Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Develop a protocol for sharing information confidentially #6

Open
4 tasks
scott-stockwell opened this issue Dec 1, 2021 · 2 comments
Open
4 tasks

Develop a protocol for sharing information confidentially #6

scott-stockwell opened this issue Dec 1, 2021 · 2 comments

Comments

@scott-stockwell
Copy link
Collaborator

scott-stockwell commented Dec 1, 2021
edited by wdcrumpler-kcdd
Loading

Prototype

  • The current prototype version sends a password-protected pdf to the user with their forms, which should provide protection for the information in that email.

  • At the clinics, we can pre-set the password and then hand out slips of paper to the clients when they enter that they can take home and have in order to unlock their forms. At each clinic, we would change the password

  • Other notification emails can be turned off, eliminating the risk of any information ending up in our inboxes unprotected

  • Anyone with access to the jotform tables (us, plus the attorneys we invite to help with looking up and entering client criminal information) will be able to see this info, but risks here can be mitigated by instituting a user access management plan where we regularly remove access to any partners who are no longer actively engaged.

  • Confirm whether this represents adequate protections

Full App

  • - Identify the criteria for the information to be restricted
  • - Identify how that information will be stored and shared
  • - Provide education to the team about the system for confidential information
@wdcrumpler-kcdd
Copy link
Collaborator

Update
Added additional information detailing the current protections used in the prototype, and thoughts about next steps:

  • The current prototype version sends a password-protected pdf to the user with their forms, which should provide protection for the information in that email.
  • At the clinics, we can pre-set the password and then hand out slips of paper to the clients when they enter that they can take home and have in order to unlock their forms. At each clinic, we would change the password
  • Other notification emails can be turned off, eliminating the risk of any information ending up in our inboxes unprotected
  • Anyone with access to the jotform tables (us, plus the attorneys we invite to help with looking up and entering client criminal information) will be able to see this info, but risks here can be mitigated by instituting a user access management plan where we regularly remove access to any partners who are no longer actively engaged.

@nwallis-10
Copy link

Security Protocol.docx

Recommended security protocol as of 5/9/2022

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@scott-stockwell @nwallis-10 @wdcrumpler-kcdd