- Do you offer organization subscriptions?
- What are the options for overall account administration? (We would ideally like one grandparent account that MERL team manages, parent accounts for each team/project and then child accounts for each individual user. We are open to paying for this option if that is necessary)
- Can individuals have individual accounts and then set up survey and share the survey and collected data with other users?
- What is the current best practice for user administration? How does IRC, Doctors without Borders and your other larger users manage this?
- Is there a way to mark data with automatic expiration so data can be wiped out in a set amount of time (i.e., ten years) automatically or would we have to go in and manually delete all data?
- How do you ensure PII security? Do you Tokenize, encrypt on your servers, encrypt on the way between data entry and server, or an alternate way?
- Do you have audit trail of who accessed PII data, such as IP addresses, in the instance there is a data breach? If we know someone accessed our PII data, and you have audit trail capabilities, would you be able to tell us which data they accessed and when they accessed it?
- Could you please kindly direct me to where I can find, or provide me a copy of, your end-user agreement or other similar legal documents?
- Could you please kindly direct me to where I can find, or provide me a copy of, a user demo and/or video?
Hi @ascharf, welcome to the KoBo community!
- KoBoToolbox is completely free for organizations to use.
- There are many ways you can manage teams and permissions which you can read more about here and here. There are more advanced, team-management-focused features coming in the future.
- Yes (webforms, Collect app)
- If you are going to be managing large projects with many users and want more control of your data and access, IFRC, UNHCR, UNICEF, etc. have hosted servers which we help maintain (please contact email@example.com if this is something you are interested in).
- You will have to create a custom integration through the API for this or host your own server.
- Please refer to these support articles:
- General Data Protection Regulation (GDPR) — KoBoToolbox documentation
- Data Storage — KoBoToolbox documentation
- Encrypting Forms — KoBoToolbox documentation
- HIPAA Compliance — KoBoToolbox documentation
As Josh noted, this isn’t an option yet, and we generally don’t have features that we hold behind a paywall. However, if you’re interested in (co-)funding development of this, please contact us.
We have enough logging to match up IP addresses with most kinds of activity, but I don’t think it qualifies as an audit trail. If you’re interested in funding an effort to add this, please contact us.
Thank you so much @Josh and @jnm . I very much appreciate your quick and thorough replies! I reached out to the info email a couple weeks ago with these questions but never received an answer (hence why I posted on the community board). I will have to confirm with my IT team, but I believe we would very much be interested in the server option you mention in response to question 4. Is there a particular subject line or any other guidance you can recommend I use when emailing the info account to ensure a reply? Thank you so much!
I’m sorry your email was missed but thank you for following up here. I have notified the team and hopefully they will get back to you via email soon — otherwise please ping here again.