Decision Framework
Attribute Selection Process
Section titled “Attribute Selection Process”When organizations are determining what exactly to hide:
- Identify the threat vector: what information could be used to harm?
- Map threat to attributes: which attribute IDs correspond to that vector?
- Check compliance requirements: are any flagged as compliance-protected?
- Select privacy level: based on threat severity, choose appropriate level
- Apply individual exceptions: honor individual staff requests for greater/lesser protection
- Verify operational viability: can organization function at this privacy level?
- Document & execute: log decision, implement changes, notify stakeholders
Prioritization in Conflict Scenarios
Section titled “Prioritization in Conflict Scenarios”When requirements conflict, sort and act according to priority:
| Priority Order | Scenarios to consider | Rationale |
|---|---|---|
| 1 | Individual safety | Physical safety overrides all other concerns |
| 2 | Legal compliance | Non-negotiable regulatory requirements |
| 3 | Organizational operational viability | Must maintain ability to function |
| 4 | Contractual obligations | Funder and partner commitments |
| 5 | Professional credibility | Reputation and attribution needs |
| 6 | Accessibility/transparency values | Organizational values preferences |