2016-02-08 (q) Meeting Notes - MVCR Dev

Date

Feb 08, 2016

Attendees

• Mark Lizar (Unlicensed)

• iainh1 NA (Unlicensed)

• John Wunderlich
• Former user (Deleted)

Goals

• Discuss that Kantara is becoming or is already a quasi SDO - notice that we need to update the charter for each effort 
  • Action: Mark Lizar (Unlicensed) getting more information on SDO status
• Ratifying the purpose of the MVCR specification and rolling it back to a simple receipt of consent - added json fields and the consent receipt generator to appendix 
• Created a parking lot appendix for stuff cut but to be done after v1 is completed. 
• Agreed to take out the Use Cases from the specification and to add them into another document which was added in GitHub. 
• Changed reviewed fields to  the optional  fields and consolidated this under SHOULD fields into the spec

Questions that came up in the effort

if its a person do they need to have a PII Data controller listed?  

• the receipt is assuming that this is for a privacy notice with a company that has privacy compliance requirements.  This has been added to the scope. 
  • we added a bit of text to the scope to cover this

Notes: 

• Feedback  from Iain's implementation with CRM- 
  • Data categories don't work that well because crm systems dont work that well with categories 
  • 3rd party sharing didn't really make sense 
    • listing third parties and the data purpose of the third parties
  • Data Categories dont work as well as individual attributes would work -  this was added as issue in GitHub
  • Data Retention Period.