Section 10.3.2 of SP800-63Crev4 provides specific guidance on how to store personal attributes of users (subscribers, see #71). This guidance is likely in conflict with how enterprises manage their users (see these comments.)
chair hat off
In order to accommodate different mechanisms for user management, IPSIE SL1 should not follow the NIST requirements and allow IPSIE compliant services to determine the proper model within the constraints of law and policy. This should be documented in the IPSIE SL1 profile.
chair hat on