We have been looking at the new General Data Protection Regulation (GDPR). To put it in a nutshell, it would appear that companies will become liable for leaking of any personal data and that they must do everything “reasonable” to mitigate the potential loss. We believe that there will be increased pressure to encrypt just about everything that contains or might be attributed as personal data. Since many surveys hold personal data both in the Token Table and survey data tables it will become a serious issue for LimeSurvey users.

We’ve found a module that encrypts the Token Table and after a couple of issues have managed to get it working, but we cannot find a way to encrypt the data response table.

Any ideas or help on how to encrypt the Token and Data tables together would be very much appreciated.

Have you seen this?
github.com/SamMousa/limesurvey-encrypt

Hi Benoit

Thanks so much for this

I'll have a look over the weekend and get back to you

Have you used this at all? Are there any issues with speed or limitations that you know of?

Many thanks and kind regards
Chris

Hi,

I've just realised that I made a stupid mistake with my original posting. We CAN encrypt the response data. Its the Token Table that we can't encypt!

... and it is the Token Table that is the most sensitive in terms of data protection because it is here where client names and email addresses are almost always stored!!

Sincere apologies.