Uploaded image for project: 'OASIS Classification of Everyday Living (COEL) TC'
  1. OASIS Classification of Everyday Living (COEL) TC
  2. COEL-165

Correcting data - GDPR review

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Labels:
      None
    • Environment:

      MMI

    • Proposal:
      Hide

      There are a number of privacy issues connected to GDPR and similar legislation that the spec need to accommodate, but enforcement seem out of scope. Therefore, I suggest added the following, non-normative text to the introduction to the MMI, Section 7.1:

      There are two important aspects of managing personal data that impact on implementations, namely the 'right to be forgotten' and the 'right to correct erroneous data.' The former is addressed by the Forget Consumer operation, section 7.2.12. For the later, it is recommenced in section 8.2.2 that Atoms be stored with a Reliability of less than 100%, thus allowing for later updates and corrections. However, in the event of erroneous 100% Reliable Atoms and erroneous Segment Data, it is recommended that all data for the Consumer be downloaded by the Service Provider, the old Consumer Forgotten (section 7.2.12) and a new Consumer created with the corrected data and Atoms.

      Show
      There are a number of privacy issues connected to GDPR and similar legislation that the spec need to accommodate, but enforcement seem out of scope. Therefore, I suggest added the following, non-normative text to the introduction to the MMI, Section 7.1: There are two important aspects of managing personal data that impact on implementations, namely the 'right to be forgotten' and the 'right to correct erroneous data.' The former is addressed by the Forget Consumer operation, section 7.2.12. For the later, it is recommenced in section 8.2.2 that Atoms be stored with a Reliability of less than 100%, thus allowing for later updates and corrections. However, in the event of erroneous 100% Reliable Atoms and erroneous Segment Data, it is recommended that all data for the Consumer be downloaded by the Service Provider, the old Consumer Forgotten (section 7.2.12) and a new Consumer created with the corrected data and Atoms.
    • Resolution:
      Hide

      Section added to 7.1.

      Show
      Section added to 7.1.

      Description

      GDPR requires the the ablity to correct data so I think privacy-by-design requires this to be baked into the standard. We discussed the ability to write a 100% certainty atom to make a correction but what if it is already 100% or we are correcting a correction?

      The other issue area is the segment data that cannot be added/changed after first registration. This is also an issue for people who move home countries.

        Attachments

          Activity

            People

            • Assignee:
              dsnelling David Snelling
              Reporter:
              josslangford Joss Langford [X] (Inactive)
            • Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: