Loans (UXPROD-788)

[UXPROD-271] Anonymizing/Scrubbing Loan Data (On Demand) Created: 08/Jan/18  Updated: 16/Sep/20  Resolved: 21/Sep/18

Status: Closed
Project: UX Product
Components: None
Affects versions: None
Fix versions: Q3 2018
Parent: Loans

Type: New Feature Priority: P2
Reporter: Cate Boerema (Inactive) Assignee: Emma Boettcher
Resolution: Done Votes: 0
Labels: convo, gdpr, loans, sig-ra
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Cloners
is cloned by UXPROD-447 Retain loan and item information for ... Closed
is cloned by UXPROD-1085 Automatically Anonymizing/Scrubbing L... Closed
is cloned by UXPROD-1120 Retain some patron information on ano... Closed
Relates
relates to UXPROD-373 User endpoint to remove aliases tied ... Open
relates to UXPROD-374 Cron job to call endpoint to remove a... Open
relates to UIU-463 Anonymize closed loans on demand Closed
relates to UXPROD-375 Configuration settings from auto loan... Closed
relates to UIU-609 Anonymize closed loans on demand (sel... Draft
relates to UXPROD-285 GDPR Analysis Complete
Epic Link: Loans
Front End Estimate: Large < 10 days
Front End Estimator: Jakub Skoczen
Back End Estimate: XXL < 30 days
Back End Estimator: Jakub Skoczen
Development Team: Prokopovych
Rank: BNCF (MVP Feb 2020): R1
Rank: Chalmers (Impl Aut 2019): R1
Rank: Chicago (MVP Sum 2020): R1
Rank: Cornell (Full Sum 2021): R1
Rank: 5Colleges (Full Jul 2021): R1
Rank: GBV (MVP Sum 2020): R1
Rank: Lehigh (MVP Summer 2020): R1
Rank: MO State (MVP June 2020): R1
Rank: TAMU (MVP Jan 2021): R5
Rank: U of AL (MVP Oct 2020): R1

 Description   

Purpose: To share the high-level requirements for this feature with the tech team so we can begin a conversation around best path forward.

Background: Due to privacy concerns (both legal and voluntary), many institutions anonymize loan data. In other words, they remove identifying information about the patron (e.g. name and identifiers) from historic loans. Other patron metadata (e.g. patron group) is retained for statistical reporting purposes.

Institutions may anonymize data either as policy (scrubbing patron information from all closed loans), or at the request of a specific patron. This story only covers one-time, manual anonymization of closed loans, breaking the link between the closed loan & the patron and removing the anonymized loans from the patron's list of closed loans.

Anonymization of closed loans elsewhere:

  1. Loan scrubbing
    1. Tenants should be able to determine a time period (specified in days) after which loan data will be anonymized (it should also be possible to not ever anonymize)
    2. Ultimately, each library within a tenant/institution should be able to set their own time period (not v1)
    3. For institutions that don't anonymize for all users by default, we should offer the ability for users to indicate whether they want their data scrubbed (not v1)
    4. For a loan to qualify for scrubbing/anonymizing, it must:
      1. Be closed
      2. Not have any open fees/fines
      3. Be old enough to trigger scrubbing
        1. "Old enough" varies depending on if it has no closed fines/fees or not
    5. When a loan record is scrubbed:
      1. Any patron identifying information should be scrubbed from the loan record in the database.
      2. The only patron information that should be retained includes:
        1. Patron group
        2. Status
        3. Division/department (as of 5/14 RA SIG meeting)
        4. Branch/location (when implemented) Probably not, as of 5/14 RA SIG meeting - not patron info
        5. Custom fields or tags (when implemented)
        6. Date enrolled? No, as of 5/14 RA SIG meeting
        7. Expiration date? No, as of 5/14 RA SIG meeting
      3. The scrubbed loan should no longer display on the patron's Loans page
        1. But what about the Check in page? Institutions that have opted not to save ANY loan history, still need to be able to see the items they just checked in (see UICHKIN-10 Closed for details on what should display on the check in page). We need to make sure this is considered in our implementation.
      4. Anywhere else closed loans may display, the scrubbed loan data should display without any patron identifying information
    6. IMPLEMENTATION NOTE: Many systems log anonymized loan data in a reporting table as soon as the transaction occurs


 Comments   
Comment by Cate Boerema (Inactive) [ 08/Jan/18 ]

Jakub Skoczen, thoughts on next steps for this? As you can see, there are still a few details to work out with the SIG, but I think I am close to being able to write up some stories.

Comment by Cate Boerema (Inactive) [ 17/Sep/18 ]

Hi Emma Boettcher. Feature freeze for Q3 was Friday and this feature is only partially complete. Can you please split the feature and indicate in the Weekly UXPROD Status document that the feature needed to be split and why (mainly because of the scrubber dependency, I believe)?

Thanks!

Comment by Emma Boettcher [ 21/Sep/18 ]

Feature was split at end of Q3 & scope of this feature was changed to manually anonymizing a user's loans, without considerations of saving demographic data or preventing anonymization when loans had fees/fines.

Comment by Cate Boerema (Inactive) [ 10/Oct/18 ]

Thanks for splitting these, Emma Boettcher. I just tweaked the summary on this so it's more clear that this feature is only about on demand scrubbing.

Can you please delete the story links that no longer apply? Each story should have just one feature. Thanks!

Generated at Fri Feb 09 00:06:58 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.