Search results

===Use Cases=== *[[Emergency Contact Information Use Case]]

...s this plan lays out how to address specific community needs for security, privacy, interoperability and user experience. It is expected that all communities ...nd best practices to manage cybersecurity-related risk. One example of the use of vertical industry profiles of this framework may be found by following t

# Creation of a profile for the use of the [[UXC NSTIC Principles]] in the US Healthcare community. ...it has been tried. (It has only worked where some enterprise required its use.)

==Full Title of Use Case== ...patient with a trusted identity which confirms that they subscribe to the privacy regulations of the trust provider.

'''Use Case Description''': ...pseudonymous identity, match names between systems, verify attributes with privacy protection]

Use cases for Consideration January 10, 2017 Foundation for Use Case Development: IDESG Guiding Principles and Platform Services

...t have established a repertory of regulations and guidelines that focus on privacy and seek to achieve two sets of goals that create tension among designers a There are a variety of use cases that most of us experience on a steady basis that need to establish as user

Privacy, Trust/Assurance, Interoperability ==When to use this Pattern (Context)==

In some ways this is similar to existing use case that discuss privacy enhancing technology, but the purpose is quite different. Privacy, Trust/Assurance, Interoperability

# The user gets to select which of their identifiers they wish to use with the web site. *Regulatory and commercial pressures on Web Site to increase user privacy are mounting.

In some ways this is similar to the existing use case that discusses privacy enhancing technology, but the purpose of the pattern is limited to the attr Privacy, Trust/Assurance, Interoperability

** The report on '''The Secretive Company That Might End Privacy as we Know it''' received more reader attention than any reports on the Im ...s Act Final Rule] which supports seamless and secure access, exchange, and use of electronic health information

...fact that many people do. We have seen many cases, and one of the symbolic cases is the death of a 23-year-old reality TV actress who was stormed by a mob o ...start with, this will likely enlarge the gap. This is what we know of as “Privacy Invasion”. It makes this person less happy.

**This includes comments relating to the economic, privacy, security, environmental, energy, or federalism impacts that might result f ...cument on [[Mobile Driver's License]] for a view that includes issues like privacy and consent, which are not addressed here.

...iving care and the one that "owns" the rights to the information. (In some cases the patient allows other users access to their PHI.) ===Identifers use within the Ecosystem===

[[Digital Travel Credentials]] with a focus on Health Credential Use Case. * The use cases are not dependent on a nation-wide repository, but can work with any region

Use case for the mobile driver's license as identity proofing credential in hea ==Privacy Concerns==

...t_slGbDmyjaKOtoxOLKkg9g9yTI9nM/edit#heading=h.tm3ctucmk6y1 Report from the Privacy & Identity Protection in mobile Driving License ecosystems Discussion Group ...[https://mail.google.com/mail/u/0/#inbox/FMfcgxwKjTXmMRsgNsdGtNvFkrBGgbrM privacy-preserving features in Android's Mobile Driving License framework] includin

...view of this Identity Wiki extends to the use cases across a range of use cases. This wiki page focuses on the interactions of the patient and their guardi * The majority of the focus will be on the use of a smart phone by the patent to provide a high assurance identifier from

===Use Cases=== ...enough to collect their “consent”. That’s actually not the case. Obtaining privacy consent has very high bar partly because that is the exception mechanism th

* This use case was written as the 21th Century Cures act was approved in 2020-05-01 f ...should be able to down load data from and EHR to the patient. The primary use case will focus on that decision by the EHR to allow downloads.

...a consumer may author/publish their privacy preferences as a self-declared Privacy Consent Directive.</blockquote> ...often itself necessary to protect. The need to protect the privacy of the privacy statement itself competes with the execution of the consent statement. For

Privacy and terms of use policy infrastructures on the and for the democracy, and protecting privacy for

==Full Title of Use Case== * The test use case will be a patient that desires to transfer personal healthcare informa

==Full Title of Use Case== ...download or upload medical records, including records with a high level of privacy sensitivity.

...users) with their PHI and their [[UXC Dictionary|Consent]] as to permitted use. ...iving care and the one that "owns" the rights to the information. (In some cases the patient allows other users access to their PHI.)

...d be only for the duration of a session, but all current IDEF profiles use cases are longer than that. ...irected, which seems to be consonant with the spirit of the GDPR and other privacy regulations that discuss usability.

...ey get to have as many identifiers as the want and can select which one to use with which provider. * This wiki page is derived, in part, from the [[Privacy Enhanced by User Agent]] created by Tom Jones in September 2013.

...cy requirements which are more restrictive than any general state mandated privacy requirements. ...imary use case is smart phones running iOS or Android operating systems in use by the patient or their guardian.

## Testing must include all 4 IDEF components of: Security, Privacy, User Experience and Interoperability. ...online and be able to download it and and share it with others. In those cases trust must be established and shared within the ecosystem by digital means.

...be able to provision one. See his evolving work with the emergency contact use case at http://controls.azurewebsites.net ...ng the Ambient Trust Commons: The Economics of Online Consumer Information Privacy] and inspiring a huge amount of discussion and thinking on the Project VRM

==Full Title of Use Case== ...other practice with respect to competence and compliance with appropriate privacy practices.

==Full Title of Use Case== ...ately address patient data or other providers, like lab services, that may use the same or different EHRs.

==Full Title of Use Case== * This use can can easily be extended to other sources of user-provided information, b

Health IT Record Location Service Use Case ==Use Case Description==

**Tom discussed the User Identity Privacy Risk Levels he put together. They are Anonyous, Pseudonymous, Weakly Authe **For an indication to the user of the current privacy status

**Tom Jones asked to include a discussion about how to explain to a user what privacy state they are in. * How do we tell the user what their privacy state is? Mary noted that this is a critical piece for a RP – and it is

...ween different entities/roles (IdP, RP, User, etc.) that require different privacy, security, UX and other considerations. ...r deriving requirements – like security requirements, UX requirements, and privacy requirements, so on.

