| update from last PC (Privacy SIG was mentioned), November, 4th Meeting | Peter | - A smaller group will reach out to others for acceptance criteria for code. Harry is going to lead that group.
- Concerns from the Privacy SIG on how compliance will be implemented were talked about.
- This goes further than the Technical Council's input.
- Also SysOps raised technical aspects.
|
| revisit the overall plan we came up with last time: What is PII and how can it be implemented? Perhaps we can come up with a cascade of basic principles, general solutions and abstract functional requirements. This might help SMEs, POs and developers to get acquainted with PII-privacy and concepts/requirements. - Finish SIG Charter
- Approval of Product Council.
- Compile list of FOLIO key groups and contacts, e.g. sysops.
- Finish general log file requirements. or better: log file standards
- Develop basic workflow for implementing privacy in the project at governance level and then module-specific implementation level. Will require presentations and conversations at both levels.
- Some topics, solutions include: GDPR requirements for correcting data and giving data to user upon request; keep data in only the module where it belongs; anonymization (remove), pseudo-anonymization contains key that needs to be thrown away. These are often confused.
| Adam, Carsten | - having the focus of this group on "privacy standards" instead of "privacy requirements" likely fits better within the FOLIO community
- talk about a "proposed standard" and request comments on it...
- Reordered the priorities
- we agreed upon the SIG-Charter (version at the end) and will come to a decision next meeting.
|