Transferred from API Spec issues as this is a better home:
'persons' as a entity have a single protectionRequirements block, i.e.,
everything about a person shares the same protection.
In most instances this will make everything about a person protected.
What is needed is the ability to specify protection for each of:
"dateOfBirth"
"gender"
"genderOtherInformation"
"ethnicity" - each item
"iwiAffiliation" - each item
"sectorPersonIds" - each item
"researchCareerStage" - each item
"academicRecord" - each item
"recognition" - each item
"professionalBodies" - each item
"organisationAffiliations" - each item
With the current model, to publish someone's name appears to also require
publishing their DOB, gender, and ethnicity.
The proposed solution for phase I is to only submit the mandatory & already public
This helps, but leaves the status of 12.1 "Local Person ID" aka localPersonId
(both mandatory and a protected field) uncertain.
What might be needed is clear statements on how NZRIS will treat this value, and a
commitment that this value will not be exposed by the system.
Transferred from API Spec issues as this is a better home:
'persons' as a entity have a single protectionRequirements block, i.e., everything about a person shares the same protection. In most instances this will make everything about a person protected.
What is needed is the ability to specify protection for each of: "dateOfBirth" "gender" "genderOtherInformation" "ethnicity" - each item "iwiAffiliation" - each item "sectorPersonIds" - each item "researchCareerStage" - each item "academicRecord" - each item "recognition" - each item "professionalBodies" - each item "organisationAffiliations" - each item With the current model, to publish someone's name appears to also require publishing their DOB, gender, and ethnicity.
The proposed solution for phase I is to only submit the mandatory & already public This helps, but leaves the status of 12.1 "Local Person ID" aka localPersonId (both mandatory and a protected field) uncertain.
What might be needed is clear statements on how NZRIS will treat this value, and a commitment that this value will not be exposed by the system.