1.8.X new requirements #1005
Comments
|
Just mapping it here. Current section Sensitive Private Data contains requirements like:
One related issue: #883 |
|
@elarlang You are right, but I see the first chapter more as guidlines for the architecture and design, while the chapter 8.X is more relevant for the developers. Maybe it makes sense to add some requirements to the architecture part as well.
|
|
Like I wrote, I was just mapping those pieces here, because those belong to the same topic. In big picture my vision is to move to solution (but I'm not deciding it :) ) where V1 describes architecture and business-logical decisions and other categories have requirements, where you can check are those really implemented. So, this vision is matching with your latest comment well. To make other's life easier, @mgeramb , can you please provide quotes and references from regulations behind your proposals. |
|
@elarlang You mean like this: "Store only personal data which is required by your business process" -> see DSGVO Chapter II, Article 5, (c)" |
|
Yes, something which support those requirements. Those references are not pre-conditions, but the less conflicts are between different standards and regulations, the easier it is to work with them. And if there is difference, it should be argumented one. |
elarlang
added
the
2) Awaiting response
|
Ping. I think we should drop section 1.8 and merge 1.8.1 and 1.8.2 into section 8.1 and close this out! |
|
I agree, thank you! |
In the EU in particular, the handling of personal data is strictly regulated (DSGVO). I know that with 1.8.2 everything should be fine. But maybe additional requirements makes it more clear.
e.g.:
What is your opinion?
Best,
Michael
The text was updated successfully, but these errors were encountered: