Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2.2.6: Timeouts - reference to compliance #421

Closed
ghost opened this issue Jul 4, 2018 · 9 comments · Fixed by #501
Closed

2.2.6: Timeouts - reference to compliance #421

ghost opened this issue Jul 4, 2018 · 9 comments · Fixed by #501
Assignees
@fstrr
Labels
2.2.6 Timeouts Survey - Added Understanding

Comments

@ghost
Copy link

ghost commented Jul 4, 2018

Success Criterion 2.2.6: Timeouts

Recommendation is to add the word "compliance " to read Compliance and privacy regulations ...". As an example, the Payment Card Industry Data Security Standard includes security standards related to the storage, use and controls associated with credit card information.
@awkawk
Copy link
Member

awkawk commented Jul 27, 2018

Are you talking about at the start of the Note section for https://www.w3.org/TR/WCAG21/#timeouts?

If so, we won't be able to make that change as it is in the WCAG 2.1 spec, but perhaps you can suggest something for the related understanding document (
https://www.w3.org/WAI/WCAG21/Understanding/timeouts.html)?

@ghost
Copy link
Author

ghost commented Jul 27, 2018

Yes, that was the area I was referencing.

I would be happy to make a recommendation regarding this for the understanding document.

@awkawk
Copy link
Member

awkawk commented Sep 11, 2018

@thaddeus-cambron any suggestions on this for the understanding document?

@ghost
Copy link
Author

ghost commented Sep 11, 2018

"Privacy regulations and compliance standards, for example, PCI or HIPAA, may require ..."

@alastc alastc mentioned this issue Oct 5, 2018
Merged
@alastc
Copy link
Contributor

alastc commented Oct 5, 2018
edited

I think it needs turning around if it's part of the understanding doc, it shouldn't repeat the SC text.

How about:

Examples of privacy regulations or compliance standards that may require consent and authentication before saving data are PCI (Payment Card Industry) and HIPAA (Health Insurance Portability and Accountability Act of 1996).

(In PR #501)

@ghost
Copy link
Author

ghost commented Oct 5, 2018

I am not sure the best wording to be honest with you. For example, CVV cannot be saved at all - even with consent. That is why it is removed from a form if another field is in error. The goal was to add the word "compliance" in addition to "privacy". I trust your judgement on the exact verbiage.

@alastc
Copy link
Contributor

alastc commented Oct 9, 2018

Ok, I'll try this then:

Examples of privacy regulations mentioned in the success criteria note, and related compliance standards, are PCI (Payment Card Industry) and HIPAA (Health Insurance Portability and Accountability Act of 1996).

Without it being mentioned in the SC text it is somewhat tenuous, but hopefluly people get the idea.

@fstrr
Copy link
Contributor

fstrr commented May 3, 2022

@alastc I don't see any of the text your last comment in the Understanding document. Do you still want to add it or shall I close this?

@fstrr fstrr self-assigned this May 3, 2022
@patrickhlauke
Copy link
Member

if you are going to include @alastc's proposed wording, note that it should say "success criterion" (singular) rather than "success criteria" (plural)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fstrr fstrr

Labels
2.2.6 Timeouts Survey - Added Understanding
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Additional paragraph about compliance standards. w3c/wcag
4 participants
@alastc @patrickhlauke @awkawk @fstrr