dhis2-users team mailing list archive

Thread
Date

Re: dhis to submit anonymous data

To: Jim Grace <jimgrace@xxxxxxxxx>
From: Lars Helge Øverland <larshelge@xxxxxxxxx>
Date: Fri, 28 Jun 2013 14:35:03 +0200
Cc: "dhis2-users@xxxxxxxxxxxxxxxxxxx" <dhis2-users@xxxxxxxxxxxxxxxxxxx>, DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <0CD5189B-8947-4F3B-829B-99335A73E71B@gmail.com>

Hi,

thanks for the good questions and comments.

This information will be stored in some central system. The system will be
managed by the DHIS core team. That system will be made open source so that
anyone who feels like it could investigate it.


> Who would have access to the "sensitive" data like IP addresses of the
> servers, i.e. the data which would not be publicly disclosed? Given recent
> revelations in the news, how would possible data requests from third
> parties be handled (such as a list of IP addresses for where DHIS2 is used)?
>
>
We will simply not store IP addresses. We are not interested in them
anyway, and to avoid any thinkable doubt of misuse or NSA inquiries we will
not store them.

I am thinking that for this function to have a purpose, it should not be
possible to opt out of the very basic, anonymous data, like DHIS version
and random system identifier. If optional then the statistics wouldn't be
very useful. If that is not acceptable we would rather drop the feature. Of
course, the "activation" feature with contact person etc would be
completely optional and require that you actively enable it.

One way to approach IP address security is to not record them anywhere (and
> make sure the central server to which the data is sent does not keep any
> log of them.) If the central server doesn't know the IP addresses, they
> can't be divulged to any third party.
>
>
Agreed.


> A very different approach to openness and security is taken by the
> optional OpenMRS "Atlas module". This opt-in module allows an OpenMRS
> installation to provide information that is available in a public OpenMRS
> "atlas" of implementations. The atlas can facilitate interactions between
> OpenMRS community members, including prospective members, and it also
> serves as publicity for OpenMRS as well as the implementers. I'll leave it
> for others to say whether DHIS2 administrators would feel comfortable or
> even welcome this kind of public information for their implementations. See
> http://openmrs.org/atlas/ for the OpenMRS atlas itself, and
> https://wiki.openmrs.org/display/docs/Atlas+Module+User+Guide for the
> atlas module user guide.
>

Thanks for the tip, I will check out the atlas module for inspiration.

Another idea for this concept: The DHIS instances could be checking with a
central system whether new major versions of DHIS are available for
download or whether any critical bugfixes are available for the current
major version. This notifications could be made available through the DHIS
messaging system and be sent to some group of system admin users.


More comments are welcome.

cheers

Lars

Follow ups

Re: dhis to submit anonymous data
From: Jason Pickering, 2013-06-28

References

dhis to submit anonymous data
From: Lars Helge Øverland, 2013-06-27
Re: dhis to submit anonymous data
From: Jason Pickering, 2013-06-28
Re: dhis to submit anonymous data
From: Jim Grace, 2013-06-28