![](/sites/default/files/styles/tile_md_1x/public/collection/logo/2019-04/190404-logo-JOINUP-blue-2.png.webp?itok=6qy12j9E)
![](/sites/default/files/styles/tile_md_1x/public/collection/logo/2019-04/190404-logo-JOINUP-blue-2.png.webp?itok=6qy12j9E)
ABR Team is pleased to share the Framework for Base Registries Access and Interconnection (BRAIF) with public.
The document proposes a conceptual model for the framework and addresses important topics related to access to base registries and their interconnection, for instance:
On the long term, this Framework aims to serve as a guidance to Member States on how to grant access to data in base registries and how to interconnect the base registries.
This version of the document will be discussed with public to confirm that it serves the needs of Member States (MS) and address their challenges (e.g. on how to establish a governance model, ensure data quality in base registries, etc.).
Follow the news next week starting the 15th of June;
- Discussion on Joinup on ABR Collection;
- Post on LinkedIn in Joinup Group;
- Public webinar on the 29th of June.
Do you have any comments on Framework? Please share them in the comments section below or send us via email.
Do you have any questions to ABR Team? Contact us via ABR@trasysinternational.com.
Comments
Thank you again for this very good paper that definitly benefits from existing work
-> However, I think it needs a bit a "reality EU update and practice check“ beside the general recommendations given.
In this sense I have 4 comments to make:
1.
Comment on "up-to-date" on Page 8 1 Overview it is stated
My suggestion is: - in general- not to stress the link between „up-to-date“ and authoritative base register too much as to my experience it is not always the base register that has the most- up to date information. Other registers might have a more up-to-date information. (e.g German Personalausweisregister or Melderegister has sometimes a latency of several month -> address information has to be changed on the electronic ID , citizen has to be present in the office -> meanwhile he provided a more up-to-date adress in several registers)
2.
on page 14 - 1.3 VISION AND STRATEGY
typical challenges are mentioned:
My suggestion is: to mention the problem of "project vs. operation" e.g. in 1.3 vision and strategy and perhaps also to mention the persistant URI page of the EU Publications Office regarding the „Interconnecting“ aspect of BRAIF https://data.europa.eu/URI.html (just a side note to underline this aspect - the first URI is not persistant any longer"
3.
In chapter 2.3.3.4 legitimate access needs
My suggestion is: to add the word „Consent“ or even „consent management“ as Art. 6 GDPR Lawfulness of processing -> defines the term „consent“ for what you refer to as
4.
in chapter 2.3.3 "data security" is used a bit to describe data safety issues.
My suggestion is: to clearly separate data security from data safety e.g. by introducing the term "data safety".
Dear Sebastian,
Thank you for your feedback on the paper!
We have analysed your comments, and we implemented them within the scope of the Action, i.e. this Framework is a high-level paper that will be followed by practical guidelines and examples from various Member States (MS) and EU institutions in the separate Guidelines document, planned to be published by the end of the year.
Thus, here is the reply for your comments:
1. Although there is a challenge in different MS with the data duplication or data quality in various base registries, the aim is to achieve the level of the authoritative base registry to become the correct and up-to-date one. Thus, the Framework should state this;
2. The Framework does not tackle the difference between a project and operations, as it is not its scope, but there will be a section in the Guidelines document with practical examples from EU Institutions and MS, and ABR recommendations on how to differentiate e.g. an EU project with recommendations to follow a PM2 Methodology of the European Commission, etc.;
3. 'To define consent management' with reference to the article on GDPR is added to section 2.1.1.2 Data policies, standards and requirements;
4. A short explanation was added that data security concerns the data protection from the unauthorised use into chapter 2.3.3 Data security. In the 2.3.3.4 Legitimate access needs, it is added under the last bullet that isolating or segregating unencrypted data in online or offline backups for replication and storage concerns data safety (data protection against the loss).
Kind regards,
ABR Team