Open aj-stein-nist opened 1 month ago
I agree this needs to be addressed. In general I don't think we can prohibit representation as a GLUE ID of any identifiers that also may contain personal data, but the privacy considerations section definitely needs to address this.
I am willing to pitch in and write something to that effect if you want me to. Let me now.
that would be fantastic
Not all identifiers have a simple security or privacy model where they can always be publicly shared. The current enumeration of identifiers do not include such an example, but they do exist. As discussed in Session II of the IETF 120 SPICE meeting, I had summarized how in US public healthcare the business identifier of sole proprietor for reimbursement in the Medicare and/or Medicaid system is a social security number for that individual. That must not be shared anywhere. For systems of record for that agency, this data was toxic and any leakage was an immediate incident. Details below.
https://www.cms.gov/Medicare/Provider-Enrollment-and-Certification/MedicareProviderSupEnroll/downloads/EnrollmentNPI.pdf
I am willing to help add to the draft and consider privacy considerations around this potentially.