...
Colin will use a Kantara MOU template to strawman up the broad approach.
IDESG and KI call to discuss the IDEF-SAC mapping March 10th.
Meeting Notes:
- Andrew and David recounted the approaches used by each team to analyse, review and comment on the mapping
- We looked at each item that TFTM had further questions about, notes on each one follow: 1) INTEROP-2 - Kantara should indicate in the S3A that if the CSP intends to apply for IDEF Registry listing that they include an answer to INTEROP-2 in their S3A 2) INTEROP-3 - this is a trigger on IDESG side - if an applicant to the Registry is using a non-listed standard this should trigger IDESG to put the standard through the normal evaluation process 3) PRIVACY-3 - Kantara should review data minimization criteria to see where this is handled - “Partial” might be possible instead of N/A 4) PRIVACY-15 - The IDEF requirements is relevant to the transaction. David explained the context that he expects -> Data Minimization. Andrew requested that IDESG review and update their requirement and supplemental guidance for P15. David noted that there is no supplemental guidance for the Privacy requirements. ACH asked David to send info to Kantara about how other CSPs have done this and Kantara can recommend to CSPs.