You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For data protection reasons the data dictionary has to be duplicated in a dedicated space in SORMAS and needs to be extended with non-functional information, which is described below.
The new information will be displayed and managed in the SORMAS UI.
There will be a directory and a details page.
Therefore we have to
create a new role "Data Protection Officer"
create new rights like "view all data protection data", "edit data protection data", "export data protection data" (The detailed and custom export will be described in a seperate issue)
A data protection officer who is logged in in SORMAS can access the new section "data protection" from the "configuration"
The new section provides the data dictionary, that can be downloaded in the "About" Section of SORMAS and includes more data, which is only viewable by the new role.
The data protection officer can Search for data fields and also use filters to reduce the number of entries in the grid.
The following Filters should be included in the first implementation:
"entity" (caseData, Contacts, etc.)
country (de, ch)
purpose (Transmission, Case processing, Contact processing, ...)
belongs to person data (checkbox)
SurvNet (checkbox)
Transmission to Landesstelle (checkbox)
In the Grid we show the following columns
UUID | UNIQUE FIELD NAME | Entity | Field | TypeData protection | Caption | Description | Required |
The generated UUID & UNIQUE FIELD NAME is clickable and redirects the data protecion officer to the Details Page of the field.
Bulk actions are out of scope and will be covered in a separate story.
The details page should provide every available information for the field. There is no need of providing information about the available enums as we do it in the data dictionary.
Every information that is shown from the data dictionary is readonly and cannot be changed and just serves for information. In the future we might add some functionality there to also enable users to change sth., e.g. the required field, which has a direct impact on the functionality. However this is out of scope for now.
Besides the "normal" information of a field, which we have from the data dictionary like:
field, type, data protection, caption, description, required, new disease, diseases, outbreaks, ignored countries, exclusive countries we add new fields:
The new fields can be clustered in 4 parts. This separation should also be visible in the UI
Part 1: Caption: General information
GERMAN TEXT
Pflichtfeld
In Deutschland Version enthalten
Feldentsprechung in SurvNet
INTERNATIONAL
Mandatory
Included in German Version
SurvNet
TYPES
yes/no
yes/no
Free Text
Part 2: Caption: Purpose
GERMAN TEXT
Zweck: Zweck: Erfüllung der Meldepflichten nach IfSG
Zweck: Fallbearbeitung
Zweck: Kontaktbearbeitung
Zweck: Bearbeitung Ausbrüche & Ereignisse
Zweck: Analyse Ausbrüche & Ereignisse
Zweck: Aufgabenmanagement im GA
Zweck: Quarantänemanagement
Zweck: andere Aufgaben des ÖGD
Zweck: Gesundheitsberichterstattung
Zweck: Impfungen
INTERNATIONAL
Purpose: Transmission
Purpose: Case processing
Purpose: Contact processing
Purpose: Processing of outbreaks and events
Purpose: Analysis of outbreaks and events
Purpose: Task Management
Purpose: Quarantine Management
Purpose: Tasks of the public health services
Purpose: Health reporting
Purpose: Vaccinations
TYPE
Yes/no
Yes/no
Yes/no
Yes/no
Yes/no
Yes/no
Yes/no
Yes/no
Yes/no
Yes/no
SOURCE
manual
manual
manual
manual
manual
manual
manual
manual
manual
manual
Part 3: Caption: Legal Bases
GERMAN TEXT
§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 1 iVm § 6 Abs. 1 lit. t IfSG
§ 9 Abs. 2 Nr. 1 iVm § 8 Abs. 1 Nr. 2 iVm § 7 Abs. 1 Nr. 44a IfSG
§ 9 Abs. 2 Nr. 1 iVm § 8 Abs. 1 Nr. 3 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG
§ 9 Abs. 2 Nr. 1 iVm § 8 Abs. 1 Nr. 3 iVm § 7 Abs. 1 Nr. 44a IfSG2
§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 5 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG
§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 7 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG
§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 8 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG2
§ 9 Abs. 1 Nr. 2 IfSG; § 9 Abs. 2 Nr. 2 IfSG
§ 9 Abs. 1 Nr. 3 IfSG
§ 9 Abs. 1 Nr. 3 IfSG; § 9 Abs. 2 Nr. 3 IfSG
§ 9 Abs. 1 Nr. 4 i.V.m § 6 Abs. 1 S. 1 Nr. 3 iVm § 22 Abs. 2 IfSG
markusmann-vg
changed the title
Add a "data protection" section to the configuration in the SORMAS UI
[data protection] Add a "data protection" section to the configuration in the SORMAS UI
Oct 8, 2021
Feature Description
For data protection reasons the data dictionary has to be duplicated in a dedicated space in SORMAS and needs to be extended with non-functional information, which is described below.
The new information will be displayed and managed in the SORMAS UI.
There will be a directory and a details page.
Therefore we have to
A data protection officer who is logged in in SORMAS can access the new section "data protection" from the "configuration"
The new section provides the data dictionary, that can be downloaded in the "About" Section of SORMAS and includes more data, which is only viewable by the new role.
The data protection officer can Search for data fields and also use filters to reduce the number of entries in the grid.
The following Filters should be included in the first implementation:
In the Grid we show the following columns
UUID | UNIQUE FIELD NAME | Entity | Field | TypeData protection | Caption | Description | Required |
The generated UUID & UNIQUE FIELD NAME is clickable and redirects the data protecion officer to the Details Page of the field.
Bulk actions are out of scope and will be covered in a separate story.
The details page should provide every available information for the field. There is no need of providing information about the available enums as we do it in the data dictionary.
Every information that is shown from the data dictionary is readonly and cannot be changed and just serves for information. In the future we might add some functionality there to also enable users to change sth., e.g. the required field, which has a direct impact on the functionality. However this is out of scope for now.
Besides the "normal" information of a field, which we have from the data dictionary like:
field, type, data protection, caption, description, required, new disease, diseases, outbreaks, ignored countries, exclusive countries we add new fields:
The new fields can be clustered in 4 parts. This separation should also be visible in the UI
Part 1:
Caption: General information
Part 2:
Caption: Purpose
Part 3:
Caption: Legal Bases
Part 4:
Caption: Automatic Deletion
The Startdate can be either EV (German) or ED (German).
EV = Ende der Verarbeitung / End of processing
ED = Erstellungsdatum / Creation date
Part 5:
Caption: Additional Information
Possible Alternatives
Additional Information
The corresponding Excel-Sheet can be found here: https://github.com/hzi-braunschweig/SORMAS-Security/issues/31
The text was updated successfully, but these errors were encountered: