Draft proposal for auditing/approving community developed packages on the wiki

Hi All,

In the EUCAN-Connect project we have had some discussions about all the excellent DataSHIELD packages that are being developed by the wider community. One of the questions that has come out of this is how data owners can “trust” that packages developed by others have been designed to minimise the risk of disclosing data, in the same way that dsBase is trusted. A way of dealing with this might be to have some kind of audit process where DataSHIELD packages are assessed through peer review. Clearly this involves extra work for people, so the aim of the process would be to achieve an appropriate balance between providing reassurance about the trustworthiness of a package versus minimising the amount of bureaucracy.

I have posted a draft process on the DataSHIELD wiki (link below) and would be happy to receive feedback and suggestions.

https://wiki.datashield.org/en/governance/audit-process

Hi Tom, I have proposed a discussion session on this at the DataSHIELD conference. Can you present this process to the community and then we can get feedback in this discussion session to iterate. Might even be able to even ratify it for adoption?

Thanks Becca. I’ll reply to you via email