...

The table below lists the identified technical alignment activities and their status. A green checkmark indicates a complete activity, otherwise the expected time of implementation is provided.

Policy-related integration activities

The following policy-related alignment activities have been identified:

• Alignment of privacy statements: For the EOSC-hub AAI, compliance with the GÉANT Data Protection Code of Conduct version 1 (DPCoCo-v1) [DPCoCo-v1] is implicit, since it reflects the Data Protection Directive and means compliance with applicable European rules (see [AARC-G040]). To explicitly declare compliance with DPCoCo-v1, the privacy notice of each EOSC-hub AAI service should include a reference to DPCoCo-v1.
• Alignment of operational security and incident response policies: The entities of the EOSC-hub AAI registered with eduGAIN should meet the Sirtfi [Sirtfi-v1.0] requirements and express Sirtfi compliance in their metadata in order to facilitate coordinated response to security incidents across organisational boundaries.
• Alignment of Acceptable Use Policies (AUPs): To reduce the burden on the users and increase the likelihood that they will read the AUP as they access resources from multiple service and resource providers, the EOSC AAI services should adopt the WISE Baseline AUP model [WISE-AUP].

The table below lists the identified policy-related activities and their status. A green checkmark indicates a complete activity, otherwise the expected time of implementation is provided.