##Risk Description = Risk Description = ## Detailed description of this risk and its possible implications. ## E.g. If one of the car's tires suffers a puncture, we may run off the road. Datatilsynet may consider that the DOMS poses a thread to the privacy of common people as putting multiple sources of sensitive data regarding living people and/or their relatives into the DOMS will enable users to perform data correlation which is illegal under Danish law. Especially considering the integrated search capabilities. The definition of sensitive data is a bit vague and therefore there is a risk that we unintentionally get sensitive data into the DOMS. If that happens then we risk that "Datatilsynet" may declare the DOMS illegal or demand that we establish a restrictive access control which will render the DOMS unusable from our point of view. Currently we fear that some material may be considered sensitive merely by being digitised and stored in the DOMS. E.g. digitising some printed works such as books of genealogy, and storing these in the DOMS, may enable users to retrieve entire resume of a person and this persons family. == When to react? == ## When must we respond to the risk? E.g. When the event occurs or already when we see the warning signs? ## E.g. We must react if we hear a hissing sound. == Reaction == ## Detailed description of how to react on the risk and which actions to take, if it is imminent. ## There exists 4 basic reactions: ## 1: Accept the risk. ## 2: Eliminate the cause to the risk. ## 3: Mitigate the probability or the consequence of the risk. ## 4: Delegate the risk to another party, e.g. by outsourcing it or take out insurance for it. ## E.g. We accept the risk and change the tire if we suffer a puncture. For a start we will accept this risk as it will not become imminent until we begin storing material in the DOMS. However, when we get to that point, we should try to keep the DOMS free from sensitive data to avoid problems with "Datatilsynet". If it turns out to be necessary storing sensitive data to the DOMS, then this should be done in a separate project, which is mainly of legalistic nature, and not so much technical. Thus, the risk will be delegated to that project. Should we get complaints about sensitive material unintentionally stored in the DOMS, then we have a couple of means to quickly eliminate the risk, either by blocking access to the material in question. Blocking the access for both users and the indexing service of the search engine will make material totally unavailable to anybody. == Responsible Persons == The below persons are responsible for continuously monitoring and acting on this risk: ## Add a bullet list with links to the wiki pages of the responsible persons here: ## E.g. ## * [:JohnDoe: John Doe]