Date
Attendees
- Ingolf Kuss
- Joyce Chapman
- Nassib Nassar
...
https://dukeuniversity.webex.com/join/jcc81
Goals
Discussion items
Time | Item | Who | Notes |
---|---|---|---|
Tasks of the FOLIO Community to fulfill GDPR | Ingolf |
| |
Ingolf | Kopplungsverbot für Einwilligung in die Verarbeitung persönlicher Daten erklären "Explain coupling interdiction for the approval to the processing of personal data" "For a consent to be voluntary, the person concerned must have a real choice. In addition, the so-called "coupling ban" applies. Thus, a contract may not be made dependent on the consent to the processing of other personal data, which are not necessary for the operation of the business." Translated by Google from https://dsgvo-gesetz.de/themen/einwilligung/ | ||
Survey members about data privacy requirements | All | Sharon Beltaine had suggested that it would be a good idea to survey members about their data privacy requirements, so that these can be addressed either via LDP or other ways (anonymize vs. erase data, based on individual institutional requirements, and on compliance needs). After Ingolf's update on FOLIO's role in fulfilling data privacy requirements, we wondered whether a survey was required. If a configuration table is set up that anonymizes all personal data before it is transferred, then that would fulfill the stringent GDPR requirements, as well as any requirements of American libraries. We need Nassib's input on this. |
Meeting Notes
Ingolf summarized the three main issues:
...
Nassib suggested that all operational reports that require personal data should be in-app, with data stored in the main FOLIO database, and the LDP reports should not contain personal data. That way, we have a clean and efficient divide. However, the current list of requested LDP reports may include personal data, for business reasons. Our small group cannot decide by fiat which fields to erase before the data are sent to the LDP warehouse.
Action items
Make a list of all the fields containing personal data, from the user (and any other?) modules in the API documentation
...