SARA data domains: Difference between revisions
Jump to navigation
Jump to search
Stefanseiler (talk | contribs) |
Stefanseiler (talk | contribs) No edit summary |
||
| Line 108: | Line 108: | ||
! style="text-align:left;" |Consumer | ! style="text-align:left;" |Consumer | ||
|Gets temporary access to this information, but only as long as the party requires it. | |Gets temporary access to this information, but only as long as the party requires it. | ||
|'''Data will only be stored in temporary cache files and will be refetched, if | |'''Data will only be stored in temporary cache files and will be refetched, if cache expires prematurely (depending on strictness of cache-settings)''' | ||
|} | |} | ||
Latest revision as of 07:02, 26 June 2025
A travel assistance service requests holds these data domains, which are each handled differently due to the ownership and sensitivity of contained information:
| O=Owner, P=Processor, C=Consumer | Ownership & Storage | Sensitivity | Details | |||
|---|---|---|---|---|---|---|
| Agent | PAX | OC | Del.P. | |||
| Unstructured Communication | ||||||
| PAX with OC | O | P | high | May contain sensitive information | ||
| Agent with OC | O | P | high | Agent is acting on behalf of the PAX! May contain sensitive information | ||
| Case structured data | ||||||
| Travel Group information | O | C | C | C | normal | |
| Personal information | P | O | P | C | high | May contain sensitive information |
| Medical information | P | O | P | C | very high | Contains also information on medical decision process |
| Journey Information | P | O | P | C | normal | Shared ownership, based on transport contract |
| Request management data | C | C | O | P | normal | This holds the case decision process and associated meta-information |
| Delivery information | ||||||
| Delivery requests & instructions | O | P | high | May contain sensitive information | ||
| Delivery status information | O | P | normal | LH ownership, due to service contract | ||
Data processing roles
| Access | Storage | |
|---|---|---|
| Owner | Has permanent (physical and logical access to the information) | permanent (database) |
| Processor | Gets access to this information and keeps it for regulatory and legal litigation purposes. | Data is persisted in permanent storage facility (database), but will actively be anonymized or deleted after the regulatory period has passed. |
| Consumer | Gets temporary access to this information, but only as long as the party requires it. | Data will only be stored in temporary cache files and will be refetched, if cache expires prematurely (depending on strictness of cache-settings) |