Personal Data Requests

This page shows the design pattern for requesting a person's national insurance number.

Needs review by devs

Basic logic

To comply with DPIA rules, a user needs to select a reason before they can consult or edit sensitive personal data. This reason will be recorded and can be retrieved for auditing/control purposes later. This was suggested by the DPO as a way to ensure easy access to the information, while ensuring responsible use of this information.

The sensitive information includes:

  • Date of birth (Date)

  • Gender (Codelist - single select)

  • National registry number (11 numbers)

  • Nationality (Codelist - multiple select)

How the data request works

The user can see that they can request the sensitive date next to the label. When they click on it, a request form opens, where the user needs to select a reason for requesting that data. Once the request is approved, the data will be visible next to the label until the end of the user leaves the page.

After a review from Sam, we know it is feasible to hide the data again once the user leaves the page.

We still have two options - both with feasible implementation:

  1. The data is hidden again after the user leaves that sub-page (goes to contactgegevens or posities)

  2. The data is hidden again after the user leaves that person's page (goes back to list of people, or switches to an administrative unit.)

@Yassin, thoughts?

Yassin : Yes, I would say both

S: Should we have to link to the general privacy policy of the websites of ABB? If yes, maybe better to place it on the menu item 'Persoonlijke gegevens'. @Miet, there has been a discussion in the past on privacy disclaimers on products, I think you where involved in that discussion, no?

Screens

Erediensten

Request data

The user will see four labels, each for one of the sensitive data they can request, but requesting one of the data will automatically show all four, meaning it doesn't matter which request button (vraag aan) the user clicks, it will always follow the same journey and result in the same outcome.

Data request form

Does the codelist exist for this already?

YB: Nope, I remember asking it, but I think we will create a small analysis ticket for this to figure this out and to get approval of the DPO on this

Showing data

Editing

The editing of sensitive personal data will happen the same way as editing any other data. If the user hasn't yet requested to see the sensitive data before starting to edit, they won't be able to edit that data.

They will, however, be shown a link to request the sensitive data, in case they want to edit it, too.

If the user requests the data from the edit screen, they would see the same screen they would normally when requesting the data:

When the user has submitted the reason for viewing the data, they will be shown an edit screen where they are able to edit all of the personal data.

This is also the same screen the user would see if they had already requested to see the sensitive data before starting to edit.

PreviousPersoonlijke gegevensNext[NEEDS REVIEW] Contactgegevens

Last updated