Privacy Req 3 Supplemental Guidance

From IDESG Wiki
Jump to navigation Jump to search
Error creating thumbnail: File missing
This article is under construction and should not be considered complete.
Last modified by Omaerz

<< Back to Privacy Requirement 3

These links are provided as additional informative resources relevant to parties conducting self-assessments (and other identity stakeholders) when applying and evaluating IDEF Baseline Requirement PRIVACY-3.

Supplemental Information

IDENTITY-PROVIDERS (and any other entities releasing attributes MUST provide the opportunity for attributes to be released as claims as well as detailed attributes; see also PRIVACY-1 on granularity of requests to support data minimization by requesters, generally.

Attribute providers may be required by their own business processes to collect and store, although not necessarily transmit, attributes in their attribute form, in which case significant alteration or filtering may be required when that data is re-used or transmitted to others.

References and Guidance (non-normative)