due to GDPR and privacy regulations there's been more focus on the data itself. PII/PHI specifically. This work helps integrate privacy and security aspects into a cohesive model with data front and center.
Isn't the real issue here that "data" has never been treated as a first-class citizen in security frameworks and instead of shoehorning data and privacy into a security framework, we are flipping the model and mapping data concepts to the existing security framework concepts?
Backlog: Language to be agreed
Considerations:
due to GDPR and privacy regulations there's been more focus on the data itself. PII/PHI specifically. This work helps integrate privacy and security aspects into a cohesive model with data front and center.
Isn't the real issue here that "data" has never been treated as a first-class citizen in security frameworks and instead of shoehorning data and privacy into a security framework, we are flipping the model and mapping data concepts to the existing security framework concepts?
@merkletrie @stods21 @cadderly1