search

shardhrv / pe

0 stars 0 forks source link

Partially hidden NRIC is fully accessible #1

Open shardhrv opened 4 days ago

shardhrv commented 4 days ago

Description

The User Guide states that the NRIC of pet owners are not to be displayed to the user as they violate PDPA. However, the data of the owners is very easily accessible to the user as they are able to simply open the pawpatrol.json file and access the full unaltered NRIC number from there.

Possible Solution

As this app is meant to be stored and used for just the vet's purposes, fully display the NRIC. Alternatively, if that violates the PDPA in question, choose another way to ensure uniqueness of an owner, such as by their phone number. This way, the security concerns with the NRIC can be resolved.

Steps to Reproduce (if any)

Relevant Screenshots (if any)

image.png

NRICs obscured:

image.png

NRICs fully visible:

image.png

nus-pe-script commented 15 hours ago

[IMPORTANT!: Please do not edit or reply to this comment using the GitHub UI. You can respond to it using CATcher during the next phase of the PE]

Team's Response

Encryption and Masking of NRIC Numbers

Thank you for raising this feature request. Our team recognizes the importance of maintaining compliance the Personal Data Protection Act (PDPA). This request will be documented for future updates to PawPatrol.

Overview

We are pleased to share that PawPatrol's current features comply with the PDPA guidelines.

An Introduction to Singapore's Personal Data Protection Act (PDPA)

The PDPA establishes strict guidelines for the handling of personal data, including NRIC numbers, in Singapore. For healthcare providers, these guidelines allow the use of NRIC numbers but requires some measures. This includes:

How PawPatrol Complies with PDPA

To address compliance requirements, PawPatrol includes the following measures:

  1. Masked NRICs to Protect Patient Privacy:

    • When patient details might be visible to others (e.g. at registration counters), the system automatically masks NRIC numbers to prevent accidental exposure. NRICs are displayed as SXXXX123A where appropriate

  2. NRICs Used as Identifiers:

    • As a healthcare establishment, PawPatrol allows the use of NRICs as unique patient identifiers to facilitate accurate record-keeping

  3. Authorized Access to Full NRIC Data:

    • Only authorized personnel, such as veterinarians and clinic administrative staff, can view the full NRIC when required for legal or operational purposes
    • Access to the device should also be secured with passwords and given only to staff on a need-to-know basis

These measures ensure compliance with the PDPA while maintaining the functionality clinics need to operate efficiently.

Future Enhancements

While PawPatrol already adheres to PDPA guidelines, we are exploring further enhancements to improve data security and compliance. Currently, CS2103T project guidelines require that all storage data remains human-readable. This limitation prevents us from implementing encryption at this stage. For future iterations beyond the scope of CS2103T, we plan to incorporate encryption mechanisms to further safeguard sensitive data. This will ensure that even if storage files are accessed improperly, the NRIC data will remain protected.

image.png

Thank you again for your feedback. We are committed to ensuring that PawPatrol continues to meet the evolving needs of its users while adhering to legal requirements. Please let us know if you have further suggestions or specific requirements for this feature.

Items for the Tester to Verify

:question: Issue response

Team chose [response.NotInScope]

Reason for disagreement: [replace this with your reason]

## :question: Issue severity Team chose [`severity.Low`] Originally [`severity.High`] - [ ] I disagree **Reason for disagreement:** [replace this with your reason]