Is there a way to identify a user with a text field instead of an email? I would like to use user specific columns, and have users sign is with a username and password, but no email address so they aren’t worried about correlating data.
User email addresses are anonymised by default.
https://docs.glideapps.com/all/reference/security-and-per-user-data/email-anonymization
1 Like
Thank you for answering, I would like to ask a medical question and can’t have any PHI for HIPAA reasons
The username would be randomly generated
If the user email addresses are anonymised, then it is not possible to connect responses to your questions to any individual (unless you’re collecting other identifying information).
Does that not meet your requirement?
If you know their email address, then no. I’d have to ask you to sign a BAA in order to use your service (which wouldn’t happen). I understand it won’t be in my records by theory (though it seems like it could slip through).
Though I’ve just realized you’ll know their IP address, and could have analytics on them in the background so maybe it’s a moot point.
Sorry, I’m a bit lost. Who is the “you” that you are referring to?
Once again, if your requirement (as per your original question) is not to know your users email addresses - or have any way to find out - then email anonymisation achieves that goal.
Glide is not HIPAA compliant. Using Glide where HIPAA is a requirement is also prohibited: User Data Rules and Restrictions | Glide
2 Likes
I was originally asking if I could identify a user with a text field instead of an email, and I wanted to do that so I could use your service without needing HIPAA compliance. But in asking the question I realized that you know their IP address and the data they submit is viewable by you so it wasn’t going to make a difference anyways. You being Glide. Thank you for responding so quickly. Kate
Thank you, I didn’t see that!
Ah, okay. But I’m not Glide - I’m just a user, like you 
Thank you even more then! 
1 Like
It is worth noting that these anonymous emails are not aliases. They are just bits of text that do nothing, apart from not being actual email addresses. I realized this when I first started using Glide again … I imagined that users would get sent a message, that it would resolve ‘anonymous-puppy-catfish7@glide.com’ … but no.
What about using the fetch JSON column to display data?
This does not store it on glide servers, correct? Essentially I’d only be using glide to make the API call on the users end- which is secure.
@Darren_Murphy any thoughts on this?
I know nothing about HIPAA, so I’ll stay out of this one
Fair!
From your experience- does any of the data of the fetch JSON hit the glide servers in any way or does it appear directly on the users device only?
Fetch JSON would still be exposing API keys to the user, but it’s ran locally.
Call API would not expose keys, but you are still running data through glide servers.
1 Like
Yes, but if I use the hash256 function in Glide and use an intermediary such as make.com I should be totally fine, no?
Hash256 cant be decrypted. It’s a one way encryption, so I’m not sure how you would use it to transfer data in an encrypted way that is hidden from Glide. You could probably use some other form of encryption, but the keys would still be exposed to the end user, so not exactly secure.
1 Like