Date

08 Apr 2019

Attendees

Goals

Review outstanding tasks and issues
Look at tasks for week ahead

Discussion items

Item	Who	Notes
Outstanding tasks	Tim Whitlock (Deactivated)	Atlassian tool upgrades cannot be done for Bitbucket due to a git server requirement that cannot be satisfied with RedHat 6. The servers need to be upgraded to RedHat 7. Bamboo upgrade has been installed but has not been switched over to yet. rapolas (Unlicensed) has added the extra dataset fields that make use of the InterpolationCode to the extract code base. George Swinnerton can see no files that suggest Kings have in fact managed to send a complete file dump for patients from the 1st Jan. He will ask them to re-run and let him know when they have done it and indicate the batch code used so he can trace them. He will also follow up on the expansion of the extract and highlight that they will not be in the annual report unless this feed is sorted in time. RRAM Extract has been completed. 3C memberships triggering the feeds has highlighted the need for a new facilities table rather than using the codes tables. This may be related to the surveys code issue which also needs resolving. It might be prudent at this point to also create a new results table. George Swinnertonalso highlighted the fact that the programmemberships use a localhospitalid but that if the group is a anonymous study we need to distinguish their study ids from generic localhospitalids to ensure exports don't include the study membership and id. The suggestion is to create a studyid type for this purpose and ensure this is not exported by default when all ids are exported etc. The simplified feeds has not been progressed. Tim Whitlock (Deactivated) has asked Nick about ticket TNG-521 and will add TNG-530 to this. Tim Whitlock (Deactivated) has worked through the N3 Penetration Test Report updating the web configurations and headers removing risky ciphers etc. rapolas (Unlicensed) has applied changes identified as required in the N3 Penetration test. George Swinnerton has mapped the peadiatric data into the schema there are a number of queries around some of the data fields and how they should be recorded due to differences between adults and children. George Swinnerton will discuss with Fiona. Validation all the tickets are in review except the data quality report ticket. The next release is waiting on the review tickets to be signed off. rapolas (Unlicensed) has had a number of RaDaR tickets prioritised with a due date he is now working through. Fioan has been given access to set the due date for tickets to help manage the priorities better.
PenTest Internet	Tim Whitlock (Deactivated)	The Internet PenTest is now available in R:\0 Systems\Projects\Pen Tests\Internet Jan 2019\Renal March 19 this highlights a number os potential issues with patientview.org, one with internationalradar.org and a few with the wordpress configurations for the main websites. In addition it highlighted the lack of captchas on the form entry on thinkkidneys.nhs.uk and renalreg.org which could leave them open to an automated attack. Tim Whitlock (Deactivated) has started working through the website configuration issues, George Swinnerton will feedback the patientview issues to SSG and Rapolas will address the international radar issues.

Action items

Tim Whitlock (Deactivated) to look at Atlassian tools update solution for Bitbucket and Atlassian tools moving forward.
George Swinnerton to get Kings to resend all patient data and verify it has happened. 15 Apr 2019
George Swinnerton to chase the expansion of the Kings feed so an extract can be produced. He will highlight that without this no audit file will be available for the annual report 15 Apr 2019
George Swinnerton to look at resolving the whole question of study groups and programmemberships 22 Apr 2019
George Swinnerton to follow up with Fiona about the peadiatric data fields that don't map readily. 15 Apr 2019
rapolas (Unlicensed) to look at the internet PenTest report and resolve internationalradar issues. 15 Apr 2019
Tim Whitlock (Deactivated) to look at website security issues related to headers, .htaccess and ciphers for all sites 15 Apr 2019
George Swinnerton to follow up with SSG about penTest issues on patientview 15 Apr 2019

Browser not supported