Personally Identifiable & Protected Information Guide

The goal of this document is to help community users understand how we prefer to approach personally identifying and protected information on community.rstudio.com.

Controlling how personally identifiable information (PII) is displayed online is important. PII refers to emails, phone numbers, full names, IP addresses, and other information that offers a direct connection between a user and who they are in real life. This information may also include private and protected data used in a reproducible example, for example, protected health information (PHI).

Sharing Your Own Personally Identifying Information in Threads

Example: including your email address, IP address, phone number, or mailing address in a topic or reply

  • PII should not appear in topics or reply posts.
  • PII should only appear in user profiles. If a user would like to refer to their personal information, we ask they refer others to the information in their profile or send the information via a private message.
  • Please flag all cases where PII appears in a topic or reply. If necessary, moderators may manually delete the problematic information and let the user know.

Sharing Protected or Private Data

Example: protected health information (PHI)

  • It is never okay to post private data online.
  • If you have anonymized or simulated your data but you are still discussing variables that might lead someone to think the data is protected, please explicitly call out your anonymization.
    • For example "These data mask all identifiers" or "All patient data has been simulated"
    • Simply masking identifiers over real data is not permitted by most privacy policies. You may need to simulate new, arbitrary data on a similar data schema.
  • If you suspect data in a thread may include protected private data, please flag it, and add a custom message with your concern.

Motivation for guideline:

  • This guideline hopes to offer people better control over their personal information. PII only appears in one place, which can change or be deleted. Should someone wish to leave community.rstudio.com and remove their account, the default process is to anonymize the user and all their posts. If the user previously posted PII in a reply, there would still be a link between their identity and this anonymous user. (Users are free to delete posts, but they must do so manually.)
  • This guideline hopes to protect people whose information is included in protected data sets, and the users who are working with those protected datasets.

Please also see this site's full privacy policy.

5 Likes