Axway Portal Terms & Conditions and Data Sharing Agreement
| LEGAL NOTICE TO USER: THIS IS A LEGAL AGREEMENT. PLEASE READ THE FOLLOWING TEXT CAREFULLY BEFORE
CLICKING THE BUTTON LABELLED “LOG IN” located at https://sft.ices.on.ca (the AXWAY PORTAL). THIS IS A LEGAL AGREEMENT BETWEEN YOU acting on your own behalf or on behalf of your employer or principal (“Data Provider” and/or “Researcher” as applicable) AND INSTITUTE FOR CLINICAL EVALUATIVE SCIENCES (“ICES”). PLEASE READ THE FOLLOWING TEXT CAREFULLY BEFORE LOGGING INTO THE AXWAY PORTAL located at https://sft.ices.on.ca AND BEFORE UPLOADING OR DOWNLOADING DATA. ICES AUTHORIZES ACCESS TO THE AXWAY PORTAL SOLELY ON THE TERMS AND CONDITIONS SET FORTH IN THIS DATA SHARING AGREEMENT (the “Agreement”) (unless different fully‑signed terms and conditions have been entered into and agreed upon in writing between ICES & Data Provider and/or Researcher (as applicable), which otherwise applies to the data transfer) AND BY CLICKING THE “LOG IN” BUTTON AND UPLOADING DATA, YOU ACCEPT THE TERMS AND CONDITIONS CONTAINED IN THIS AGREEMENT AND AGREE THAT YOU ARE LEGALLY BOUND BY ITS TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS CONTAINED ON THIS PAGE, THEN YOU ARE NOT AUTHORIZED TO LOG INTO THE AXWAY PORTAL AND YOU MUST NOT LOG IN. |
NOW THEREFORE:
In consideration of the promises and the mutual covenants hereinafter contained, ICES, and the Data Provider, and the Researcher (as each is defined below, each of whom is a “Party”, and collectively referred to as the “Parties”) agree as follows:
Index
Background
How ICES Will Protect the Data
General
Timing
Notice
Electronic Signatures
Glossary
Background
Entire Agreement
This Agreement together with the request authorization package provided by ICES (“Request Authorization Package”), constitutes the entire agreement between the Parties hereto with respect to the subject matter contained in this Agreement and supersedes all prior agreements, understandings and negotiations between the Parties, UNLESS alternate fully-signed terms and conditions have been entered into and agreed upon in writing between ICES & Data Provider and/or Researcher (as applicable), which otherwise applies to the data transfer.
From time to time, ICES may approve and provide to the Data Provider and/or Researcher a Request Authorization Package, which shall be subject to all the same terms and conditions as required hereunder except as specifically modified under any Request Authorization Package.
Definitions
In this Agreement capitalized words shall have the meanings described below in the Glossary.
Purpose
This Agreement describes the terms and conditions governing disclosure of an E-FILE by the Data Provider or the Researcher (as applicable) to ICES for use with respect to the Purpose.
Legal Basis for Processing
The disclosure, collection, and use of any PHI contemplated by this Agreement are permitted by PHIPA and the PHIPA Regulation, as specifically described in each Request Authorization Package.
A Precise Description of The Information
A description of the precise nature of the content of the E-FILE is captured in the applicable Request Authorization Package.
Necessity
After exercising due caution, ICES confirms, and the Data Provider and/or Researcher (as applicable) agree(s) that the content of the E-FILE is necessary for the Purpose.
Data Minimization
The Parties acknowledge and agree that de-identified or aggregate information will not serve the Purpose because identifying information is required for linking with ICES Data Holdings, which is necessary for the Purpose. Therefore, ICES requests the E-FILE, and the Data Provider and/or the Researcher agree(s) to disclose and upload the E-FILE to ICES.
