Privacy and Consent Management
Provides users with privacy and consent management tools; and connects the citizen to any set of digital services presenting policy to the citizen that they must agree to access the service. CitizenOne was developed with user privacy at the forefront of the design ensuring the citizen is always in control of their confidential information.
This module provides ongoing transparency to the citizen, informing them what services they have connected to their profile, and providing the ability to manage the connection at their discretion. For instance, it presents policy updates and allows for revocation:
- Enables compliance to consent regulations (e.g. GDPR, PIPEDA).
- Brokers consent between third-party application and data sources to allow for data portability.
- Enables each government service provider to “bring their own policy”. A citizen can access current service connections and have a complete understanding of how their personal information is being used. The user is empowered to manage their connections, and users make the choice, delivering increased levels of trust.
- Provides the citizen with the “right to be invisible” – upon revocation the downstream application can delete the citizen record.
- Enables data to be marshalled across government by the citizen. It allows the citizen to achieve efficiency in the use of their credentials in use throughout government. It is built in alignment with the data portability provisions of GDPR.
- No data retention in CitizenOne ensures consent is provided by the Citizen before providing data to the requesting party.
- Includes the ability to leverage trusted third-party data sets to provide the citizen with additional options to facilitate improved interactions with Government Service providers.
Continue to next module / Service Card Module