GDPR-related standards

[nigejohnson]

We definitely need this, but is this a separate standard or part of wider standards on personal data or on data and retention generally (e.g. this https://github.com/DEFRA/software-development-standards/issues/35)?

[nickblows]

Agree we do need this but i'm starting to think this might be better initially approached as a project to agree our wider departments approach rather than just going ahead and second guessing the approach? I know @FalloutVaultBoy was keen to involve others in the discussion. The result of a review could then help steer the dev approach. Unless this approach is already known?

Might be one to run through on the next dev standards meetup? I just don't want us to put the cart before the horse.

[andrewhick]

Link to draft page on data so far: (UPDATE - moved to add-data-standards branch) which covers GDPR to some extent. Discussed on the Standards call and GDPR is probably the most important element, however there's still a need to identify common standards around data itself, for example, date formats.

[FalloutVaultBoy]

I've reached out to Andrew Price, Joe Ball and Elizabeth Todd to get the Data + Security angle to GDPR page. As none that audience is on Github, I've just started a shared document

[andrewhick]

Any brief work I've done is now on the add-data-standards branch. I've updated any links to the previous draft.