Links

Privacy

  1. 1.
    Secure by default
    1. 1.
      Data must be stored and transmited securely.
    2. 2.
      Access to data must be role based and on well defined purpose.
  2. 2.
    Privacy by Default
    1. 1.
      Identify PII
    2. 2.
      Encrypting PII Data
    3. 3.
      Masking PII Data where displayed
    4. 4.
      Audit Log when unmasked PII is requested.
    5. 5.
      User should be able to view log of who viewed their data and for what purpose.
  3. 3.
    Ownership of Data must reside with the user
    1. 1.
      User should be able to view their data.
    2. 2.
      User should be able to request correction to their data with appropriate proof.
  4. 4.
    Consent
    1. 1.
      User consent to use data should be taken explicitly and stored.
    2. 2.
      User should be able to withdraw the consent at anytime.
    3. 3.
      User should be able to request for deletion of their data.
  5. 5.
    Purpose Limitation
    1. 1.
      Purpose for all data stored about the user must be defined and published.
All content on this page by eGov Foundation is licensed under a Creative Commons Attribution 4.0 International License.
All content on this page by eGov Foundation is licensed under a Creative Commons Attribution 4.0 International License.