data privacy risk?
Closed this issue · 2 comments
The patient profile module (tm_g_patient_profile) works by plotting data for a single patient:
By using the filter panel, that patient can be filtered out and then this message appears:
By playing around with filters one could obtain a considerable amount of information about the patients (or their IDs).
Could this be a vulnerability?
Can private data be leaked this way?
Does it not violate triple blind study design?
Now that filtering is possible on a per-module basis, perhaps this module should have the filter panel forcibly disabled?
In a typical clinical trial setting, blinding would be enabled by replacing the real treatment assignment and/or drug names with random/dummy data. This means blinding or unblinding is done on the input data, prior to it gets to teal app. My assumption is that if user has access to an app that was designed to show/visualize restricted or blinded clinical trial data, the users would first need to have permission to view such data (blinded or not), in its entirety. Even without filter panel, these users should theoretically be able to see any data points as they wish. These access controls are enabled through various systems external to teal, why we need teal data connectors. So I don't think teal app or any components of teal app is jeopardizing data privacy in this sense.