[WG-P3] Comments on NIST SP 800-53, Appendix J

Rich Furr rfurr at safe-biopharma.org
Tue Aug 2 17:57:26 EDT 2011


Anna,

A very good approach and SAFE-BioPharma wholeheartedly supports and, if acceptable to the group, will mirror, but not copy the P3WG input.  The more input along the same lines the better.

Rich Furr
Head, Global Regulatory Affairs, Policy & Compliance
Cell: 704-575-1680
Office:  980-236-7576



From: Anna Slomovic/Equifax <anna.slomovic at equifax.com<mailto:anna.slomovic at equifax.com>>
Date: Tue, 2 Aug 2011 17:20:17 -0400
To: Kantara P3WG <wg-p3 at kantarainitiative.org<mailto:wg-p3 at kantarainitiative.org>>
Subject: [WG-P3] Comments on NIST SP 800-53, Appendix J

Everyone,

As we discussed on Thursday’s call, P3WG would like to submit comments on NIST SP 800-53, Appendix J, Privacy Control Catalog. We had general agreement on the call that P3WG supports the controls proposed in the Appendix. It would be helpful to NIST to receive supporting comments as part of the public record because they are required by US law to read and take into consideration all comments submitted by the public.

We (P3WG) will pull together a document that provides information about Kantara and describes our interest in the Appendix. We agreed that the substantive comments would include three parts:


1.       Support because the proposed controls are consistent with the requirements of the US Federal Privacy Profile, which will ease the use of federated credential for access to US federal government applications (Anna to draft a paragraph)

2.       Support because the proposed controls will improve interoperability for credentials used in the US and EU (Mark Lizar to review the Appendix vs. EU requirements and draft a paragraph)

3.       Support because the proposed controls will improve interoperability for credentials used in the US and Canada (Hedy Kirkby to review the Appendix vs. PIPEDA and draft a paragraph)

I hope that we can have a draft by the next meeting for review by the whole group.

Just FYI, although the comments to NIST are due by September 2, 2011, the final version of the document is scheduled to be published as part of the larger revision of NIST SP 800-53 in December 2011.

Thanks for your help and input on this.

Anna

Anna Slomovic
Chief Privacy Officer
Equifax, Inc.
1010 N. Glebe Rd.
Suite 500
Arlington, VA 22201

P: 703.888.4620
M: 703.254.9656
F: 703.243.7576
E: Anna.Slomovic at equifax.com<mailto:Anna.Slomovic at equifax.com>


________________________________
This message contains information from Equifax Inc. which may be confidential and privileged. If you are not an intended recipient, please refrain from any disclosure, copying, distribution or use of this information and note that such actions are prohibited. If you have received this transmission in error, please notify by e-mail postmaster at equifax.com<mailto:postmaster at equifax.com>.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/wg-p3/attachments/20110802/6abc9de0/attachment-0001.html 


More information about the WG-P3 mailing list