Sensitive data

WebHare offers some tooling to deal more safely with various sensitive or personal (PII) data you may process.

Auditing

WebHare ships with a few reporting mechanisms to help you find potentially sensitive data and audit who has access to this data. 

• Use `wh gdprscan` on the commandline to get an overview of WRD schemas and database tables that could potentially contain personal data. 
• Walk through the "Objects and Rights" view in User and rights management to see users with (implicit) access to sensitive data.
• Publisher Search can search for forms by retention period. Watch for forms with suspiciously long retention periods

Automatic deletion

You can mark files for automatic deletion at a certain date by setting the deletion property in the lifecycle metadata. Files such as cached import data or WRD schema backups that may contain sensitive data should be marked for automatich deletion to ensure they can't easily linger around even when copied or synced between WebHare servers (the lifecycle metadata is cloned too when copied).

You can find the file's planned deletion date in its object properties on the Tasks tab (sysop and supervisor only) and set it using SetInstanceData in code:

fileobj->SetInstanceData("http://www.webhare.net/xmlns/publisher/lifecycle", 
    [ deletion := AddDaysToDate(14, GetCurrentDatetime())  
    ]);