Security

There are three main security considerations when working with a surveydown survey:

1. The surveydown application code
2. The hosting environment
3. The data storage environment

While we have worked to make our application code secure, it is ultimately up to you to choose appropriate host and data storage environments that are also secure for your needs.

The surveydown application code

The application code refers to the resulting Shiny app generated from a surveydown survey. Since surveydown users will be collecting potentially sensitive data from survey respondents, we have tried to develop the platform with data security in mind. We have taken care to follow many best practices, such as using SQL injection prevention strategies in how we store the survey response data, and ensuring that users store their database passwords as environment variables that are also added to a .gitignore file. We also adopted an architecture where all content on any page in the survey is served entirely from the shiny server, meaning that respondents taking the survey cannot see the underlying html source code for any of the content being displayed in the survey. This is important so respondents cannot see content on other pages (e.g., completion codes) before getting there from the survey navigation buttons.

Despite our efforts, however, we do not (yet) have any form of security compliance certificate that we can provide. This means we cannot guarantee the application code is compliant with common security protocols, such as SOC2 Type 2 or HIPPA. This is an eventual goal, but for now this is a limitation for using this package for some domains that require certain certifications.

The hosting environment

Shinyapps.io

The free service we use for hosting a surveydown survey is shinyapps.io, which is not HIPPA compliant. According to the Posit Documentation on Security and Compliance for shinyapps.io:

shinyapps.io is currently hosted on Amazon’s Web Services (AWS) infrastructure in the us-east-1 region. The infrastructure used is not the HIPAA-compliant stack, so if you need to be in a HIPAA-compliant environment, we recommend deploying and operating your own Posit Connect or Shiny Server Open Source instance.

This means that if you require a HIPPA compliant hosting service, we recommend that follow Posit’s guidelines and deploy your own instance of Posit Connect.

Other Hosting Services

You can deploy shiny apps to other hosting services. Here are some guides for several other alternatives:

• Posit Connect Cloud
• Hugging Face
• Heroku

You can also install Posit Connect on your own server, which is the recommended approach for remaining compliant with any security protocols your organization requires.

Whatever hosting service you choose, please read carefully about the security implications of the environment you choose.

The data storage environment

We designed surveydown to be able to store data on any PostgreSQL database. This gives you flexibility on where you choose to store your data, and it is up to you to find a suitable host.

Fortunately, the default service we recommend using (Supabase) is actually SOC2 Type 2 and HIPPA compliant 🎉

As with the hosting service, please choose a data storage environment carefully and read about the security implications of the environment you choose.