Aller au contenu

PII and logging

Status: Placeholder — to be developed. Last reviewed:

Scope

What categories of data are PII (patient names, dates of birth, social security numbers, financial detail, dentist contracts) and what must never be logged, sent to Sentry, exported to CSV without redaction, or echoed back in error messages. Includes: how to scrub Sentry events, log-level conventions (DEBUG never in prod, INFO is the default), and the "if in doubt, don't log it" default for any field on Patient, Procedure, or Payment.

Sources to mine when writing this

  • Sentry configuration (config/settings/*.pybefore_send scrubbing, sampling).
  • Logging configuration (LOGGING dict in settings).
  • Models with sensitive fields: apps/patients/, apps/procedures/, apps/dentists/ (contracts, revenue), apps/finance/.
  • Any export endpoints — check what they include.