Accuracy of the E-FILE
The Data Provider and/or the Researcher (as applicable) agree that the E-FILE it discloses to ICES under this Agreement will include only the data elements, for the timeframes, described in the Request Authorization Package. The Data Provider and/or the Researcher (as applicable) confirm that the E-FILE it discloses to ICES will be an accurate copy of that contained in its own datasets on the date the E-FILE is transferred to ICES, except for identifying information excluded in accordance with this Agreement.
Transfer Procedure
The Data Provider and/or the Researcher will use the Transfer Method to disclose the E-FILE to ICES. The Data Provider and the Researcher are prohibited from uploading an unencrypted E-FILE. The E-FILE must be encrypted using the AES256 encryption, or a comparable standard as established by a global reputable entity such as the US National Institute of Standards and Technology. The Data Provider and/or Researcher (as applicable) shall upload a copy of the Request Authorization Package together with any E-FILE uploaded via the AXWAY PORTAL. ICES will provide the Data Provider and/or Researcher (as applicable) with a completed Request Authorization Package which must be uploaded together with the E-FILE in order to be processed.
Case Lists (If Applicable)
Where provision of a Case List to the Data Provider is required, for the purpose of identifying the required records for inclusion in the E-FILE, the following terms apply:
- A description of the precise nature of the content of the Case List is captured in the relevant completed Request Authorization Package.
- After exercising due caution, ICES confirms, and the Data Provider agrees that the content of the Case List is necessary to minimize which PHI is included in the E-FILE.
- The Data Provider agrees to use the Case List solely to ensure that the subsequent disclosure of the E-FILE to ICES is limited to only that PHI which is necessary for the Purpose.
- ICES will use the Transfer Method to disclose the Case List to the Data Provider. Once access to the Case List is no longer required, the Data Provider shall securely destroy the Case List.
How ICES Will Protect the Data
Statutory & Contractual Compliance
ICES will only collect, use and disclose the contents of the E-FILE in accordance with PHIPA and the PHIPA Regulation, and as permitted or required by law.
Except for the specific activities provided for in this Agreement or where required by law, ICES may not use or disclose the contents of the E-FILE without written authorization of the Data Provider and/or the Researcher (as applicable).
E-FILE Access
ICES will limit access to the E-FILE containing Direct Personal Identifiers to ICES Data Covenantors for the purposes of carrying out these functions:
- Creating Coded Data in accordance with the processes described in this Agreement; and
- Storing and retrieving data files from secure storage; and
- Destroying the E-FILE as described in this Agreement.
Any ICES Data Covenantor who handles the E-FILE will be required to be aware of, and agree to comply with, the terms of this Agreement.
Coding
ICES Data Covenantors will create a copy of the contents of the E-FILE and transform the copy into Coded Data by:
- Replacing health card numbers and other identifying numbers with an ICES Identifier; or
- Where identifying numbers are not provided, matching the contents of the E-FILE to data in other databases for the purposes of assigning the correct ICES Identifier; then
- Removing any remaining Direct Personal Identifiers.
Notwithstanding the process above, Direct Personal Identifiers embedded in multimedia files including (without limitation) medical images, will not be replaced or encoded, and will only be accessed by ICES Data Covenantors or by ICES Abstractors, for the Purpose.
E-FILE Retention
To permit identification and resolution of errors and data quality issues, ICES may securely retain a copy of the E-FILE containing Direct Personal Identifiers, for 180 calendar days after a copy has been transformed into Coded Data, or if this Agreement contemplates a series of transfers over time, 180 calendar days after the last copy of the E-FILE transferred to ICES has been, transformed into Coded Data. Until it is destroyed in accordance with this Agreement, the E-FILE containing Direct Personal Identifiers saved to physical media will be retained in secure storage and access to such data saved to network folders will be restricted.
