#80: assessment of GPC vs. data privacy and security standards
--------------------------+-----------------------------
 Reporter:  dconnolly     |       Owner:  mish
     Type:  task          |      Status:  assigned
 Priority:  major         |   Milestone:  data-sec-check
Component:  data-sharing  |  Resolution:
 Keywords:  security      |  Blocked By:  79
 Blocking:                |
--------------------------+-----------------------------

Comment (by mish):

 I sit corrected, the survey in 21 comes close (enough?). We just need to
 follow through with it (do actual risk planning with the information) and
 continue to do so on an annual basis.

 Two comments:
 * I think the question about "active participation" of "those responsible
 for interpretation of applicable laws and regulations" needs to change or
 we need an additional question that asks if each site is in actual
 compliance. Simply having key people in a conversation does not ensure
 that compliance is being met.
 * We should probably come right out and ask if everyone participating has
 had the appropriate training. While a description of the process is nice,
 it doesn't necessarily mean that the appropriate training has been had by
 all those involved.

--
Ticket URL: 
<http://informatics.gpcnetwork.org/trac/Project/ticket/80#comment:35>
gpc-informatics <http://informatics.gpcnetwork.org/>
Greater Plains Network - Informatics
_______________________________________________
Gpc-dev mailing list
[email protected]
http://listserv.kumc.edu/mailman/listinfo/gpc-dev

Reply via email to