'''Use Case Description''': ...er's PII, this use case describes a process for informing the user of such use or disclosure.

== Use Case Metadata == ====Use Case Lifecycle Status====

...an inter-operable identity commonly used across identity systems, via the use of common standards used by identity providers and relying parties in order ...user has the right to know what data is held about them and to control the use of that data.

...ed at an Identity Provider (IdP). This has lead to a back-lash against the use of the term identity in the technical community. This model uses the term Identifier in places where other models use the term Identity for reasons that should be clear towards the end of the

'''Use Case Description''': '''Use Case Category''':

'''Use Case Description''': ...cosystem Framework must offer individuals better means of protecting their privacy by establishing clear rules and guidelines based upon the FIPPs.]

...been proposed in the [[Functional Requirements]]. This page describes the use of design patterns for user experiences in parts of an Identity Ecosystem a The rationale for the use of patterns as the building blocks for the identity ecosystem was made nice

'''Please note,''' that this is not a Use Case, but at this time the IDESG do not have a process for documents like t '''Title''': IDESG Baseline Process Use Case (Example: IDBL - 0.2468)

2) Plenary requested report for Use Case deliverable breakout for Use Case<br /> ...recommended that Plenary Use Case report inspired direction for future Use Cases that show the enhanced business case for IDESG<br />

==When to use this Pattern (Context)== This design pattern assumes the use of a device connected to internet service providers as described in the [[C

== Use Case Metadata == A general use case which all other use cases can depend (unless they chose not to.)

'''Use Case Description''': ...pseudonymous identity, match names between systems, verify attributes with privacy protection]

<center>'''Smedinghoff: Federated Identity Management: Balancing Privacy Rights, Liability Risks and the Duty to Authenticate'''</center> <center>'''Liberty Alliance Privacy and Security Best Practices'''</center>

<center>'''Smedinghoff: Federated Identity Management: Balancing Privacy Rights, Liability Risks and the Duty to Authenticate'''</center> <center>'''Liberty Alliance Privacy and Security Best Practices'''</center>

Use cases or user experiences can be created at any level within the taxonomy of requ This requirements doc is informed by the efforts of the use case and user experience committee.

== Use Case Metadata == ====Use Case Lifecycle Status====

'''Use Case Description''': ...ites, either internal or external to the employer's enterprise. While this use case focuses on the employee-employer relationship, it would work equally w

...s discussion – topics are proceeding, Adam will post Sal’s meeting notes. Use case selection to be discussed later today. #Gap Analysis – 14 current use Cases will be examined using gap analysis templates (on-line wiki sources), or ot

#**Without another plan, could present the state of work related to use case analysis relative to draft functional elements. ...elements, and potential definitional/consistency concerns between the use cases and functional elements. We will attempt to start addressing these by worki

== Use Case Metadata == ====Use Case Lifecycle Status====

'''Use Case Description''': ...pseudonymous identity, match names between systems, verify attributes with privacy protection]

== Use Case Metadata == ...d to encourage comments from the community regarding technical, standards, privacy, and usability issues that appear to be relevant.</small>

# The terms of use of each Trustmark will evolve as user and regulatory understanding grows. ==When to use this Pattern (Context)==

This use of the concept of Trusted Third Party here is limited to a digital entity o ...suring that the service provider cannot discover their real identity. Some cases include health related lab tests, minors under the age of consent or people

...y capability for users to help them select appropriate providers for their use. An example design shows that the user-oriented and service-oriented functi ...oes need to be described in any specification of trust frameworks. In some cases it is the guardian of the user that needs to be involved in the trust decis

...ted in accordance with the [https://www.idecosystem.org/filedepot?fid=1090 Privacy Evaluation Methodology]. | OpenID Connect || [[Standards]] || 8 October 2015 || Privacy issues; no objection || 5 January 2016

== Use Case Metadata == Privacy enhancing technology generic use case. In some ways this is similar to the functional models produced in oth

== Use Case Metadata == Privacy enhancing technology provided by an agent under the user's control.

'''Title''': Privacy-Preserving Accessibility Support '''Use Case Description''':

The goals set out the needs and constraints on an example for use by a Relying Party (RP) systems design. ...ncing technology is used to prevent linkage between different instances of use of the internet.

'''Use Case Description''': '''Use Case Category''': Identity

...pseudonymous identity, match names between systems, verify attributes with privacy protection] Use Case Category:

'''Use Case Description''': '''Use Case Category''': Trust/Assurance, Authentication, Interoperability, Privacy

'''Use Case Description''': This use case describes an educational institution as a PIV-I Electronic Credential

'''Use Case Description''': ...pseudonymous identity, match names between systems, verify attributes with privacy protection]

Online Safety for Democracy Activists Use Case '''Use Case Description''':

...policy language. XACMLv3 Profiles support a variety of access-control use-cases. The Profiles nominated here are all approved as OASIS Standards or OASIS C '''Privacy''':

'''Use Case Description''': ...iple of the envisioned Identity Ecosystem. The Identity Ecosystem will use privacy-enhancing technology and policies to inhibit the ability of service provide

'''9/22/14 [[Privacy Requirements]] Working Group Meeting Notes''' ...esented by Stoporoff) concerned with retroactive application of a new data use. Before material changes happen, consumers should have to opt-in.

'''Use Case Description''': ...pseudonymous identity, match names between systems, verify attributes with privacy protection]