Webform submissions are encrypted by default, which is a good thing. However, due to this, the analysis doesn't provide useful results (other than "user has entered a value 35x").

There is an issue in the Webform Encrypt issue list: #2077125: Webform's Analysis tab doesn't decrypt data, but without any response. Are you aware of this issue, and if so; did you manage to find a work-around?

Comments

BarisW created an issue. See original summary.

askibinski’s picture

askibinski CreditAttribution: askibinski as a volunteer and at iO commented

Actually I don't believe we are aware of this issue. Will check with Frank, thanks for the heads up.

frankschaap’s picture

frankschaap CreditAttribution: frankschaap at ezCompany commented

The analysis functionality is not going to be very useful anyway, since submissions are deleted after a set time. This is a safeguard against storing too much PII, encrypted or not. Some clients have the submission expiration set to as little as 4 days. The local storage is really only meant as a temporary fallback for when there is a problem with the delivery of the webform data to the back-end system (usually a 'zaaksysteem').

So we might also consider hiding the analysis tab, since it has virtually no useful application in DvG.

/edit: yeah, I had noticed it before, but did not consider it much of an issue, since we processed and measured submissions in our back-end systems anyway.

BarisW’s picture

BarisW CreditAttribution: BarisW at LimoenGroen commented

Hi Frank,

thanks for the quick reply. However, the municipality I'm working for now uses webforms for simple questionnaires as well. We gave them an option to select whether submissions should be send to their backend system. If not, submissions won't be deleted and the analysis would become very useful. Does that make sense?

frankschaap’s picture

frankschaap CreditAttribution: frankschaap at iO commented

Makes perfect sense, different use case :-)

I can see a couple solutions:

  • if submissions are not deleted, you can export them when the webform is closed and use Excel/Calc to analyse them
  • when the option is checked to not send the submission out, we could consider storing them unencrypted. I don't think I really like this option, because now it becomes an editorial task to not ask for PII in those webforms...
  • write a patch for decrypting form submissions when accessed through the analysis tab

Personally I'd be okay with the first solution, but I think your client might like the third solution best :-)

JoshaHubbers’s picture

JoshaHubbers CreditAttribution: JoshaHubbers at iO commented
Status: Active » Closed (won't fix)

No new DvG7 sites will be started, so we will not spend time on this issue.