Gate-Swipe Data Flow

Owned by Laura Morse
Last updated: Aug 01, 2022
2 min read

Data captured by the Siemens gate system is managed by the HUPD.   This system does not comprehensively capture the data points desired by the Harvard Library.  HUPD PACS Data will be augmented with data from IAM.   Anonymized data will be securely stored in an LTS maintained database, and exposed to authorized users via HART.

Data Flow

  1. Library users swipe into libraries using SIEMENS CCure system.
  2. User data is written to the HUPD PACS Systems 
  3. Weekly report of key person data points (HUID, Date/Time Stamp, Swipe location/door name) is created and pushed to secure location for library use.
    1. Scott Waite to confirm with HUPD signoffs needed for data feed.
    2. Scott Waite to confirm details of secure file transfer with SIEMENS.  Preference is that data file with be automatically pushed to an LTS, but LTS could script secure retrieval if needed.
    3. What breach plan would be in place for monitoring and resolving unauthorized access to this file?
    4. Is there need for an opt-out notice for users?  Advanced notice of tracking?
  4. LTS script uses HUID to retrieve additional data points about the library user.
    1. Steve Beardsley to confirm with IAM that PDS API, rather than a DB view, would be used to retrieve data.
    2. Steve Beardsley to confirm sign off process with IAM for access to data.
    3. Allison Powers will review the desired data fields spec drafted by Steve Beardsley and Kim Noh with Kara Young.
    4. Steve Beardsley and Kim Noh will finalize IAM code mapping logic.
    5. Laura Morse will facilitate EAI review process with HUIT.
    6. Should EPPN be used for primary key for user records?  Or would this need to be hashed in someway.
  5. LTS writes anonymized record for each swipe to database.
    1. Sharon Bayer will determine database to environment for the anonymized data.
    2. Allison Powers will finalize technical spec for PACS data file retrieval.
    3. Allison Powers will finalize technical spec for IAM process to retrieve people data/map IAM codes to HL desired codes.
    4. Allison Powers will finalize technical spec for writing records to the database.
    5. ProdOps assignee will script PACS data file retrieval.
    6. ProdOps assignee will script IAM people data record retrieval/mapping transformation.
    7. ProdOps assignee will script writing to gate-swipe database.
    8. What breach plan would be in place for monitoring and resolving unauthorized access to this data files create as part of update process as well as direct access to database?
  6. Authorized users use HART to access data.
    1. Rachel Lewellen and Allison Powers will draft policies related to authorized user requirements and login provisioning workflow.
    2. Rachel Lewellen and Allison Powers will draft policies on publication and reuse of gate-swipe data (into other systems like tableau, and for internal and external formal and informal communications/dashboards).
    3. Allison Powers will create model to expose gate-swipe database in HART.
    4. Sharon Bayer will perform Tableau Server security review.
    5. Team will review policies.
    6. Allison Powers will update HART wiki pages with data model and policy information.
    7. Allison Powers/Rachel Lewellen will announce service.
    8. Should Hart be the primary took used to access this data?
    9. What breach plan would be in place for monitoring and resolving unauthorized access to this data files create as part of update process as well as direct access to database?