https://wiki.idesg.org/index.php?action=history&feed=atom&title=Interop_Best_Practice_G 2026-05-06T09:57:13Z Revision history for this page on the wiki MediaWiki 1.38.4 https://wiki.idesg.org/index.php?title=Interop_Best_Practice_G&diff=3977&oldid=prev 2018-06-28T04:01:50Z

<p>21 revisions imported: Initial Upload of old pages from IDESG Wiki</p> <p><b>New page</b></p><div>&#039;&#039;&lt;&lt; Back to [[Baseline_Functional_Requirements_v1.0|Baseline Functional Requirements Index]]&#039;&#039;<br /> <br /> == INTEROP-BP-G. RECOMMENDED LEGAL COMPLIANCE ==<br /> When conducting [[IDEF Glossary DIGITAL IDENTITY MANAGEMENT FUNCTIONS|digital identity management functions]], entities SHOULD comply in all substantial respects with all laws and regulations applicable to those relevant functions.<br /> <br /> === SUPPLEMENTAL INFORMATION ===<br /> This best practice applies to digital identity management functions for entities that operate in a regulated industry or perform online transactions subject to specific statutory/regulatory requirements such as HIPPA and COPPA. Such regulated entities are responsible for determining themselves the laws and regulations that apply to their activities, but this requirement applies only to those laws and regulations that address identity management functions. This best practice only recommends that entities have assessed and confirm that they have made that determination, and are in compliance. Entities who conduct identity transactions with them simply ought to be able to rely on the assumption that their counterparty is operating in accordance with applicable laws. Absence of findings from examiners or other reviewers is an indication of compliance.<br /> <br /> === REFERENCES ===<br /> Some entities, and different classes of digital identity management transactions, may be subject to specialized or additional obligations by operation of law or regulation. Reference examples include: <br /> * Know Your Customer Requirements, USA Patriots Act sec. 326 <br /> * Health Insurance Portability and Accountability Act (HIPAA) regulations for certain healthcare personal and payment information <br /> * Children&#039;s Online Privacy Protection Act (COPPA) for entities whose transactions are governed by its requirements<br /> <br /> === APPLIES TO ACTIVITIES ===<br /> [[IDEF Functional Model REGISTRATION|REGISTRATION]], <br /> [[IDEF Functional Model CREDENTIALING|CREDENTIALING]], <br /> [[IDEF Functional Model AUTHENTICATION|AUTHENTICATION]], <br /> [[IDEF Functional Model AUTHORIZATION|AUTHORIZATION]], <br /> [[IDEF Functional Model INTERMEDIATION|INTERMEDIATION]]<br /> <br /> === KEYWORDS ===<br /> [[IDEF Keywords COMPLIANCE|COMPLIANCE]], [[IDEF Keywords INTEROPERABILITY|INTEROPERABILITY]], [[IDEF Keywords REGULATION|REGULATION]]<br /> ----<br /> ----<br /> Quick Links: [[SALS]] | [[Baseline Functional Requirements v1.0]] | [[Glossary]] |<br /> <br /> ----<br /> ----</div>

Omaerz