[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pmrm] Groups - Privacy Policy Must-Haves (Strawman Privacy PolicyTemplate.doc) uploaded
On 3/18/11 1:53 PM, peter.alterman@nih.gov wrote: > The document named Privacy Policy Must-Haves (Strawman Privacy Policy > Template.doc) has been submitted by Dr. Peter Alterman to the OASIS Privacy > Management Reference Model (PMRM) TC document repository. > > Document Description: > This one-pager is my attempt to summarize the considerations any privacy > policy must address. Would love comments, additions, revisions, etc., on > this. What you have seems reasonable, with one caveat. One problem I have --- and this is a problem of the field, not the document --- is that PII is really undefined. In particular, it is increasingly possible to take minimal sets of data from two networks and combine them to deidentify users. Thus the set of PII seems to increase. I don't know how you want to handle this, but it seems to me that this is an important aspect of any Privacy Policy statement. Susan
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]