E-FILE Destruction
Following the period of retention described above, ICES will:
- destroy the E-FILE containing Direct Personal Identifiers by:
- permanently deleting copies on servers, hard drives and storage devices; and
- wiping or overwriting any laptop hard drives; and
- shredding any physical media that contains it; then
- in accordance with the procedure for notices set out below, within 10 business days send to the Data Provider and/or the Researcher (as applicable) a signed Certificate of Destruction, that confirms:
- the E-FILE destroyed; and
- the date, time, location and method of destruction used; and
- the name of the individual who performed the destruction.
Network Backups
ICES will secure, and prohibit restoration of, copies of the E-FILE containing Direct Personal Identifiers that are contained in network backups until they are overwritten in accordance with ICES’ general backup rotation cycle.
Destruction Security
ICES will ensure that destruction carried out pursuant to this Agreement, protects the E-FILE containing Direct Personal Identifiers, against unauthorized copying, modification, use or disclosure in accordance with industry standards and is therefore secure.
Coded Data Retention
ICES will retain the Coded Data, in a secure manner at all times.
Coded Data Access
Other than ICES Data Covenantors, ICES agents and employees will only access, and the Purpose will be executed only using, Coded Data. Subject to exceptions approved by ICES Director, Research & Analysis, access to record-level Coded Data will be limited to ICES Data Covenantors, ICES Abstractors, and ICES Analysts named on an approved Dataset Creation Plan. Other ICES agents and employees not identified in this section, will only access the de-sensitized Project Dataset, and only where such ICES agent(s) or employee(s) is/are members of the ICES Project Team.
Coded Data Linkage
Using the ICES Identifier, ICES will link the Coded Data to other coded data for the Purpose. A list of anticipated linkages is included in the Request Authorization Package.
De-Identified Results
ICES will only report the results of the Purpose in aggregated form, and values will either be suppressed or combined, such that there is no reasonable chance that the results could be used alone, or together with other information to identify an individual.
No Data-Subject Contact
ICES will not contact any person to whom the E-FILE relates without the prior written authority of the Data Provider and/or the Researcher (as applicable), unless authorized or required by law.
Reports
ICES may prepare Reports and will provide a copy of any Report to the Data Provider and/or the Researcher (as applicable) upon request. The Data Provider and/or the Researcher (as applicable) acknowledges and agrees that it has no copyright or other intellectual property rights in or regarding any Report.
General
Representations & Warranties
Parties each warrant and represent that they are authorized under the applicable statutory provisions specifically cited in the Request Authorization Package, and by any consents and agreements governing the E-FILE, with respect to each their own role in the collection, use and disclosure described hereunder.
Breach
In the event of a breach of this Agreement, ICES will immediately take steps to contain the breach and follow its applicable procedures relating to breach and/or incident management. A breach involving the E-FILE shall be considered a material breach. If any Party becomes aware of any material breach of the terms of this Agreement, it will take steps to contain the breach and promptly notify the other affected Parties. In the event the E-FILE is, or is believed to have been, stolen, lost or accessed by unauthorized persons, ICES will take reasonable steps to contain the breach and, following the procedure for notice in this Agreement, promptly notify the Data Provider and/or the Researcher (as applicable). Compliance with this Agreement is not subject to audit.
Financial Arrangements
Each Party shall bear its own cost of implementing this Agreement.
Force Majeure
No Party shall be liable for any failure or delay in performance of its obligations under this Agreement arising out of or caused, directly or indirectly, by circumstances beyond its reasonable control, including, without limitation, acts of God; earthquakes; fires; floods; wars; civil or military disturbances; acts of terrorism; sabotage; strikes; epidemics; riots; power failures; computer failure and any such circumstances beyond its reasonable control as may cause interruption, loss or malfunction of utility, transportation, computer (hardware or software) or telephone communication service; accidents; labor disputes; acts of civil or military authority; governmental actions; or inability to obtain labor, material, equipment or transportation; provided, however, that in the event of a failure or delay, the Parties shall each use its best efforts to ameliorate the effects of any such failure or delay.
