Staying Anonymous with Vault Platform

By Ash Mohanaprakas – Head of Information Security, Vault Platform

What Does It Mean to Be Anonymous?

At Vault Platform, we take anonymity seriously. Every report is securely separated from user information, ensuring complete confidentiality, unless the reporter chooses to reveal their identity.

Each report is linked to a unique private key associated with the user account, and you can have multiple keys if needed. A new private key is generated when you set up the app, submit reports through the open reporting platform, or if you’ve switched devices or reset your Vault app account.

Anonymous Reporting Options

There are three ways to report anonymously (note that availability may depend on your organization’s settings):

Create an Vault Mobile App account and submit an anonymous report
Use the Open Reporting platform for an anonymous submission
Call VaultTalk to make an anonymous report

Rest assured, no reporter information appears on the report itself. Each report stands independently of the reporter, with all submitted information securely stored as sealed, encrypted records with comprehensive audit logging. This ensures the integrity and reliability of every report.

Case managers can substantiate anonymous reports just as thoroughly as non-anonymous ones. Vault’s standardized question flows are designed to gather all essential information, supporting a robust review from the very first look.

How Do We Keep Your Data Anonymous?

Report details are encrypted and can only be accessed through the customer organization’s private key. Access is strictly limited to the organization’s designated case managers and super admins, based on their roles and permissions.

When case managers query a case in our Resolution Hub, flags are used to prevent anonymous reporter information from being surfaced alongside the report, provided the ‘Go Anonymous’ option was chosen during submission. Additionally, we remove metadata from common file uploads to prevent any accidental disclosure of identity through shared evidence.

Vault employees do not have access to reports. We adhere to ISO 27001 and SOC2 Type II standards and have implemented rigorous controls to minimize risks to customer data exposure. These include secure development lifecycle, segregation of roles, environments, and duties, access control, among others. User data access is strictly reserved for customer support functions needed for troubleshooting and assistance only.

What Can You Do as an Anonymous Reporter?

Nearly everything that an identified reporter can do! Since anonymous reporter data isn’t tied to an email address, notifications aren’t sent directly; anonymous reporters will need to log in to check for updates on their cases. Once logged into the Open Reporting platform, anonymous reporters can add evidence and communicate with their assigned case manager.

Every new report the reporter chooses to make anonymously will be associated with a different Vault ID, a different private key, and will appear as a completely separate report in the system.

How to Use Our System Anonymously

Open Reporting

In Open Reporting, if a reporter leaves the email field blank, their account remains unlinked to an email address. Instead, they receive a randomly generated Vault ID at the time of submission, which, along with their password, allows them to log in and view updates on their cases

Manual Intake

For reports submitted outside of Vault Platform, case managers can enter details for the reporter’s alias, like an email address or name, or maintain full anonymity by leaving the email address blank. Without a contact email, however, follow-up communication with the anonymous reporter won’t be possible. Communications on updates to their case will be sent to anonymous reporters’ alias, but their personal data fields are hidden from case managers after submission.

VaultTalk

If a reporter calls from a mobile phone, they receive a follow-up Vault ID and a link to log into their case portal, where they can view their report using a 6-digit PIN they set during the call. No email is linked to their account—only their Vault ID and PIN provide access to report information through VaultTalk.

If a reporter calls from a landline and chooses the anonymous option, there is currently no way for them to receive follow-up information.

At Vault Platform, we’re dedicated to offering secure, anonymous reporting options that safeguard your identity while enabling comprehensive case management. Your safety and privacy are always our top priorities.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.