2016-02-08 (q) Meeting Notes - MVCR Dev

Date

Feb 08, 2016

Attendees

Goals

  • Discuss that Kantara is becoming or is already a quasi SDO - notice that we need to update the charter for each effort 
  • Ratifying the purpose of the MVCR specification and rolling it back to a simple receipt of consent - added json fields and the consent receipt generator to appendix 
  • Created a parking lot appendix for stuff cut but to be done after v1 is completed. 
  • Agreed to take out the Use Cases from the specification and to add them into another document which was added in GitHub. 
  • Changed reviewed fields to  the optional  fields and consolidated this under SHOULD fields into the spec

Questions that came up in the effort

if its a person do they need to have a PII Data controller listed?  

  • the receipt is assuming that this is for a privacy notice with a company that has privacy compliance requirements.  This has been added to the scope. 
    • we added a bit of text to the scope to cover this

Notes: 

  • Feedback  from Iain's implementation with CRM- 
    • Data categories don't work that well because crm systems dont work that well with categories 
    • 3rd party sharing didn't really make sense 
      • listing third parties and the data purpose of the third parties
    • Data Categories dont work as well as individual attributes would work -  this was added as issue in GitHub
    • Data Retention Period.Â