Indemnity
ICES will indemnify and save harmless the Data Provider and/or the Researcher (as applicable) and the Data Provider’s directors, officers, and employees, from all costs, losses, damages, judgements, claims, demands, suits, actions, causes of action, contracts, or other proceedings of any kind or nature based on or attributable to any unauthorized disclosure of the E-FILE by ICES or its directors, officers, employees, or agents in contravention of this Agreement. This provision survives the termination of this Agreement. The Data Provider will indemnify and save harmless ICES and ICES’ directors, officers, and employees, from all cost, losses, damages, judgements, claims, demands, suits, actions, causes of action, contracts, or other proceedings of any kind or nature based on or attributable its upload of the E-FILE by the Data Provider to ICES under this Agreement. This provision survives the termination of this Agreement.
Insurance
Each Party agrees to maintain insurance in commercially reasonable amounts calculated to protect itself and the other Parties to this Agreement from any and all claims of any kind or nature, brought by a third party, arising out of or in connection with the performance of this Agreement.
Timing
Effective Date
This Agreement shall take effect on the date of the last signature hereto.
Continuation
This Agreement shall continue in effect until the Agreement is terminated, subject to the survival provisions contained in this Agreement. The Data Provider and/or the Researcher (as applicable) may cease disclosing any one or more data elements that make up the E-FILE, without cause, by giving ICES notice in accordance with the procedures for notices described below. If the Data Provider and/or the Researcher (as applicable) ceases to disclose the E-FILE in whole or in part, the entire agreement is not terminated but continues with respect to any remaining data elements, which the Data Provider is willing to continue to disclose, and ICES may continue to use the Coded Data for the Purpose in accordance with this Agreement.
Amendment
This Agreement may be amended from time-to-time by ICES without any notice to the Data Provider and/or the Researcher beyond posting an updated version online at https://www.ices.on.ca/axway-terms-dsa/. ICES may amend the content of any Request Authorization Form by sending notice from [email protected] to the Data Provider and/or Researcher (as applicable) in accordance with this Agreement. Any amendments so made shall be consistent with the requirements of PHIPA and shall not be contrary to any laws regarding confidentiality of PHI.
Termination with Notice
This Agreement or any part thereof, including (without limitation) a Request Authorization Package, may be terminated by either Data Provider or ICES without cause on three (3) months’ notice and in the event of a material breach by any Party immediately. Researcher may terminate a Request Authorization Package and cease to be a Party to this Agreement, without cause on three (3) months’ notice to all Parties, and in the event of a material breach by any other Party immediately.
Termination with Consent
This Agreement may be terminated on mutual agreement by Data Provider and ICES.
Coded Data upon Termination
Upon termination the Data Provider and/or the Researcher (as applicable) shall cease disclosing the E-FILE and ICES shall cease using the E-FILE, provided, that ICES may continue to securely retain the Coded Data for 10 years following first publication, to enable ICES to remain responsive to any journal challenges which may arise. Access to the Coded Data by ICES to respond to a journal challenge is consistent with the Purpose and permitted by this Agreement. Should access to the Coded Data be requested by a third party for the purpose of a journal challenge, ICES shall seek approval from the Data Provider and/or the Researcher (as applicable) in writing.
E-FILE upon Termination
Upon termination, unless otherwise agreed to in writing by the Parties, ICES shall securely destroy any remaining copies of the E-FILE containing Direct Personal Identifiers and deliver a Certificate of Destruction to the Data Provider and/or the Researcher (as applicable), in accordance with the requirements for destruction and notice set out in this Agreement.
Survival
Terms and conditions relating to data protection, breach, and indemnity shall survive termination of this Agreement
Notice
Notice shall be deemed to have been sufficiently given seventy-two (72) hours after it has been mailed, postage prepaid, or on the date of receipt where the notice has been delivered by hand, email or facsimile transmission.
