MTA's and process

[marc4-stanford]

I want to discuss how we are handling MTA's . There are a bunch of pieces to this issue.

Currently, https://biobricks.org/signatories/ is the authoritative list of signers of the openmta master agreement. To sign, institutions go to https://biobricks.org/open-mta-become-a-signatory/

The data from the form is put into a gravity forms database. While there is an API to access the data, I think it is simpler and easier for others to access the data in a csv export. I am working with Yar to set up a daily extract to a known location (URL). openmta-master-agreement-2019-11-03.csv.zip

I think the form and database needs to be updated to include the name, email and phone number of the person authorized to sign an implementation letter on behalf of the organization.

I think that we should check the csv daily and import any new records into the Institutions table. And add the information about who can sign an implementation letter.

On the user's profile page, the list of institutions should be build from the imported list. There should be copy that says that if you don't see your institution then go to the biobricks.org site and sign the master agreement. Once their institution has signed we would then pull the data into our software and their institution would be added to the pulldown.

In the freegenes software configuration we need to be able to indicate which institution we are. This will tell the software who at our institution can sign implementation letters.

When someone orders something and we create the implementation letter. It should email the individual authorized to sign the letters and the requester should be copied. When we get a signed letter back from the authorized signer, it needs to be routed to our institution's authorized signer. When we have a signed and counter signed implementation letter, we can ship.

This makes it simple for us to do our due diligence. To know that the institution we are sending to has signed the master agreement, that the requestor is actually part of the institution they are claiming to be associated with and the someone with authorization has signed the implementation letter.

/marc

[Koeng101]

Integration with Master sounds out of scope for the current support contract with @vsoch . Above would require integration with at least 1 more API, which is out of scope, since there are already views which enable this functionality.

When someone orders something and we create the implementation letter. It should email the individual authorized to sign the letters and the requester should be copied. When we get a signed letter back from the authorized signer, it needs to be routed to our institution's authorized signer. When we have a signed and counter signed implementation letter, we can ship.

I'd like to hear from @hverdonk about how current implementation is working and how it can be improved. Perhaps a description of what it is now, and the steps are to make it better?

[hverdonk]

Currently, I have to check manually if the organization making the request has signed the master agreement. Initially, I was under the impression that the Biobricks OMTA signatories page was not up to date, but as this does not appear to be the case I can continue manually checking for now.

For the implementation letter itself, I need to more fully test how the software works, and that it is working correctly. In theory, when someone orders a distribution, they will be taken to a page to sign and upload an implementation letter, which should then be attached to their order. I would then email that letter to Matt Ho for a countersign, reupload it, and finish processing the shipment.

[vsoch]

That reflects what we discussed https://github.com/vsoch/freegenes/issues/23#issuecomment-525430195, and the staff would only need to check if the signed_master was set to False. Although the process can be improved upon with this additional API, it is complete, and was done in this way because at the time of implementation we did not have established policy on how to handle MTAs and associated fields for them.

[marc4-stanford]

I agree with what you decide back in Aug. But now we are able to store names and addresses in the system and have a better idea of how to handle MTAs and where to get authoritative information. So we should be able to modify our process/software accordingly.

[Koeng101]

@marc4-stanford The process is minimally working, which is in scope of original work agreement. If it is really required by @hverdonk , we can discuss, otherwise, I believe we should table this.