Qualification PIT Evidence Obfuscation


security.jpg

Code Bodies are aware that Live Meter Point Administration Numbers (MPANs) may be used for Non-Systems Integration Testing (SIT) Pre-Integration Testing (PIT) Qualification Testing. However, Code Bodies would like to remind participants that MPANs are considered Personal Identifiable Information (PII) and cannot be shared in Test Reports, Evidence, Logs, or Images shared for PIT evidence review.

It is the participant’s responsibility to ensure that all evidence shared with the Qualification Testing Team and Code Bodies is properly anonymised/obfuscated whilst ensuring that the content can be verified.

For PIT Reports and Test Evidence:

  • The participant shall remove or obfuscate the MPAN Core, as per the diagram below
  • For image files, the participants can blur or overlay the unique identifier with any colour graphic shape (e.g. a white rectangle covering the unique identifier digits)   
  • The same obfuscation approach shall be applied for Domestic and Non-Domestic MPANs
  • Any additional PII such as names, addresses or energy consumption data should also be redacted/obfuscated

Further guidance on Test Data Anonymisation can be found in in Section 8 of the SIT Functional Test Data Approach & Plan available on the SIT Functional Test and Test Data Approaches  and Plans page of this website.

Code Bodies will include Test Data Anonymisation guidance in the next update to the PIT Guidance Document which you can find on the PIT page of this website. We'll let participants know via email and The Clock when the updated version is published.

Participants should also verify obfuscation standards with their respective Data Protection Officer (DPO).  

If you have any concerns about evidence that is not covered in email [email protected] 


Example of obfuscated data

PIT_Evidence.JPG