The names of Citizens are collected on the website along with some personal contact information. We were told that our application required the Medium level security certification.

For collecting more sensitive information, certification becomes nearly impossible.

Thanks
Jon

On Tue, Sep 30, 2008 at 9:35 AM, Gerhard Killesreiter <gerhard@killesreiter.de> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jon Saints schrieb:

> On a recent project for the US government, half way through the
> development process, our work was stopped by a government security
> review which said that Drupal (and open source software in general)
> is not suitable for use in government projects that house personal
> information due to security concerns.

Just out of interest: What kind of information are we talking about?
Tax numbers, bank accounts?

[...]

> I notice other governments around the world are using Drupal with great
> success and savings to citizens:
> http://buytaert.net/new-zealand-government-using-drupal

Seems like a showcase site only.

Cheers,
Gerhard
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFI4kdWfg6TFvELooQRArp1AKCdXFYZDMztJ7wrhhiOJOFG4q3/lACfbsXK
BX1vLaioeWG348yH/V/ufKs=
=yFhK
-----END PGP SIGNATURE-----