Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding Safeguards to DPV #23

Closed
coolharsh55 opened this issue Jun 30, 2021 · 6 comments
Closed

Adding Safeguards to DPV #23

coolharsh55 opened this issue Jun 30, 2021 · 6 comments
Labels
concepts add/edit concepts in DPV vocabs help-wanted Assistance in performing tasks for this issue todo chores, tasks, things to do
Milestone
DPV v1

Comments

@coolharsh55
Copy link
Collaborator

How and where to model Safeguard as a concept within the DPV.
@coolharsh55
Copy link
Collaborator Author

References for consideration:

@coolharsh55 coolharsh55 added the concepts add/edit concepts in DPV vocabs label Jun 30, 2021
coolharsh55 added a commit to coolharsh55/dpv that referenced this issue Oct 1, 2021
@coolharsh55
v0.3 for dpv and dpv-gdpr
55723f3 
DPV: Updates and additions to purposes, tech-org measures, entities, legal
basis (new module).
DPV-GDPR: Updates and additions to data transfers (new module).

Updated labels and descriptions of terms for consistency.

For detailed changelog, see /dpv/changelog.html and
/dpv-gdpr/changelog.html respectively.

fixes w3c#25 purpose diagram typo
relevant to  w3c#23 safeguard as a concept
relevant to w3c#22 expanding purpose taxonomy
@coolharsh55
Copy link
Collaborator Author

Note that DPV now contains safeguards as a concept, as well as the data transfer safeguards from GDPR. A review of their sufficiency is to be undertaken and its outcome to determine closing of this issue.

@coolharsh55 coolharsh55 added the todo chores, tasks, things to do label Feb 22, 2022
@coolharsh55 coolharsh55 added the help-wanted Assistance in performing tasks for this issue label Jun 9, 2022
@coolharsh55 coolharsh55 added this to the DPV v1 milestone Jun 30, 2022
@coolharsh55 coolharsh55 mentioned this issue Oct 22, 2022
Closed
35 tasks
@Paul-Ryan76
Copy link

Reviewed this topic ,

From A GDPR perspective need to model the appropriate safeguards from Article 46

Appropriate safeguards
a) Legally enforceable instrument
b) Binding corporate rules
c) Standard clauses adopted by commission
d) Standard clauses adopted by Supervisory authority
e) Code of conduct
f) Certification

We also need to consider adding in Transfer Impact assessment and Supplementary measures, which are part of any international transfer to a non-adequate country

I looked at HIPPA safeguards and they mainly relate to Technical and Organisational measures. I t believe we have sufficient coverage in that area

@coolharsh55
Copy link
Collaborator Author

a) Legally enforceable instrument
b) Binding corporate rules
c) Standard clauses adopted by commission
d) Standard clauses adopted by Supervisory authority
e) Code of conduct
f) Certification

Thanks Paul. From that list, what concepts are missing in DPV? I think we have all of them (across DPV + DPV-GDPR)

Also please note that "Supplementary Measures" doesn't have a definition by itself, and instead is what we use to refer to additional TOMs to safeguard the data. And because the term is EU-specific, I would not create a separate concept with that label since Safeguard/RiskMitigationMeasure also has the same role.

@Paul-Ryan76
Copy link

Agreed, I confirm that DPV-GDPR contains items a to F

@coolharsh55
Copy link
Collaborator Author

Thanks, closing the issue as completed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
concepts add/edit concepts in DPV vocabs help-wanted Assistance in performing tasks for this issue todo chores, tasks, things to do
Projects
None yet
Milestone
DPV v1
Development

No branches or pull requests
2 participants
@coolharsh55 @Paul-Ryan76