This is a site designed to make it easier to take the core of large published reports and allow anyone to comment on them.
3.2.14 Appropriate measures must be in place within the e-Government service provision boundary to protect a client's information on their behalf. It should be noted, however, that a client might be prepared to accept a higher level of residual risk than the service provider regarding their information, or may have a different assessment of the impact that compromise of that information might have. This should not prevent the service provider from providing clients with information that is held about them. For example, assignment of Confidentiality IL3 to a client's medical records should not prevent the e-Government service provider from enabling access to this information (even if this requires the use of out-of-band methods).
I dont quite get this. they may accept a higer level, yes. But they may assign a higher sensitivity to it than government does. Some people are touchy about their birth date. What are out-of-band methods?Posted by William on 2007-02-14 16:13:17. Link. Report abuse to email@example.com. Back to the main document list