Any notice or other communication required or permitted to be given by either Party to the other shall be given in writing and sent to the following addresses:
If for ICES:
Chief Privacy and Legal Officer
Institute for Clinical Evaluative Sciences
G Wing, G1 06
2075 Bayview Avenue
Toronto, ON
M4N 3M5
[email protected]
If for the Data Provider: To the address(es) listed in the Request Authorization Package.
If for the Researcher: To the address(es) listed in the Request Authorization Package.
Electronic Signatures
The Parties acknowledge and agree that this Agreement is being executed electronically through a click-to-accept process and shall become effective as of the date that the Data Provider and/or Researcher (as applicable) or its employee/agent CLICKS THE BUTTON LABELLED “LOG IN” located at https://sft.ices.on.ca and UPLOADS THE E-FILE. ICES AUTHORIZES ACCESS TO THE AXWAY PORTAL SOLELY ON THE TERMS AND CONDITIONS SET FORTH IN THIS AGREEMENT AND BY CLICKING THE “LOG IN” BUTTON AND UPLOADING DATA, THE DATA PROVIDER AND/OR RESEARCHER (AS APPLICABLE) THROUGH ITS EMPLOYEE OR AGENT ACCEPTS THE TERMS AND CONDITIONS CONTAINED IN THIS AGREEMENT AND AGREES THAT THEY ARE LEGALLY BOUND BY ITS TERMS AND CONDITIONS. IF THE DATA PROVIDER AND/OR RESEARCHER (AS APPLICABLE) DOES NOT AGREE TO ALL THE TERMS AND CONDITIONS CONTAINED IN THIS AGREEMENT, THEN ICES DOES NOT AUTHORIZE THE DATA PROVIDER AND/OR RESEARCHER (AS APPLICABLE) WHETHER DIRECTLY OR THROUGH ITS EMPLOYEE OR AGENT TO LOG INTO THE AXWAY PORTAL OR TO UPLOAD OR DOWNLOAD ANY DATA USING THE AXWAY PORTAL AND THE DATA PROVIDER AND/OR RESEARCHER (AS APPLICABLE) THROUGHTS IT EMPLOYEE OR AGENT SHALL NOT LOG IN.
Glossary
General Contract Terms
| Capitalised Term | Definition |
|---|---|
| Act or PHIPA | means the Personal Health Information Protection Act, S.O. 2004, c. 3 Sched. A ; |
| Agreement | means this data sharing agreement and the Request Authorization Package, as amended from time to time; |
| PHIPA Regulation | means General, O Reg 329/04; |
| Purpose | the purpose described in a completed Request Authorization Package, which may relate to one ICES project or a series of related ICES Projects. |
| Request Authorization Package or “RAP” | means the form of rider completed and provided by ICES, as amended from time to time, which provides a precise description of the PHI to be disclosed, the specific purposes for which it will be used by ICES, and the identification of the DC Agent who will disclose the PHI to ICES, as applicable; |
Role Based Terms
| Capitalised Term | Definition |
|---|---|
| Data Provider | means the HIC named in the Request Authorization Package; |
| DC Agent | has the same meaning as “agent” under section 2 of PHIPA with respect to a HIC, and whose activities are subject to the restrictions and permissions which apply pursuant to section 17 of PHIPA; |
| HIC or Health Information Custodian | has the same meaning as a “health information custodian” set out under section 3 of PHIPA; |
| ICES Abstractor | means an ICES Agent assigned to perform data abstraction of unstructured data to support the creation of Coded Data for the Purpose; |
| ICES Agent | means an individual who has entered into a form of agency and confidentiality agreement with ICES, completed privacy and cybersecurity orientation, and has been assigned a defined role such as ICES Student, ICES Scientist, ICES Analyst, ICES Data Covenantor; |
| ICES Analyst(s) | means an ICES employee or agent assigned the role of ICES Analyst or ICES Appointed Analyst including but not limited to ICES Epidemiologists and members of ICES DQIM department such as Information Quality Analysts and Data Quality Analysts; |
| ICES Collaborating Researchers | means an external actor who intends to comply with ICES policies & procedures to collaborate with ICES on an ICES Project; |
| ICES Data Covenantors | means ICES employees who have been designated to perform one or more of the functions described in the section above labelled E-FILE Access; |
