- Andrew and David recounted the approaches used by each team to analyse, review and comment on the mapping
- We looked at each item that TFTM had further questions about, notes on each one follow:
1) INTEROP-2 - Kantara should indicate in the S3A that if the CSP intends to apply for IDEF Registry listing that they include an answer to INTEROP-2 in their S3A S3A
2) INTEROP-3 - this is a trigger on IDESG side - if an applicant to the Registry is using a non-listed standard this should trigger IDESG to put the standard through the normal evaluation process process
3) PRIVACY-3 - Kantara should review data minimization criteria to see where this is handled - “Partial” might be possible instead of N/A A
4) PRIVACY-15 - The IDEF requirements is relevant to the transaction. David explained the context that he expects -> Data Minimization. Andrew requested that IDESG review and update their requirement and supplemental guidance for P15. David noted that there is no supplemental guidance for the Privacy requirements.
- ACH asked David to send info to Kantara about how other CSPs have done this and Kantara can recommend to CSPs.