Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Date

04

Attendees

...

https://dukeuniversity.webex.com/join/jcc81

Goals

  • Classification of personal data sensitive reports

Discussion items

TimeItemWhoNotes

National Library of HungaryIngolf

The National Library of Hungary - go-live planned for end of 2020 - Will they install the FOLIO Reporting LDP at go-live and if so, will they need to do reports which contain personal data ? → Ingolf asks Lendvay Miklós


organization vendors dataIngolf

Vendors contact data (contact name, contact address, phone, email) are considered publicly available. In so far, GBV does not plan to do reporting on personal data. GBV/VZG will send a list of its top 5 reports to Nassib  (or to the Reporting SIG).

Ingolf asks Sven Markgraf if these are really not subject to GDPR compliance.


Fields to anonymizeThis group

Organization contact data need to be anonymized before they flow into the LDP.


in-app vs. LDP reportsThis group

Let's look at the question in-app vs. LDP reporting in a new way: The decision should be driven by functional requirements.

Let's go through Flagged FOLIO reports - privacy  (or RA Reports to cluster or both ?) again and decide from a functional perspective: Which of the reports which contain sensitive personal data should be made in-app, and which ones are really LDP reports ?

Meeting Notes

Present: 

Action items

  • Ingolf: speak to Miklos this coming week
  • Ingolf: remind GBV/VZG to send list of top reports when he sees them in person
  • Jira Legacy
    serverSystem JiraJIRA
    serverId01505d01-b853-3c2e-90f1-ee9b165564fc
    keyREP-148
    147 and 146: critical reports ranked by GBV which contain personal data: Ingolf to clarify this with GBV in Göttingen meeting next week,.
  • Ingolf go through https://dev.folio.org/reference/api/#mod-organizations-storage and make a list of fields which contain personal data.

...