| ICES Director, Research & Analysis | means a director level employee of ICES, responsible for management and oversight of ICES program areas, and those management and staff, with respect to the initiation and conduct of ICES Projects; |
| ICES or Institute for Clinical Evaluative Sciences | means a not-for-profit corporation formed under the laws of Ontario, and having a registered office located at V1-06, 2075 Bayview Avenue, Toronto, ON, M4N 3M5; |
| ICES Project Team | means the ICES Agents and ICES Collaborating Researchers named on an ICES Project PIA; |
| IPC | The Information and Privacy Commissioner of Ontario as appointed by the Legislative Assembly of Ontario; |
| PE or Prescribed Entity | means an entity prescribed under section 18(1) of the PHIPA Regulation for the purposes described under section 45(1) of PHIPA, and which meets the requirements set out under section 45(3) of PHIPA; |
| Researcher | means (if applicable) the person both named in the REB Approval and named as the Researcher in the completed REQUEST AUTHORIZATION PACKAGE; |
Data Classification Terms
| Capitalised Term | Definition |
|---|---|
| Case List | means the list of records described as the ‘case list’ in a Request Authorization Package; |
| Coded Data | means PHI that has been de-sensitized in accordance with the procedure described in the section above labelled Coding; |
| De-identified Data | has the same meaning as “de-identify” under section 47(1) of PHIPA; |
| Direct Personal Identifiers | means data that directly identifies an individual; |
| E-FILE or Electronic File | means the PHI described in a Request Authorization Package, but which shall not include the type of data prohibited by section 45(2) of PHIPA or data excluded in accordance with the Agreement; |
| ICES Data Holdings | means PHI and other data in ICES’ custody; |
| ICES Identifier | means a unique ICES anonymous identifier; |
| PHI or Personal Health Information | has the same meaning as set out under section 4(1) of PHIPA; |
| Project Dataset | means the dataset that has been prepared by ICES Analytic Staff for the ICES Project consisting of Coded Data; |
| Report | means the final version of any report about an ICES Project that is prepared by ICES; |
| Summary Data | means Coded Data that has been summarized at a group level, for which, subject to the presence of small cells, the risk of re-identification is very low (e.g. a table of characteristics by age group); |
Other Process Terms
| Capitalised Term | Definition |
|---|---|
| Axway Portal | means the login gateway to the web-based secure file transfer protocol application located at https://sft.ices.on.ca; |
| Certificate of Destruction | means the document described in the section above labelled E-FILE Destruction; |
| Dataset Creation Plan or DCP | means an administrative document prepared in a manner consistent with a confirmed ICES Project PIA for the purpose of documenting the plan for the creation of a Project Dataset including the identification of the ICES Analyst assigned to the ICES Project; |
| ICES Project | means the project(s) described in a completed Request Authorization Package. |
| ICES Project PIA | means a form of privacy impact assessment conducted by ICES with respect to the proposed ICES Project, in accordance with ICES policies & procedures; |
| REB Approval | means (if applicable) the REB Approval included in a completed Request Authorization Package; |
| REB Exemption | means (if applicable) that ICES is exempt from the requirement to obtain REB review for a given study, consistent with PHIPA and Articles 2.4, 2.5, 5.5A and 5.5B of the Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans – TCPS 2 (2018); |
| Research Plan | means (if applicable) the Research Plan included in a completed Request Authorization Package; |
| Transfer Method | means the secure method of transfer described in a completed Request Authorization Package. |
Last modified: January 30, 2026
Earlier versions: No earlier versions. You’re viewing the first edition!