5 Cross-Cutting Requirements

This section will highlight important requirements or describe any additional cross-cutting requirements that apply to this Building Block.

5.1 Requirements

The Cross-cutting requirements described in this section are an extension of the cross-cutting requirements defined in the Architecture specification and Security requirements. This section highlights cross-functional requirements for the Digital Registries Building Block and in addition, describes any deviation to the Architecture Building Block cross-cutting requirements.

5.1.1 Privacy and protection of user data (REQUIRED)

Add mandatory requirement. The following requirement should be added to other Building Blocks' cross-cutting requirements: Each owner of the personal data (e.g. citizen) must be able to see who has looked at their personal data in the registry. All captured personal user data must be marked as “personal data”. Users can make requests to see the information/logs of accessing personal information. API must be available for authenticated users to see their own personal data audit logs.

5.2 Exceptions to Architectural Cross-Cutting Specifications

5.2.1 Citizen-Centric (RECOMMENDED)

Cancel mandatory requirement: "Right to be forgotten: everything must be deletable". This is not a good practice for government registries.

5.2.2 Open (RECOMMENDED)

Cancel mandatory requirement: "Cloud-native, i.e. Docker and Kubernetes". Digital Registries must have also an on-site installation option.

5.3 Standards

The following standards are applicable to data structures in the Digital Registries Building Block:

5.3.1 OpenAPI

OpenAPI Version 3.0.0, 3.0.1, 3.1.0.

Last updated 18 days ago

Was this helpful?

hashtag5.1 Requirements

hashtag5.1.1 Privacy and protection of user data (REQUIRED)

hashtag5.2 Exceptions to Architectural Cross-Cutting Specifications

hashtag5.2.1 Citizen-Centric (RECOMMENDED)

hashtag5.2.2 Open (RECOMMENDED)

hashtag5.3 Standards

hashtag5.3.1 OpenAPI