2019-04-08 Meeting notes

• Atlassian tool upgrades cannot be done for Bitbucket due to a git server requirement that cannot be satisfied with RedHat 6. The servers need to be upgraded to RedHat 7. Bamboo upgrade has been installed but has not been switched over to yet.
• rapolas (Unlicensed) has added the extra dataset fields that make use of the InterpolationCode to the extract code base.
• George Swinnerton can see no files that suggest Kings have in fact managed to send a complete file dump for patients from the 1st Jan. He will ask them to re-run and let him know when they have done it and indicate the batch code used so he can trace them. He will also follow up on the expansion of the extract and highlight that they will not be in the annual report unless this feed is sorted in time.
• RRAM Extract has been completed.
• 3C memberships triggering the feeds has highlighted the need for a new facilities table rather than using the codes tables. This may be related to the surveys code issue which also needs resolving. It might be prudent at this point to also create a new results table. George Swinnertonalso highlighted the fact that the programmemberships use a localhospitalid but that if the group is a anonymous study we need to distinguish their study ids from generic localhospitalids to ensure exports don't include the study membership and id. The suggestion is to create a studyid type for this purpose and ensure this is not exported by default when all ids are exported etc.
• The simplified feeds has not been progressed.
• Tim Whitlock (Deactivated) has asked Nick about ticket TNG-521 and will add TNG-530 to this.
• Tim Whitlock (Deactivated) has worked through the N3 Penetration Test Report updating the web configurations and headers removing risky ciphers etc.
• rapolas (Unlicensed)  has applied changes identified as required in the N3 Penetration test.
• George Swinnerton has mapped the peadiatric data into the schema there are a number of queries around some of the data fields and how they should be recorded due to differences between adults and children. George Swinnerton will discuss with Fiona.
• Validation all the tickets are in review except the data quality report ticket. The next release is waiting on the review tickets to be signed off.
• rapolas (Unlicensed) has had a number of RaDaR tickets prioritised with a due date he is now working through. Fioan has been given access to set the due date for tickets to help manage the priorities better.

 The Internet PenTest is now available in R:\0 Systems\Projects\Pen Tests\Internet Jan 2019\Renal March 19 this highlights a number os potential issues with patientview.org, one with internationalradar.org and a few with the wordpress configurations for the main websites. In addition it highlighted the lack of captchas on the form entry on thinkkidneys.nhs.uk and renalreg.org which could leave them open to an automated attack.

Tim Whitlock (Deactivated) has started working through the website configuration issues, George Swinnerton will feedback the patientview issues to SSG and Rapolas will address the international radar issues.