Privacy Req 1: Difference between revisions

From IDESG Wiki
Jump to navigation Jump to search
(→‎SUPPLEMENTAL GUIDANCE: updated for phase II)
 
m (25 revisions imported: Initial Upload of old pages from IDESG Wiki)
 
(5 intermediate revisions by one other user not shown)
Line 13: Line 13:
The boundaries of a TRANSACTION between an entity and a user are defined during the interchange where the user is identified to the entity (for example from signin to signout of the user.) See [[Privacy Req 2|PRIVACY-2 (PURPOSE LIMITATION)]].
The boundaries of a TRANSACTION between an entity and a user are defined during the interchange where the user is identified to the entity (for example from signin to signout of the user.) See [[Privacy Req 2|PRIVACY-2 (PURPOSE LIMITATION)]].


See also [[Privacy Req 1 Supplemental Guidance]].
=== Supplemental Information ===
 
IDENTITY PROVIDERS and RELYING PARTIES which employ intermediaries are responsible for the actions of those intermediaries on their behalf, MUST implement protocols that mitigate the risk of intermediaries collecting personal information.  See [[Interop_Req_8|INTEROP-8]] and [[Interop_Best_Practice_E|INTEROP-BP-E]].


=== REFERENCES ===
=== REFERENCES ===
Further reference materials to aid organizations interested in conforming to these Requirements can be found at the wiki page [[Supplemental Privacy Guidance]]; this has been archived at https://workspace.idesg.org/kws/public/download.php/56/Supplemental-Privacy-Guidance.docx
References and Guidance (non-normative)
 
* See ISO/IEC 29100 (2011) Privacy Framework, Section 5.5 ("Data minimization"). 
* See the HIPAA regulations for health care transactions, 45 CFR Part 164, at §§ 164.502(b) and 164.514(d):  "minimum necessary" disclosure standard.
* See AICPA/CICA Privacy Maturity Model based on GAPP [Collection 4.1.X] (chart)
* See Privacy & Biometrics: Building a Conceptual Foundation: Data [p46], Audit [p47].
 
Further reference materials to aid organizations interested in conforming to these Requirements can be found at the wiki page [[Privacy References and Guides]]; this page is a living document from the Privacy Committee, and as such will be added to over time. It has been archived at https://workspace.idesg.org/kws/public/download.php/56/Supplemental-Privacy-Guidance.docx


=== APPLIES TO ACTIVITIES ===
=== APPLIES TO ACTIVITIES ===
[[IDEF Functional Model REGISTRATION|REGISTRATION]], [[IDEF Functional Model CREDENTIALING|CREDENTIALING]], [[IDEF Functional Model AUTHENTICATION|AUTHENTICATION]], [[IDEF Functional Model AUTHORIZATION|AUTHORIZATION]], [[IDEF Functional Model INTERMEDIATION|INTERMEDIATION]]
[[IDEF Functional Model REGISTRATION|REGISTRATION]], [[IDEF Functional Model CREDENTIALING|CREDENTIALING]], [[IDEF Functional Model AUTHENTICATION|AUTHENTICATION]], [[IDEF Functional Model AUTHORIZATION|AUTHORIZATION]], [[IDEF Functional Model INTERMEDIATION|INTERMEDIATION]]
=== APPLIES TO ROLES ===
Relying Parties, Identity Providers, Attribute Providers, Intermediaries, Credential Service Providers (where there is user interaction) <br>


=== KEYWORDS ===
=== KEYWORDS ===

Latest revision as of 04:02, 28 June 2018

<< Back to Baseline Functional Requirements Index

PRIVACY-1. DATA MINIMIZATION

Entities MUST limit the collection, use, transmission and storage of personal information to the minimum necessary to fulfill that transaction’s purpose and related legal requirements. Entities providing claims or attributes MUST NOT provide any more personal information than what is requested. Where feasible, IDENTITY-PROVIDERS MUST provide technical mechanisms to accommodate information requests of variable granularity, to support data minimization.

SUPPLEMENTAL GUIDANCE

Regarding "personal information," see Appendix A.

This requirement limiting the collection, use and storage will apply to every transaction where user private information is exchanged. [Entities are encouraged to address this issue by design, before run time, by limiting or applying controls or filters to classes of data.]

This requirement limiting the provisioning of personal information applies to the entire lifetime of data on the entity’s site.

The boundaries of a TRANSACTION between an entity and a user are defined during the interchange where the user is identified to the entity (for example from signin to signout of the user.) See PRIVACY-2 (PURPOSE LIMITATION).

Supplemental Information

IDENTITY PROVIDERS and RELYING PARTIES which employ intermediaries are responsible for the actions of those intermediaries on their behalf, MUST implement protocols that mitigate the risk of intermediaries collecting personal information. See INTEROP-8 and INTEROP-BP-E.

REFERENCES

References and Guidance (non-normative)

  • See ISO/IEC 29100 (2011) Privacy Framework, Section 5.5 ("Data minimization").
  • See the HIPAA regulations for health care transactions, 45 CFR Part 164, at §§ 164.502(b) and 164.514(d): "minimum necessary" disclosure standard.
  • See AICPA/CICA Privacy Maturity Model based on GAPP [Collection 4.1.X] (chart)
  • See Privacy & Biometrics: Building a Conceptual Foundation: Data [p46], Audit [p47].

Further reference materials to aid organizations interested in conforming to these Requirements can be found at the wiki page Privacy References and Guides; this page is a living document from the Privacy Committee, and as such will be added to over time. It has been archived at https://workspace.idesg.org/kws/public/download.php/56/Supplemental-Privacy-Guidance.docx

APPLIES TO ACTIVITIES

REGISTRATION, CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION

APPLIES TO ROLES

Relying Parties, Identity Providers, Attribute Providers, Intermediaries, Credential Service Providers (where there is user interaction)

KEYWORDS

LIMITATION, MINIMIZATION, PRIVACY, PURPOSE



Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |