[KI-LC] GDPR and Kantara approach question

Salvatore D'Agostino sal at idmachines.com
Tue Feb 28 17:49:41 CST 2017


So how about a contribution from each of the DGs, WGs on a single aspect of their effort for sharing in a toolkit.  I we need to have the groups contribute and be directly involved or you cross wires.  Challenge is bandwidth per usual.

 

So for IRM it might be a GDPR use case as a way to exercise a relationship manager effort in the next phase of work.  

 

From: lc-bounces at kantarainitiative.org [mailto:lc-bounces at kantarainitiative.org] On Behalf Of Andrew Hughes
Sent: Tuesday, February 28, 2017 6:15 PM
To: Mark OCG <m.lizar at openconsentgroup.com>
Cc: Julian Ranger <julian at digi.me>; Robin Wilton <wilton at isoc.org>; Kantara Leadership Council <lc at kantarainitiative.org>
Subject: Re: [KI-LC] GDPR and Kantara approach question

 

Hi mark - yes it is vague - I'm looking for opinions. 

The only thing behind this is that I was wondering if there could/should be a "Kantara GDPR Toolkit"

Because I keep hearing that there is great demand for assistance and I'm wondering it Kantara can do something useful for the community. 

Andrew. 

On Tue, Feb 28, 2017 at 2:56 PM Mark OCG <m.lizar at openconsentgroup.com <mailto:m.lizar at openconsentgroup.com> > wrote:

Hi Andrew, 

 

This is all bit vague. Not clear from what perspective Kantara should be inclined to ‘do something’ for the GDPR. 

 

As you may or may not be aware Data Protection and Data Control mitigate each other in terms of risk and liability.  GDPR is fundamentally about data protection. Standards address risk and liability in different ways. 

 

It is conceivable that Kantara could have a program that spans this space - but not sure if a GDPR centric approach would achieve such a result.   Perhaps evaluating how Kantara efforts relate to GDPR might be fruitful?  A little survey perhaps? 

 

Is there a deeper insight/motivation missing from this email ? 

 

Mark Lizar

CEO Open Consent Group

 

 

On 28 Feb 2017, at 21:53, Andrew Hughes <andrewhughes3000 at gmail.com <mailto:andrewhughes3000 at gmail.com> > wrote:

 

I'm not sure if we need a DG or not - there are some very specific things about GDPR (and lots of analysis everywhere)

I'm also hoping that this will bring new faces to the table. 

On Tue, Feb 28, 2017 at 1:52 PM Ken Dagg <kendaggtbs at gmail.com <mailto:kendaggtbs at gmail.com> > wrote:

As much as I don't want to spread Kantara's thin participative resources thinner I think that your suggestion of a new WG makes sense. A new WG would enable a keen focus on GDPR without the distraction of what the other WG's are attempting to achieve. Does it make sense to start with a DG to identify what things need to be done and in what order or is that the first task of the WG?

 

Ken

 

 

On Tue, Feb 28, 2017 at 4:14 PM Andrew Hughes <andrewhughes3000 at gmail.com <mailto:andrewhughes3000 at gmail.com> > wrote:

Hi LC and (some) Board of Directors...

 

I've been wrestling with how Kantara would best serve the community with respect to GDPR.

 

Many of the WGs have work products and knowledge that is relevant to GDPR topics. But whenever I try to think about what it would mean to ask for GDPR-specific work inside any particular WG I hit mental roadblocks.

 

So, how does this different approach sound to you all:

 

Start a WG whose goal is to build a 'Kantara GDPR Toolkit' comprised of guidance, profiles of selected standards, pointers to useful analysis reports (inside and outside of Kantara), and other technical or recommendation stuff.

 

It would help ease the tension between addressing the near term demands to 'do something' for GDPR and help to harness the bits and pieces of work inside and near Kantara. It would possibly avoid distracting the WGs from their main work products that are for the longer term.

 

Looking for opinions and alternative views on this please

 

andrew.

_______________________________________________
LC mailing list
LC at kantarainitiative.org <mailto:LC at kantarainitiative.org> 
http://kantarainitiative.org/mailman/listinfo/lc

-- 

Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091kendaggtbs at gmail.com <mailto:kendaggtbs at gmail.com> 

-- 

Andrew Hughes CISM CISSP 
Independent Consultant
In Turn Information Management Consulting

o  +1 650.209.7542
m +1 250.888.9474
1249 Palmer Road,
Victoria, BC V8P 2H8
AndrewHughes3000 at gmail.com <mailto:AndrewHughes3000 at gmail.com>  
ca.linkedin.com/pub/andrew-hughes/a/58/682/ <http://ca.linkedin.com/pub/andrew-hughes/a/58/682/> 
Identity Management | IT Governance | Information Security 

_______________________________________________
LC mailing list
 <mailto:LC at kantarainitiative.org> LC at kantarainitiative.org
 <http://kantarainitiative.org/mailman/listinfo/lc> http://kantarainitiative.org/mailman/listinfo/lc

 

-- 

Andrew Hughes CISM CISSP 
Independent Consultant
In Turn Information Management Consulting

o  +1 650.209.7542
m +1 250.888.9474
1249 Palmer Road,
Victoria, BC V8P 2H8
AndrewHughes3000 at gmail.com <mailto:AndrewHughes3000 at gmail.com>  
ca.linkedin.com/pub/andrew-hughes/a/58/682/
Identity Management | IT Governance | Information Security 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/lc/attachments/20170228/f887e94d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4859 bytes
Desc: not available
URL: <http://kantarainitiative.org/pipermail/lc/attachments/20170228/f887e94d/attachment-0001.p7s>


More information about the LC mailing list