Input into Personal Data Use Record Effort for Interoperability

Owned by Mark Lizar (Unlicensed)
Last updated: Mar 29, 2020
2 min read

How does this project fit with the strategy?

Information Sharing Interoperability Charter

This is input from the V2 effort into th framework effort. 

Interoperability,  privacy regulations and contracts use separate law for Data Governance. 

Interoperability Proposal 

Team

Project owner: Mark Lizar (Unlicensed)


Team members Invited: 

Developing a single use case example:  providing the focus of  interop activities amongst projects in Kantara

inviting shared leadership and Kantara collaboration

Status

PENDING INITIATION Proposed input from V2 into Framework effort 

Proposed call -see purpose use record project 

Personal Data Use Receipt Framework



Problem space

Why are we doing this?


For consent to scale, organisations need contracts for processing by third parties, and subsequent sub-processing.  When things change in the data processing supply chain, there are contexts when both the controller and the individual need transparency over sharing, disclosure or access to personal information.  (types of data portability)

Objective Measure

  • Providing systems with the capacity to generate human trust, because people can see that they can exercise control.    (two factor trustworthiness) 

Problem statement

For personal data control, the consent record provides a staring point with the person's consent as the point of providence for personal data; disclosure, sharing and access by systems. 

Depending on the context the type of information flow needs to be employed. Beyond consent, there is a need for a personal data processing receipts for contract based data governance framework to be interoperable with consent.

The solution to this problem needs to take into account multiple types of consent, and multiple data processing statutes in a single context, and even multi-state syncing, which is done by the individual themselves, to be able to control personal data in context. 


Impact of this problem

Human to service, rather than service to human approach to data control is a critical issue. Lack of usable Consent, to prove and control personal data prevents people form using consent to control personal data once permission for access, sharing  and disclosure has been provided. 


How do we judge success?

This project will be a success when it has created:

What are possible solutions?

  • A single use case for all projects in Kantara to use to generate receipts for data governance 
  • an invitation to interop -

Validation

What do we already know?

What do we need to answer?

Ready to make it

What are we doing?

A single use case for 

Why will a customer want this?

Visualize the solution

Scale and scope


Learn more: https://www.atlassian.com/team-playbook/plays/project-poster

Copyright © 2016 Atlassian

Creative Commons License
This work is licensed under a Creative Commons Attribution-Non Commercial-Share Alike 4.0 International License.