Consent Receipt V2 Agenda Items

 

During the development of the specification their are many items that have been tabled until the MVCR core is finished.

Items Tabled (til Sept 2016)

  1. should there be an - on behalf of, field in their for the PI Principal - just like there is for the Data Controller. ? Issue #13
  2. Inter-op (issue #18)

    • There is a project kit for finding the legal reference and notice requirements for each field relevant to your jurisdiction and legal context so that the receipt can scale. (Knowledge Base Link)
    • The fields themselves provide the minimum common consent policy template and the use of this specification as standard to make it and Open Consent receipt. Requiring the order of the fields to mandatory for the spec implementation to be compliant.
    • (note: The receipt is intended to perform if valid and responsive contact information is provided. Purpose, sharing policy links, frameworks are intended to be proportional to technology used to collect the PII. In so much that this MVCR is designed so that it can be used in a way that is an inter-operable as possible.
    • Optional fields are then listed to provide commonly required basic consent functionality, compliance and notice inter-operability across a diverse range of requirements.
  3. Purpose Categories - Fix the appendix list (add list to the wiki) engage stakeholders
  4. PI (PII) attributes, - should these be named or should  these or allowing to create your own attribute names?