Health runs routine maintenance checks of the measures ensuring information security and protection of privacy and updates them as needed.
 
 
 
 

10. If everybody installs the application, won't there be a problem with congestion?

  • Location comparison calculations are performed on your device only. Therefore, the only possible congestion that may be caused is if too many devices will download the Ministry of Health's data file from the cloud at the same time.
  • Therefore, in some instances (such as if there are many new diagnosed patients with many epidemiological investigations), the check and the downloading of information from the cloud may take a few minutes and consume some battery power.
  • We have performed a successful check of 1.6 million readings in 9 minutes. This is congestion suitable for several millions of users, as we hope that the application will have in Israel. However, we are working to improve this matter as well.
 
 
 
 

11. On what technologies and infrastructures is the application based?

  • The application was written with React Native
  • The information on the device is stored in SQLite
  • We have also used additional open code components
  • Using FireBase to deliver silent push notifications lets the App run efficiently and smoothly
 
 
 
 

12. Where is it possible to see the application's source code?

We plan to publish the application's source code on GitHub soon and manage it as open code (except for several commercial libraries that we use). 

 
 
 
 

13. Some applications monitor use. Do you also do that?

  • We use Google's Firebase service
  • The service collects anonymous information for purposes of monitoring the application's functionality only
  • We use anonymous information to learn the application's functionality so that we can improve it for the benefit of the user public, and for this purpose only
  • We do not collect identifying information about your use of the application, your use of other applications, network traffic, internet use, phone calls, or any other content related to your device. The application will neither collect nor store information on anything that does not pertain to your location: place, date, and time only.
 
 
 
 

14. Should I do anything to maintain the privacy of my information?

  • Physically protect your smartphone device – as usual
  • Lock your device with a password when it is not in use – as usual 
 
 
 
 

15. What security checks did this application pass?

The application was tested by several cyber and information security agencies, including staff from Israel National Cyber Directorate, specialists from the commercial sector, and leading information security and cyber experts from the civil cyber and information security community in Israel. Security checks included architectural checks, code reviews, and PT (breach checks). Adjustments were made according to the recommendations received, and we are currently convinced that the application is sufficiently secure for use, adequately protected from attacks and malfunction, and capable of providing user services in accordance with its purposes.    

 
 
 
 

16. How should we act in the case of an information security incident?

Although we spared no effort, professional experience, and controls, there is no such thing as a completely secure system. Therefore, we are committed to informing the user public of information security incidents that affect them, so that they can take necessary precautions.

 
 
 
 

17. You are welcome to send us your questions, and suggestions for improving the application or reports of information security, or privacy issues to Hamagen@MOH.GOV.IL

 
 
 
Back To Top