first bits of security content added

[sckott]

Any thoughts on the first bits of content for the security chapter?

This is a bit different from the other chapters in that i imagine we want to think harder about this chapter given where we work.

There's some half finished thoughts on purpose in here for your feedback. thanks!

We're only building the book for congtent on main, but you can pull this repo down, then run make preview

#6

[sckott]

bump @seankross 🙏🏽

[monicagerber]

I don't think that anything in the WILDS would have PII/PHI data. If data is de-identified, it's not considered to be PHI.

I am not sure how I am going to do data-as-a-product on the CARDS platform and if would be possible/advisable to create R packages that someone live just on there. I think that is the only time that we would have PHI in an R package though.

[sckott]

Okay, thanks very much @monicagerber ! Do you think we just remove this comment about PII/PHI data in examples?

[seankross]

Definitely nothing in WILDS should contain PII/PHI in the package itself, but I imagine several WILDS packages will touch/transmit PII/PHI.

[seankross]

I think that instead of writing sensitive data handling practices here we should link to the sciwiki or something.

[sckott]

Okay. Are you thinking we just remove this chapter? Or keep the chapter but simply link out to sciwiki/other resources with very little text in the chapter itself?

[seankross]

I think we should keep it and link out. The we could have sections like "how to securely integrate [a WILDS thing] with [a service discussed on sciwiki]"

[sckott]

Sounds good!

[sckott]

This chapter is on hold for now ...