Subject: RE: [xacml] BTG issues
Hi David, > -----Original Message----- > From: David Chadwick [mailto:firstname.lastname@example.org] > Sent: Friday, April 29, 2011 12:36 PM > To: email@example.com > Subject: Re: [xacml] BTG issues > [...] > > Does anyone have a use case other than BTG that would fit the > > generalization? > > How about this one. A police officer is investigating a crime and tries > to access the personal information about a suspect. He is denied access > to some of the details, but is given override permission if he can > enter sufficient (free form) justification which will then be emailed to his > superior officer and to the police data protection registrar. He knows > that if they dont buy his argument, he will be reprimanded for breach > of professional conduct. > > This is similar to a BTG access by a doctor in a hospital to a patient's > medical records, but it does not use the same terminology as some > people think this specifically refers to health IT systems. OK, now that you've demonstrated that there are more use cases like BTG, I think it makes sense to generalize. Unless anyone can think of a reason not to?