OnSiteSafety™ TrustID · Trust and security
Audit and logging
Every time someone looks at a worker’s verified status, that access is recorded. The audit is append-only and tamper-evident, so the record of who saw what, and when, cannot be quietly changed later. Trust only works if it can be checked.
What we log
Access events
Who requested a verification, which worker status they saw, the time, and whether the worker had consented to that view.
Credential changes
When a credential moves from Added to Authority-verified, expires, or is renewed, the change and its source are written down.
Account and consent
Sign-ins, sharing decisions, and consent given or withdrawn, so a worker can always see who they let in.
Why we log it
- So workers stay in control. You can see every employer who viewed your status, which keeps sharing honest.
- So employers have proof. An append-only record gives you a WorkSafeBC-aligned trail of who was Site-ready at the gate and when.
- So abuse is visible. Unusual access patterns stand out against the log, which is how we catch scraping or misuse early.
- So we can answer questions. If anyone asks what happened, the log gives a clear, factual answer instead of a guess.
The gate
Append-only and tamper-evident
Audit entries are only ever added, never edited or deleted in place. Each entry is chained to the one before it, so if a record were altered, the chain would break and the change would show. That is what tamper-evident means: you do not have to trust us, you can check.
- Records are written once and kept in our secure trust core, never in the public web layer.
- Access to the audit is itself logged, so even the watchers are watched.
- Data residency is Canadian, and the log is encrypted at rest.
See who has viewed your status.
Your TrustID account shows you the audit for your own profile. Get set up and stay in control of who sees your verified record.