M5.2.7 - LIABILITY TO THE INFORMATION SHARING COMMUNITY Implementation Guidance
The entity shall ensure that liability issues and remediation are clarified, understood and approved by all members of an information sharing community, to address situations in which information is intentionally or unintentionally disclosed.
Back to M5.2.7 - P4 -LIABILITY TO THE INFORMATION SHARING COMMUNITY
Remediation should include, at a minimum, notification of any unauthorized disclosure back to the originator, with sufficient detail to identify the information disclosed.
Where possible, notification should be provided back to the source, even if the information has been sanitized and does not reveal its origin. This could be achieved by the intermediary of a trusted third party.
Unauthorized disclosure consequences could affect directly the responsible parties and might involve eliminating or restricting access to some members for some period of time to
re-establish community trust
Back to M5.2.7 - P4 -LIABILITY TO THE INFORMATION SHARING COMMUNITY
