User data privacy design and principles
  1. 1.
    Secure by default
    • Data must be stored and transmitted securely.
    • Access to data must be role-based and on a well-defined purpose.
  2. 2.
    Privacy by default
    • Identify PII (Personally Identifiable Information)
    • Encrypting PII data
    • Masking PII data where displayed
    • Audit log when unmasked PII is requested.
    • Users should be able to view a log of who viewed their data and for what purpose.
    • Remove or Hash PII data before sending data into analytical databases.
  3. 3.
    Ownership of data must reside with the user
    • Users should be able to view their data.
    • Users should be able to request corrections to their data with appropriate proof.
  4. 4.
    • User consent to use data should be taken explicitly and stored.
    • Users should be able to withdraw their consent at any time.
    • Users should be able to request for deletion of their data.
  5. 5.
    Purpose limitation
    • The purpose for all data stored about the user must be defined and published.
All content on this page by eGov Foundation is licensed under a Creative Commons Attribution 4.0 International License.