Closed humphd closed 2 years ago
Great idea to keep it separate. How do you feel about including just postal code or province along with it, for regional overlay of demographics?
I had the same thought, but does it mean we'll be including private "fingerprintable" data for a request (e.g., you could correlate request data and demographic data)? I guess the timestamp does the same thing. Maybe it's not a big issue? Not sure.
Up to you, I can easily add it. Let me know.
If we delete the name, address, email address of the request as part of the automated cleanup, then even if the two can be matched up, there's nothing to personally identify. To me, the only question is if postal code is too localized and if we should keep it at provincial higher level.
Based on https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/02_05_d_15/, I don't think a Postal Code is considered Personally Identifiable Information (PII), so maybe we can include that. Do you read this the same way?
What is generally not considered personal information can include:
Information that is not about an individual, because the connection with a person is too weak or far-removed (for example, a postal code on its own which covers a wide area with many homes)
My reading is that postal code is ok, but some people are uncomfortable with stuff that is too close to identifying, even if it isn't strictly personal. Like if it narrows down to 10 houses on 1 street, that's not /personally/ identifiable, but it's proximal. I'm fine with it, but I wanted to make sure everyone else is also fine with it.
This is Part 1 of a 2 part fix for #126, adding the back-end data collection piece. I'll push the front-end piece next, but it relies on this code being in place, so I want to get this merged first.
This change adds a new
demographics
collection to the database. It is meant to keep user's personal information separate from the demographic info. Every time a request comes in that includes at least 1 request for Rapid Tests (i.e., we won't bother if it's only masks being requested), we'll include anonymous demographic data about affected, vulnerable groups.The collection's data schema looks like this:
Any/all checkboxes for vulnerable groups will show up as an item in the
groups
field (i.e., Array). I've also included a.stats()
method for counting and reporting on these groups (currently there is no UI for this, we need to figure out how to do it...maybe a cli tool you can run on the server?).I've also written unit tests for these changes.
There are no new dependencies for this change (i.e., no need for
npm install
on the server).