[data protection] Add a "data protection" section to the configuration in the SORMAS UI

[markusmann-vg]

Feature Description

For data protection reasons the data dictionary has to be duplicated in a dedicated space in SORMAS and needs to be extended with non-functional information, which is described below.

The new information will be displayed and managed in the SORMAS UI.
There will be a directory and a details page.

Therefore we have to

• create a new role "Data Protection Officer"
• create new rights like "view all data protection data", "edit data protection data", "export data protection data" (The detailed and custom export will be described in a seperate issue)

A data protection officer who is logged in in SORMAS can access the new section "data protection" from the "configuration"

The new section provides the data dictionary, that can be downloaded in the "About" Section of SORMAS and includes more data, which is only viewable by the new role.

The data protection officer can Search for data fields and also use filters to reduce the number of entries in the grid.
The following Filters should be included in the first implementation:

• "entity" (caseData, Contacts, etc.)
• country (de, ch)
• purpose (Transmission, Case processing, Contact processing, ...)
• belongs to person data (checkbox)
• SurvNet (checkbox)
• Transmission to Landesstelle (checkbox)

In the Grid we show the following columns
UUID | UNIQUE FIELD NAME | Entity | Field | TypeData protection | Caption | Description | Required |

The generated UUID & UNIQUE FIELD NAME is clickable and redirects the data protecion officer to the Details Page of the field.

Bulk actions are out of scope and will be covered in a separate story.

The details page should provide every available information for the field. There is no need of providing information about the available enums as we do it in the data dictionary.

Every information that is shown from the data dictionary is readonly and cannot be changed and just serves for information. In the future we might add some functionality there to also enable users to change sth., e.g. the required field, which has a direct impact on the functionality. However this is out of scope for now.

Besides the "normal" information of a field, which we have from the data dictionary like:
field, type, data protection, caption, description, required, new disease, diseases, outbreaks, ignored countries, exclusive countries we add new fields:

The new fields can be clustered in 4 parts. This separation should also be visible in the UI

Part 1:
Caption: General information

GERMAN TEXT	Pflichtfeld	In Deutschland Version enthalten	Feldentsprechung in SurvNet
INTERNATIONAL	Mandatory	Included in German Version	SurvNet
TYPES	yes/no	yes/no	Free Text

Part 2:
Caption: Purpose

GERMAN TEXT	Zweck: Zweck: Erfüllung der Meldepflichten nach IfSG	Zweck: Fallbearbeitung	Zweck: Kontaktbearbeitung	Zweck: Bearbeitung Ausbrüche & Ereignisse	Zweck: Analyse Ausbrüche & Ereignisse	Zweck: Aufgabenmanagement im GA	Zweck: Quarantänemanagement	Zweck: andere Aufgaben des ÖGD	Zweck: Gesundheitsberichterstattung	Zweck: Impfungen
INTERNATIONAL	Purpose: Transmission	Purpose: Case processing	Purpose: Contact processing	Purpose: Processing of outbreaks and events	Purpose: Analysis of outbreaks and events	Purpose: Task Management	Purpose: Quarantine Management	Purpose: Tasks of the public health services	Purpose: Health reporting	Purpose: Vaccinations
TYPE	Yes/no	Yes/no	Yes/no	Yes/no	Yes/no	Yes/no	Yes/no	Yes/no	Yes/no	Yes/no
SOURCE	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual

