https://wiki.idesg.org/index.php?action=history&feed=atom&title=Privacy_Req_5_Supplemental_Guidance 2026-05-26T14:13:58Z Revision history for this page on the wiki MediaWiki 1.38.4 https://wiki.idesg.org/index.php?title=Privacy_Req_5_Supplemental_Guidance&diff=5863&oldid=prev 2018-06-28T04:03:03Z

<p>1 revision imported: Initial Upload of old pages from IDESG Wiki</p> <p><b>New page</b></p><div>{{Under Construction}}<br /> <br /> &#039;&#039;&lt;&lt; Back to [[Privacy_Req_5|Privacy Requirement 5]]&#039;&#039;<br /> <br /> These links are provided as additional informative resources relevant to parties conducting self-assessments (and other identity stakeholders) when applying and evaluating IDEF Baseline Requirement PRIVACY-5.<br /> <br /> === Supplemental Information ===<br /> <br /> Collection of personal information from repeated data transactions, which can be associated to form a larger body of knowledge about individuals, increases their privacy risk if the aggregated data exceeds the amount and nature needed for the original purposes of collection. <br /> <br /> === References and Guidance (non-normative) ===<br /> <br /> * PbD De-identification Center, https://www.privacybydesign.ca/index.php/de-identification-centre/ <br /> * See also the definition of &quot;data aggregation&quot; in § 164.501, and the discussions about the use of identified versus de-identified data in § 164.514(a),(b) and § 164.502(d), of the HIPAA regulations for health care transactions, 45 CFR Part 164: http://www.ecfr.gov/cgi-bin/text-idx?node=pt45.1.164&amp;rgn=div5 <br /> * See OASIS Privacy Management Reference Model (PMRM) v1.0: Section 4.2 (&quot;Service Details&quot;).</div>

Omaerz