| | 4.3 Fulfilment
03. My Personal Information | | |
|---|
| 4.3.03. My Personal Information: | | 1. Self-service support procedures include the safe, secure and private storage of My Personal Information. All kinds of personal information may be stored in an encrypted database that is accessed by encrypted communications for approved people. | | 2. My Personal Information is treated in a similar way to business data with the utmost security using an advanced set of diverse encryption methods. This provides people with the opportunity and capability to store their private and secret information in places where no other person can access. | | 3. The user interface is a very simple Google-like search bar and list that can be paged, sorted and filtered. Private data that has been added and removed my be shown as at any time - Search using "Show My Task List" or something similar. | | 4. Only two actions are supported: (1) Add Subject To a List and (2) Remove Subject From a List. Any number of subjects can be added to any list, but subject names need to be unique so they can be removed and identified. | | 5. The search list has options to add, remove and change subjects. A search list may be downloaded to a local computer where all encryption, security and privacy benefits are lost. Every download must be copied by many agencies in many countries and may be used against a person in 20 or 40 years time by a different culture. |
| 2. Kinds of personal information: | | 1. My Task List. | | 2. My To-Do List. | | 3. My Password List. | | 4. My Address List. | | 5. My Wish List. | | 6. My Shopping List. | | 7. My Training List. | | 8. My Skill List. |
| 3. Search Syntax: | | 1. Add Subject To My Task List. | | 2. Remove Subject From My Task List. | | 3. Show My Task List. | | 4. Where My Task List may be replaced by any of the above 8 kinds of personal information lists. | | 5. Where Subject may be replaced with up to 100 characters of private data. A subject will only consist of latin alphabetic characters (A-Z) and numbers (0-9) with a space, dot, at, plus and hyphen - no other symbols are permitted. |
| 4. Evidence Trail: | | 1. When a subject is added, the date and time it was added is recorded and shown. The pending removed date is set to be at least seven years into the future. | | 2. When a subject is removed, the date and time it was removed is recorded and can be shown. | | 3. Your removed information may be hidden but cannot be deleted, lost, corrupted or changed. |
| 5. Security: | | 1. My personal information is replicated to a swarm of physically secure data centers and stored in encrypted databases. Dedicated database servers are hidden in a forest of 100,000 other servers that provide the UK broadband backbone. | | 2. Only the approved person who has signed-in using encrypted communications from an approved network and computer can see their own data. Twenty years of external security audits have proven that data cannot be accessed by the most experienced white-hat security consultant. | | 3. Your private subject is encrypted using a diverse set of methods that while any one layer may be cracked, it may be impossible to crack all encryption layers. Not even system administrators have access to the very large number of encryption keys and methods that would be needed to begin to decrypt any private subject. | | 4. Your private data is pseudonymised with a token to replace the persons name so a subject cannot be associated with any specific person. If the database servers were stolen or copied, the personal information could not be read and no subject could not be associated with any specific person. |
| Document Control: | | 2017 Jan 6 : Latest edition as (public) page 164303. Part of ITIL Request Fulfilment Managers responsibilities. |
|
|