Jump to content

Timecard Buddy Export Data Opinions


Recommended Posts

I need opinions on a potential Timecard Buddy feature and it applies to anyone who fills out a timecard or has someone else fill out a timecard for them

 

Originally I kept Timecard Buddy's data restricted to the device. I later added a limited cloud element: if your device is signed into your Apple or Google ID, data will be synced across your devices. The reason I kept it restricted is to limit the potential of leaking user data, particularly when a coworker is entrusting it to someone else filling out timecards. Most of the data isn't particularly harmful (though privacy should be respected): work times, pay rates, rentals. But the data does sometimes include a person's Social Security Number or at least the last four digits. And the app also takes signature images, though I'd never consider putting those into a file so that's not at issue here

 

Users are asking to be able to export data to transfer to another person to continue timecard duties for a department. And I am concerned about adding that to the app. I actually forgot about my concern for a moment and started writing it. Here are parameters of the feature and you guys tell me whether you consider it a worthwhile trade off:

 - data would be exported to a file

 - the file would only be able to be read by the Timecard Buddy app (barring substantial hacking)

 - the file could include as little as a single timecard and as much as the entire history of all timecards on the device

 - the export could be used to pass timecard responsibilities to another person, to create a backup of data, or to give employees a record of just their timecards

 - (Something I just thought of) I could automatically convert full social security numbers to just last four digits on export

 

Again, my major concern is a Timecard Buddy user managing other employee social security numbers, and then years later transferring their entire history's worth of those SSNs to another person. Whatever the circumstances of that happening, this feature would make it possible

 

Thanks for your feedback

Link to comment
Share on other sites

  • NewEndian changed the title to Timecard Buddy Export Data Opinions
On 3/21/2022 at 11:55 AM, Patrick Farrell said:

I don't know anyone that uses full social security numbers on their timecards. I'm all for being security conscious but I think you're making a mountain out of a molehill.

I'll think about these things so that my users don't have to. But I'm actually rather happy with the replacing full SSNs idea, so that's what I'm going with

 

On 3/21/2022 at 12:04 PM, VASI said:

My advice is if you go with Social Security Number; app must be end-to-end encryption.

It will be end-to-end encrypted. It would take substantial hacking and reverse engineering to extract the data outside the app. (Nothing is unhackable)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...