Security considerations

Users with access to data cleanup potentially gain access to a range of metadata on all records and cases in the F2 installation, including access to the personal information of involved participants. These metadata are used to evaluate whether a case or record is ready for deletion. Users with access to data cleanup also have the rights to delete these records and cases permanently.

The data cleanup tools will never grant users access to record contents that they did not have already. This applies to both record documents and documents attached to the records. This means that users who perform the data cleanup do not gain unnecessary access to sensitive information.

Data cleanup lists can be accessed using both a default role and a privilege, which can be assigned to users. Either should be assigned with the utmost caution and in compliance with data security policies. To meet the need for security and monitoring of cleanup list usage, there are also built-in reporting options. This means that during data cleanup, you can automatically document what has been deleted and state a reason for deletion.

The act of deleting data is documented in F2’s database. This documentation cannot be deleted, and said documentation can be extracted with the Analytics module.