sharlychan-cds
commented
2 years ago Jimmy notes how we could also write an adr for AWS retention (these need to be double checked for accuracy):
- AWS SNS/SMS would be 4 days, regarding status of SMS sent.
- AWS SES specifically does not keep logs per se.
- AWS CloudWatch (where the application logs are) can have information about notifications, but no identifiable information are dropped in there (kept forever apparently).
- AWS SQS (our queue system): it should not last more than 4 days IIRC.
- AWS RDS/Posgresql (our database): 7 days or less for moving to history table, stripped from personalisation.
YedidaZalik
mtoutloff
Give your user story a simple, clear title
Description
We need to create a singular document that outlines when we log an IP address and how long we keep it on Notify. This is for the Privacy Analysis work we are doing.
As a client who uses notify, I need to be able to know what instances where we keep an IP address and for how long, so that I can be in compliance with my own department's policies.
Team to discuss adding: retention limits for AWS (e.g. SNS is 4 days). Might be worth doing this into an adr
Acceptance Criteria** (Definition of done)
Find instances in:
[ ] Notify front-end: at login? when in use?
[ ] When someone sends a notification
collect IP addresses (in full or in part?)
retention for how long? – do we delete it after a while?
what data is the IP address collected attached to?
who has access to these IP addresses in CDS?
who has access to these IP addresses in third parties (e.g. AWS? or
[ ] outcome: results of these findings written in 1 document that we can reference in our privacy analysis
To be refined through discussion with the team