Data Security and Privacy
DIVA Data Security and Privacy Basic Features
-
a) Data Encryption
-
b) Data De-identification
-
c) Privacy by Design
-
d) Logging and Auditing
-
e) Data Retention and Destruction
-
Product(s) proposed under this Capability, must be able to deliver on:
-
1) Support encryption of data in use, in transit and at rest in instances where data is stored by the tool using one of the approved cryptography methods for high risk situations. For further information, please refer to GO-ITS 25.0.
-
2) Allow for implementation of key management practices in compliance with Section 2.4 of GO-ITS-25.12. Encryption keys would be available only to authorized OPS personnel and vendors will not have access to encryption keys.
-
3) Support role-based access control (RBAC) using the least privileged principle for data access, dissemination and data visualization.
-
4) Support password requirements as stated in GO-ITS-25.0 sections 3.1.4 and 3.1.6.
-
5) Log system activities and events as per Sections 3.4.2 and 3.4.4 of GO-ITS-25.0.
-
6) Facilitate cross-data source linking of private elemental records in a secure and private manner while maintaining the integrity of the original records.
-
7) Archive data and secure the archives using appropriate encryption as described in GO-ITS-25.12.
-