Stakeholders / Concerns
- Why do we care?
- What's encrypted? When? How? Where?
- Who owns the keys?
- Who's writing the encryption code?
- Access control?
- Who makes cards?
- Audit trails (DC)
- Anonymity in warehousing?
- Data retention
- Rights to access? Across orgs?
- Is information that is passed between parties anonymized/aggregated?
- Has ERG group had any kind of compromises?
- contact MIT people (Yaw)
- repurpose best practices from RFID clinic