enable the team to communicate with each other
make data available to the team
set up project tools
Usually, our project teams use GitHub (or GitLab) for collaboration. To request a repository in the CorrelAid GitHub or GitLab team, please proceed as followed:
in your project team channel, collect the GitHub (or GitLab) of all team members.
request a GitHub/GitLab repository by following this FAQ.
A GitHub / GitLab admin will help you as soon as possible.
It is important that project teams use Slack to communicate. Usage of alternative communication channels within the project team (email, messengers, ...) should be discouraged.
If you have not created a private Slack channel as part of the ideation phase, you should do so now. Invite or request to invite all project team members if they are not part of the CorrelAid Slack workspace yet and add them to the channel.
While our project teams usually use GitHub or GitLab for their project work, we use our NextCloud instance CorrelCloud for the initial data transfer from the organization to CorrelAid and from CorrelAid to the project team members.
Please ask one of the CorrelCloud administrators to invite your team members. For this, the admin will need their full names and email addresses.
You should be able to create a folder for your project within the CorrelCloud.
In this folder, you can store documents that can be accessible for all CorrelCloud users such the encrypted VeraCrypt container and certificates of participation.
For each project where the data cannot be shared via GitHub or GitLab, another folder has to be created outside of the CorrelCloud folder in the
04_projekte_data folder structure to share the raw data. This can only be created by the project coordination admins who are Manuel (@Manuel on Slack), Frie (@frie on Slack) and Sebastian (@sezulka on Slack). The project coordination admin then shares the created project folder with the project team.
If the data is in any way sensitive (personal data or sensitive non-personal data) the CorrelCloud should be used. In order to do so, you can create a secure file drop in the "secure" folder under 04_projekte_data (see above) where the organization can upload their data.
In your "secure" project folder (aka the one which is part of
04_projekte_data), create a new folder
Open the folder in the CorrelCloud web interface
Click on the "share" icon in the "breadcrumbs" of the folder (see screenshot below)
Create a share link with the following properties: "file drop (upload only)" and "password protect". Choose a secure password (e.g. by using a password generator or a passphrase). See screenshot below.
Copy the link by clicking on the copy symbol and send it to the NPO. In a second email, send the password.
Only if the data is not sensitive, other channels such as Google Drive or email can be used for the file transfer.
Make sure to inform your team members about the data privacy and security considerations for the project. If you are unsure about what applies to your project, ask the project coordinator - they should know this. Express yourself as clearly as possible in DO's and DON'Ts. For examples, please see here.
If encryption is necessary for your project, share this documentation page with them so that they can familiarize themselves with the options. A more detailed introduction to the tools should be part of the kickoff.
If the project has any data privacy requirements, the participants and the organization need to sign the declaration on data security.
You can download German and English templates here. They contain the requirements for the highest security setup (including the requirement to create a separate user account), so please make sure to adapt them to your specific project by removing passages not needed for your project. If you're unsure, ask your project coordinator or our data privacy expert Thomas (@Thomas on Slack).
If the data need to be encrypted, the project lead should set up a VeraCrypt container for the team to facilitate the onboarding process.
create a container using VeraCrypt. Make sure that it is big enough to hold the complete project.
mount the container
clone the GitHub / GitLab repository into the container
do any project setup steps you'd like (e.g. create RStudio project, add virtualenv configuration)
add a data/raw folder
if the data must not be committed to Git, add relevant files / folders to gitignore.
put in the data from the organization into data/raw. Make sure to follow good file naming principles. Add a README.md to the data folder and document the folder + file structure (e.g. with a screenshot from your data explorer).
The following Youtube video shows how this can be achieved (the order of the steps is slightly different but the outcome is the same):
Upload the VeraCrypt container file to the CorrelCloud folder for your team. Share the password to the container via a secure, encrypted communication channel: Signal or Keybase can be used, or you can share the password over a phone call.
If you have team members who do not need to use VeraCrypt because they have an encrypted home drive, you can also upload the data directory to the CorrelCloud folder (outside of the VeraCrypt container). This way, the team members without the VeraCrypt requirement can clone the repository from GitHub / GitLab and manually copy + paste the data folder from the CorrelCloud folder.