Interop Req 7

From IDESG Wiki
Jump to: navigation, search

<< Back to Baseline Functional Requirements Index

INTEROP-7. USER REDRESS

Entities MUST provide effective redress mechanisms for, and facilitation on behalf of, USERS who believe they have been harmed by the entity's failure to comply with the IDESG Baseline Requirements.

SUPPLEMENTAL GUIDANCE

"Effective" in this Requirement means that use of the redress mechanism will result in a timely correction of errors, resolution of the dispute or complaint, and the process shall not be overly burdensome or complex.

Resolution of disputes shall be conducted in a fair and consistent manner. Where feasible, further mechanisms for USERS to seek redress can be instituted through the use of internal or independent THIRD-PARTY services (i.e. ombudsmen, etc.)

Entities must provide to USERS the source of any verification or information that leads to an eligibility, authentication or authorization decision. If USERS seek redress, they must be provided with a mechanism to dispute or change erroneous information at the source of the information.

If credentialing is denied or a credential is revoked from a USER, justification for that decision should be presented along with the source of any information that contributed to that decision.

Note: Intermediaries may not have a direct relationship with USERS who move through their systems, but should facilitate endpoints' ability to conform to this requirement. See the IDESG Functional Model for definition of “Transaction Intermediation,” which describes it as “Processes and procedures that limit linkages transactions and facilitate credential portability.” This includes functions defined as “Blinding”, “Pseudonymization/Anonymization,” and “Exchange.” Entities should provide a mechanism for redress and include the ability to correct or otherwise address any issues USERS may have. Pathways for redress should be clear and available to the user throughout the process.

A redress mechanism should be considered must-see-this-first information in a first encounter and then provided as appropriate to the USER in a consistent manner thereafter.

Please note that INTEROP-5 (DOCUMENTED PROCESSES) applies to this Requirement.

Regarding "redress", see Appendix A.

REFERENCES

Consult USABLE-4 (NAVIGATION) supplemental guidance for additional considerations that apply to redress. Consult the UXC resources wiki page for examples; an archived copy is available at: https://workspace.idesg.org/kws/public/download.php/60/UXC-Resources.docx

APPLIES TO ACTIVITIES

REGISTRATION, CREDENTIALING

KEYWORDS

ACCOUNTABILITY, COMPLIANCE, INTEROPERABILITY, POLICIES, REDRESS, RISK



Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |