Privacy
- 1.Secure by default
- 1.Data must be stored and transmited securely.
- 2.Access to data must be role based and on well defined purpose.
- 2.Privacy by Default
- 1.Identify PII
- 2.Encrypting PII Data
- 3.Masking PII Data where displayed
- 4.Audit Log when unmasked PII is requested.
- 5.User should be able to view log of who viewed their data and for what purpose.
- 3.Ownership of Data must reside with the user
- 1.User should be able to view their data.
- 2.User should be able to request correction to their data with appropriate proof.
- 4.Consent
- 1.User consent to use data should be taken explicitly and stored.
- 2.User should be able to withdraw the consent at anytime.
- 3.User should be able to request for deletion of their data.
- 5.Purpose Limitation
- 1.Purpose for all data stored about the user must be defined and published.
All content on this page by eGov Foundation is licensed under a Creative Commons Attribution 4.0 International License.
Last modified 7mo ago