Government has launched its electronic vaccination data system (EVDS) for South Africa, allowing qualifying people to sign up for a Covid-19 vaccine.
The EVDS system aims to assist in both the management and surveillance of the Covid-19 vaccine. Among other features, the EVDS will provide and track vaccine information, such as:
In the first phase of the Covid-19 vaccine roll out only medical healthcare workers will be allowed to register, with the portal requiring users to enter their occupation, employer, whether they are patient-facing, and medical aid information before proceeding.
Those who qualify will be sent a notification through SMS informing them of the time and place that the vaccine will be available. It will also come with a unique code that patients will be required to show to their vaccinator.
Patients are also expected to provide their ID and a contact number when at the vaccination site.
As part of this monitoring system, there are plans to send reminders for a follow-up appointment to receive a second dose and to include an integrated track-and-trace system for defaulters – those who do not show up to receive their second shot.
A dashboard system is also being developed to capture the reasons given for vaccine refusal.
As part of this process, the Department of Health has said that all South Africans who are vaccinated will be placed on a national register and provided with a vaccination card.
In this regard, the department said that an electronic vaccination certificate will be available via the EVDS online platform once the second vaccine shot has been issued.
The Department of Health said that vaccinees (person receiving a vaccine) are provided with an opportunity to enrol on the EVDS system, but to so they must provide personal, contact and medical aid details.
It added that enrolment is not a guarantee of vaccination.
Eligibility of the vaccinee is then determined by the NDOH based on priority population groups over a period of time. Eligible vaccinees are then provided with notification and instructions on how and where to receive the vaccination.
A vaccinee must present themselves a Facility Vaccine Registration Desk within a Vaccination Site. In this regard, they must produce an identity document (e.g. ID Book or Passport) in order to register, confirm details and schedule an appointment in the EVDS.
During vaccination, all vaccination information of the vaccinee will be captured in the EVDS including the dose received, batch number, manufacturer
The EVDS will send an SMS to the vaccinee for an appointment for the second dose. During the second dose, the vaccinator confirms the vaccine details in the EVDS to ensure that an appropriate dose and vaccine is given to the correct vaccinee.
The Department of Health has also published a set of Terms and Conditions as well as a FAQ on its website, detailing some of the important parts of the EVDS.
Notably, it indicates which data it will collect on patients. This includes:
The department said that anonymised data will be transferred to the NDOH database for reporting. No personal data will be transferred from the EVDS, without the required legislative provisions to do so.
“The Administrators and Vaccinators who access the EVDS have secure user login details that have a full audit trail on all the activities that they perform on their accounts in accordance with their assigned roles.
“The National Department of Health is the owner and Responsible Party of Information and data processed by the EVDS and has employed stringent technical and best practice procedures in place to ensure the integrity of Personal Information is safeguarded against the risk of loss or damage and against the unauthorised or unlawful access.”
The department said that all systems are Protection of Personal Information (POPI) Act compliant and allow for capturing of user and client consent in the case of capturing personal information.
“In the event of alleged infringements of any data protection legislation in force in the Republic at the time of the alleged infringement, you can contact the competent data protection supervisory authority or take legal action in accordance with that data protection legislation.”