Commit daed23eb authored by Bengfort's avatar Bengfort
Browse files

avoid excessive note markup

parent 6598fea2
Pipeline #12969 passed with stage
in 27 seconds
......@@ -10,36 +10,14 @@ through castellum.
Traces of contact data can also exist in the systems that are used for
communication, e.g. email servers or payment providers.
.. note::
An alternative approach for generating pseudonyms would be to calculate an
encrypted hash over immutable, subject-related information (e.g. name, date
of birth)
That approach would have the benefit of not relying on a central
infrastructure to store the pseudonyms. However, in cases where such a
central infrastructure with strict access control is feasible, Castellum's
approach is much simpler.
For more information on these two approaches, see `Anforderungen an den
datenschutzkonformen Einsatz von Pseudonymisierungslösungen (german)
<https://www.de.digital/DIGITAL/Redaktion/DE/Digital-Gipfel/Download/2018/p9-datenschutzkonformer-einsatz-von-pseudonymisierungsloesungen.pdf>`_.
.. note::
The algorithm that is used to generate pseudonyms can be configured. The
algorithm that is used by default produces alphanumeric strings with 20
bits of entropy and two checkdigits that are guaranteed to detect single
errors. It is also available as a `standalone package
<https://pypi.org/project/castellum-pseudonyms/>`_.
A subject can have many different pseudonyms in different domains. Castellum
automatically creates a new domain for each study. There can be more than one
domain per study as well as *general domains* that are not connected to studies
at all.
.. warning::
Pseudonyms are only unique (and therefore useful) within their domain.
Whenever you use a pseudonym, make sure that it is clear which domain it
belongs to. If in doubt, store the domain along with the pseudonym.
Pseudonyms are only unique (and therefore useful) in the context of a domain.
Whenever you use a pseudonym, make sure that it is clear which domain it
belongs to. If in doubt, store the domain along with the pseudonym.
It is up to you to decide on a granularity of domains. For example you could
use a single domain for all bio samples. Or you could use separate domains for
......@@ -81,3 +59,22 @@ Relevant guides:
- :ref:`study-domains`
- :ref:`subject-get-pseudonym`
- :ref:`subject-delete`
How pseudonyms are generated
----------------------------
Castellum generates random pseudonyms and stores them in a database.
An alternative approach for generating pseudonyms would be to calculate an
encrypted hash over immutable, subject-related information (e.g. name, date of
birth). That approach would have the benefit of not relying on a central
infrastructure to store the pseudonyms. However, in cases where such a central
infrastructure with strict access control is feasible, Castellum's approach is
much simpler. For more information on these two approaches, see `Anforderungen
an den datenschutzkonformen Einsatz von Pseudonymisierungslösungen (german)
<https://www.de.digital/DIGITAL/Redaktion/DE/Digital-Gipfel/Download/2018/p9-datenschutzkonformer-einsatz-von-pseudonymisierungsloesungen.pdf>`_.
The algorithm that is used to generate pseudonyms can be configured. The
default algorithm produces alphanumeric strings with 20 bits of entropy and two
checkdigits that are guaranteed to detect single errors. It is also available
as a `standalone package <https://pypi.org/project/castellum-pseudonyms/>`_.
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment