Privacy Best Practice B: Difference between revisions
Mary Hodder (talk | contribs) (updated roles for Phase II) |
m (8 revisions imported: Initial Upload of old pages from IDESG Wiki) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 22: | Line 22: | ||
=== APPLIES TO ROLES === | === APPLIES TO ROLES === | ||
1 - [[IDEF Glossary RELYING PARTIES|RELYING PARTIES]] <br> | 1 - [[IDEF Glossary RELYING PARTIES|RELYING PARTIES]] <br> | ||
2 - [[IDEF Glossary IDENTITY PROVIDERS|IDENTITY PROVIDERS]] <br> | |||
3 - Attribute Providers <br> | |||
4 – Intermediaries <br> | 4 – Intermediaries <br> | ||
5 - Credential Service Providers (where there is user interaction) <br> | |||
---- | ---- | ||
Latest revision as of 04:02, 28 June 2018
<< Back to Baseline Functional Requirements Index
PRIVACY-BP-B. RECOMMENDED TECHNOLOGY ENFORCEMENT
Wherever feasible, privacy requirements and policies SHOULD be implemented through technical mechanisms. Those technical privacy controls SHOULD be situated as low in the technology stack as possible.
SUPPLEMENTAL GUIDANCE
Privacy controls are mechanisms that mitigate privacy risk. These may overlap with security controls.
REFERENCES
Further reference materials to aid organizations interested in conforming to these Requirements or best practices can be found at the wiki page Supplemental Privacy Guidance; this has been archived as of October 2015 at https://workspace.idesg.org/kws/public/download.php/56/Supplemental-Privacy-Guidance.docx.
APPLIES TO ACTIVITIES
REGISTRATION, CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION
KEYWORDS
ARCHITECTURE, POLICIES, PROCESS
APPLIES TO ROLES
1 - RELYING PARTIES
2 - IDENTITY PROVIDERS
3 - Attribute Providers
4 – Intermediaries
5 - Credential Service Providers (where there is user interaction)
Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |