Skip to content

Expose pseudonym existence

Bengfort requested to merge expose-pseudonym-existence into main

Based on !1911 (merged)

With study domains, the participation object gives us information about whether data for a subject exists in this domain. With general domains, there is no such object. That is unfortunate for deletion and export, because it puts the task on data protection coordinators to check all general domains.

I believe the existence of the pseudonym itself can provide the information because it is created on demand. If data for a subject has been stored with a pseudonym, that pseudonym obviously has to exist. On the other hand, if a subject has never had any relation with a specific domain, it is very unlikely that there was any reason to create a pseudonym. While this is not a perfect match, it can help reduce the workload for data protection coordinators.

So far we do not expose the existence of pseudonyms in the UI. My approach here is to only allow it to few privileged users (essentially data protection coordinators). See also #88 (closed)

With this change, the condition for subject deletion would no longer be "there are no participations" but "there are no pseudonyms".

Edited by Bengfort

Merge request reports