GDPR Support (Later)
(UXPROD-1641)
|
|
| Status: | Open |
| Project: | UX Product |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None | Parent: | GDPR Support (Later) |
| Type: | New Feature | Priority: | P3 |
| Reporter: | VBar | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | gdpr, privacy | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||||||
| Potential Workaround: | HK - Not code needed for this. Technical documentation needs to be created for all FOLIO applications that clearly define the data used by each of the applications. | ||||||||||||
| Epic Link: | GDPR Support (Later) | ||||||||||||
| Front End Estimator: | VBar | ||||||||||||
| Back End Estimate: | XL < 15 days | ||||||||||||
| Back End Estimator: | VBar | ||||||||||||
| PO Rank: | 104 | ||||||||||||
| PO Ranking Note: | CB: Ranking same as calculated | ||||||||||||
| Rank: BNCF (MVP Feb 2020): | R1 | ||||||||||||
| Rank: Chalmers (Impl Aut 2019): | R1 | ||||||||||||
| Rank: Chicago (MVP Sum 2020): | R4 | ||||||||||||
| Rank: Cornell (Full Sum 2021): | R4 | ||||||||||||
| Rank: Duke (Full Sum 2021): | R4 | ||||||||||||
| Rank: 5Colleges (Full Jul 2021): | R2 | ||||||||||||
| Rank: FLO (MVP Sum 2020): | R2 | ||||||||||||
| Rank: GBV (MVP Sum 2020): | R4 | ||||||||||||
| Rank: hbz (TBD): | R1 | ||||||||||||
| Rank: Hungary (MVP End 2020): | R1 | ||||||||||||
| Rank: Lehigh (MVP Summer 2020): | R4 | ||||||||||||
| Rank: Leipzig (Full TBD): | R1 | ||||||||||||
| Rank: Leipzig (ERM Aut 2019): | R5 | ||||||||||||
| Rank: TAMU (MVP Jan 2021): | R4 | ||||||||||||
| Rank: U of AL (MVP Oct 2020): | R4 | ||||||||||||
| Description |
|
Compliance to GDPR's privacy requirements is achieved in Folio though retaining all user personal data within the User Domain. Typically, pre-anonymised user data will be provided to other domains such as circulation. However, resolved user data must be delivered outside the domain, if only for the purposes of presentation. This implies that there exists user interfaces that reveal the user personal data. Therefore, there is the potential that personal data could leak outside the user domain. In order to create a trail for any future audits or investigation, a registry is used to identify and record which other system components access personal user data. Estimates from stories: |
| Comments |
| Comment by Cate Boerema (Inactive) [ 05/Sep/18 ] |
|
Removing the Q3 2018 fix version as this feature will not make that release. |