Part 3:
Caption: Legal Bases

GERMAN TEXT	§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 1 iVm § 6 Abs. 1 lit. t IfSG	§ 9 Abs. 2 Nr. 1 iVm § 8 Abs. 1 Nr. 2 iVm § 7 Abs. 1 Nr. 44a IfSG	§ 9 Abs. 2 Nr. 1 iVm § 8 Abs. 1 Nr. 3 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG	§ 9 Abs. 2 Nr. 1 iVm § 8 Abs. 1 Nr. 3 iVm § 7 Abs. 1 Nr. 44a IfSG2	§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 5 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG	§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 7 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG	§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 8 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG2	§ 9 Abs. 1 Nr. 2 IfSG; § 9 Abs. 2 Nr. 2 IfSG	§ 9 Abs. 1 Nr. 3 IfSG	§ 9 Abs. 1 Nr. 3 IfSG; § 9 Abs. 2 Nr. 3 IfSG	§ 9 Abs. 1 Nr. 4 i.V.m § 6 Abs. 1 S. 1 Nr. 3 iVm § 22 Abs. 2 IfSG	§ 11 Abs. 1 Nr. 1, Abs. 3 IfSG	§ 11 Abs. 3 IfSG	§ 11 Abs. 4 S. 2, 3 IfSG	§ 16 Abs. 1, 2 IfSG	§ 25 Abs. 1 IfSG	§ 25 Abs. 2 S. 1 iVm § 16 Abs. 1, 2 IfSG	§ 25 Abs. 1, 2 S. 2 iVm § 16 Abs. 2 S. 3 IfSG	§ 25 Abs. 1, 3 IfSG	§ 27 Abs. 1 iVm § 25 Abs. 1 IfSG	§ 27 Abs. 6 IfSG	§ 28 Abs. 1 S. 1 Hs. 1, Abs. 3 i.V.m. § 16 Abs. 2 IfSG	§ 28 Abs. 1 S. 1 iVm § 28a Abs. 1 Nr. 17, Abs. 4 S. 3, 4  IfSG	§ 28a Abs. 4 S. S. 1 IfSG	§ 28a Abs. 4 S. 4 IfSG	§ 29 Abs. 1, 2 S. 1, 3 Hs 2 IfSG	§ 29 Abs. 1, 2 S. 2 iVm § 25 Abs. 3 IfSG	§ 29 Abs. 2 S. 3, 4 iVm § 23 Abs. 5 IfSG	§ 29 Abs. 2 S. 3, 4 iVm § 36 Abs. 1 IfSG	§ 31 i.V.m. 28 Abs. 1, 3 i.V.m. § 16 Abs. 2 IfSG	§ 36 Abs. 9  S. 3 Abs. 8 S. 1 iVm § 3 Abs. 1 Corona-EinreiseVO IfSG	§ 17 Abs. 1 Nr. 3,4 NDSG	§ 11 Abs. 3 Nr. 1, 7 LDSG S-H	§ 19 Abs. 1 S. 1, 2 Abs. 2 Nr. 4 LDSG RLP	§ 11 Abs. 1 Nr. 3 BremDSGVOAG	§ 14 Abs. 1 Nr. 2,3 BlnDSG	§ 9 Abs. 3, 4 DSAG-LSA	§ 16 As. 2 Nr. 5 ThürDS	§ 20 Abs. 1 Nr. 2 HDSIG	§ 8 Abs. 1 Nr. 3, 4 SDSG	Art. 8 Abs. 1 Nr, 3, 4 BayDSG	§ 17 Abs. 2 LDSG BW
INTERNATIONAL	§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 1 iVm § 6 Abs. 1 lit. t IfSG	§ 9 Abs. 2 Nr. 1 iVm § 8 Abs. 1 Nr. 2 iVm § 7 Abs. 1 Nr. 44a IfSG	§ 9 Abs. 2 Nr. 1 iVm § 8 Abs. 1 Nr. 3 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG	§ 9 Abs. 2 Nr. 1 iVm § 8 Abs. 1 Nr. 3 iVm § 7 Abs. 1 Nr. 44a IfSG2	§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 5 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG	§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 7 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG	§ 9 Abs. 1 Nr. 1 iVm § 8 Abs. 1 Nr. 8 iVm § 6 Abs. 1 Nr. 1 lit. t IfSG2	§ 9 Abs. 1 Nr. 2 IfSG; § 9 Abs. 2 Nr. 2 IfSG	§ 9 Abs. 1 Nr. 3 IfSG	§ 9 Abs. 1 Nr. 3 IfSG; § 9 Abs. 2 Nr. 3 IfSG	§ 9 Abs. 1 Nr. 4 i.V.m § 6 Abs. 1 S. 1 Nr. 3 iVm § 22 Abs. 2 IfSG	§ 11 Abs. 1 Nr. 1, Abs. 3 IfSG	§ 11 Abs. 3 IfSG	§ 11 Abs. 4 S. 2, 3 IfSG	§ 16 Abs. 1, 2 IfSG	§ 25 Abs. 1 IfSG	§ 25 Abs. 2 S. 1 iVm § 16 Abs. 1, 2 IfSG	§ 25 Abs. 1, 2 S. 2 iVm § 16 Abs. 2 S. 3 IfSG	§ 25 Abs. 1, 3 IfSG	§ 27 Abs. 1 iVm § 25 Abs. 1 IfSG	§ 27 Abs. 6 IfSG	§ 28 Abs. 1 S. 1 Hs. 1, Abs. 3 i.V.m. § 16 Abs. 2 IfSG	§ 28 Abs. 1 S. 1 iVm § 28a Abs. 1 Nr. 17, Abs. 4 S. 3, 4  IfSG	§ 28a Abs. 4 S. S. 1 IfSG	§ 28a Abs. 4 S. 4 IfSG	§ 29 Abs. 1, 2 S. 1, 3 Hs 2 IfSG	§ 29 Abs. 1, 2 S. 2 iVm § 25 Abs. 3 IfSG	§ 29 Abs. 2 S. 3, 4 iVm § 23 Abs. 5 IfSG	§ 29 Abs. 2 S. 3, 4 iVm § 36 Abs. 1 IfSG	§ 31 i.V.m. 28 Abs. 1, 3 i.V.m. § 16 Abs. 2 IfSG	§ 36 Abs. 9  S. 3 Abs. 8 S. 1 iVm § 3 Abs. 1 Corona-EinreiseVO IfSG	§ 17 Abs. 1 Nr. 3,4 NDSG	§ 11 Abs. 3 Nr. 1, 7 LDSG S-H	§ 19 Abs. 1 S. 1, 2 Abs. 2 Nr. 4 LDSG RLP	§ 11 Abs. 1 Nr. 3 BremDSGVOAG	§ 14 Abs. 1 Nr. 2,3 BlnDSG	§ 9 Abs. 3, 4 DSAG-LSA	§ 16 As. 2 Nr. 5 ThürDS	§ 20 Abs. 1 Nr. 2 HDSIG	§ 8 Abs. 1 Nr. 3, 4 SDSG	Art. 8 Abs. 1 Nr, 3, 4 BayDSG	§ 17 Abs. 2 LDSG BW
TYPE	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no	yes/no
SOURCE	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual	manual

Part 4:
Caption: Automatic Deletion

GERMAN TEXT	Startzeitpunkt	effektive Löschfrist (Tage)
INTERNATIONAL	StartDate	Deletion period (days)
TYPE	String	INT
SOURCE	manual	manual

The Startdate can be either EV (German) or ED (German).
EV = Ende der Verarbeitung / End of processing
ED = Erstellungsdatum / Creation date

Part 5:
Caption: Additional Information

GERMAN TEXT	SORMAS Version	Version Tabelle
INTERNATIONAL	SORMAS Version	Version Table
TYPE	String	String
SOURCE	manual	manual

Possible Alternatives

Additional Information

The corresponding Excel-Sheet can be found here: https://github.com/hzi-braunschweig/SORMAS-Security/issues/31

[MartinWahnschaffe]

CUrrently no longer needed. See #5027 and #7679