Safety
Offline Files and Privacy
How to handle EMS LAN snapshot files as sensitive operational records.
Protect The Sensitive Part First
Use this guide when event work may happen on local devices, offline files, or LAN-only tools instead of the live online dashboard. In this guide, Offline Files and Privacy narrows that work to how to handle EMS LAN snapshot files as sensitive operational records. Because this is a safety page, read it as part of the EMS LAN learning path rather than as an isolated checklist.
EMS LAN keeps an event moving when internet access is unreliable, but it also creates a second place where event records can change. Read the page for the decision it helps a person make, then use the steps and checks as a steady path from context to action to proof.
What Needs Protection
This page is about reducing harm before offline files, roles, devices, or private records are handled. Read it before speed or event pressure pushes the team into shortcuts. The intended readers are LAN operators and Event leads. If the guide names a dashboard route, service area, export, or record type, treat that name as a pointer to real operational responsibility.
- Primary surface or service: /rego/events/manage/offline-snapshot?id=:eventId.
- Records or contracts involved: Snapshot files and Audit history.
- Main care point: Watch for losing track of which file, device, person, or import is trusted while attendee, staff, inventory, POS, or check-in records change offline.
- Proof worth keeping: event ID, snapshot filename, export time, device owner, import summary, sync-history entry, reconciliation count, and supervisor note.
Check Custody Before Continuing
- Name the sensitive file, role, device, or record: Begin by naming the EMS LAN situation, the owner, and the exact item involved in Offline Files and Privacy.
- Confirm who is allowed to hold or change it: Use /rego/events/manage/offline-snapshot?id=:eventId to connect the words on the page to the screen, file, service route, or record that people actually use.
- Record custody and approval before the next step: Keep Snapshot files and Audit history in view so the work stays tied to the records or contracts it can affect.
- Escalate gaps before the event depends on the result: Before handing off, save proof such as event ID, snapshot filename, export time, device owner, import summary, sync-history entry, reconciliation count, and supervisor note so the next lead can tell which file and device state are trusted.
The Work Is Safe Enough To Continue When
You are ready to use the rest of this page when the purpose, owner, affected information, and proof are all clear enough for a second person to review.
- Scope is named: The work is tied to the correct page, event, report, route, file, person, or record.
- Impact is understood: The operator can explain the effect on offline files, check-in access, staff rosters, inventory counts, POS totals, and import history.
- Proof is findable: The handoff points to evidence that the next lead can tell which file and device state are trusted.
End-to-end operator runbook
Use this numbered runbook whenever a snapshot file exists.
- Step 1 - Identify the person, device, file, and event. Confirm the file name, event ID, export time, owner, and storage location. This identifies the sensitive file.
- Step 2 - Limit access before work starts. Check who is allowed to hold, copy, upload, or delete the file. This limits access.
- Step 3 - Apply the control rule. Store and transfer the file only through approved event operations paths. This avoids uncontrolled copies.
- Step 4 - Treat exceptions as incidents. If the file is lost, copied, sent to the wrong person, or found on an unknown device, escalate immediately. This treats exposure seriously.
- Step 5 - Record custody or deletion proof. Record file custody changes and final file disposition. This gives future reviewers a trail.
- Step 6 - Return authority to the event lead. Delete, archive, or retain files only according to policy after reconciliation. This closes the privacy risk.
File handling rules
- Action 1. Label files with event ID and export time. Confirm the event ID, file, or device state before continuing.
- Action 2. Keep only the approved active copy. Check the offline proof before moving on.
- Action 3. Do not rename away event ID or timestamp. Keep the sync history or import summary visible.
- Action 4. Delete old test exports. Confirm the event ID, file, or device state before continuing.
- Action 5. Report any uncontrolled copy. Check the offline proof before moving on.