šŸ”„šŸ”„ Donā€™t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

šŸ”
BS ISO/IEC 27555:2021

BS ISO/IEC 27555:2021

$167.15

Information security, cybersecurity and privacy protection. Guidelines on personally identifiable information deletion

Published By Publication Date Number of Pages
BSI 2021 34
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. Weā€™re here to assist you 24/7.
Email:[email protected]

This document contains guidelines for developing and establishing policies and procedures for deletion of personally identifiable information (PII) in organizations by specifying:

  • a harmonized terminology for PII deletion;

  • an approach for defining deletion rules in an efficient way;

  • a description of required documentation;

  • a broad definition of roles, responsibilities and processes.

This document is intended to be used by organizations where PII is stored or processed.

This document does not address:

  • specific legal provision, as given by national law or specified in contracts;

  • specific deletion rules for particular clusters of PII that are defined by PII controllers for processing PII;

  • deletion mechanisms;

  • reliability, security and suitability of deletion mechanisms;

  • specific techniques for de-identification of data.

PDF Catalog

PDF Pages PDF Title
2 National foreword
7 Foreword
8 Introduction
9 1 Scope
2 Normative references
3 Terms and definitions
11 4 Symbols and abbreviated terms
5 Framework for deletion
5.1 General
12 5.2 Constraints
5.3 Clusters of PII
13 5.4 Retention period and regular deletion period
5.4.1 Retention period
5.4.2 Regular deletion period
14 5.4.3 Allocation of clusters of PII
5.5 Archives and backup copies
5.6 Standard deletion periods, starting points, deletion rules and deletion classes
15 5.7 Special situations
5.8 Documentation of policies and procedures
16 6 Clusters of PII
6.1 General
17 6.2 Identification
6.3 Documentation
18 7 Specification of deletion periods
7.1 Standard and regular deletion periods
7.2 Regular deletion period specifications
19 7.3 Standard deletion period identification
20 7.4 Deletion period specifications for special situations
7.4.1 General
7.4.2 Modification of data objects
7.4.3 Need to extend period of active use
21 7.4.4 Suspension of the deletion
7.4.5 Backup copies
22 8 Deletion classes
8.1 Abstract starting points ā€” abstract deletion rules
8.2 Matrix of deletion classes
23 8.3 Allocation of deletion classes and definition of deletion rules
24 9 Requirements for implementation
9.1 General
26 9.2 Conditions for starting points outside IT systems
9.3 Requirements for implementation for organization-wide aspects
9.3.1 General
9.3.2 Backup
27 9.3.3 Logs
9.3.4 Transmission systems
9.3.5 Repair, dismantling and disposal of systems and components
9.3.6 Everyday business life
28 9.4 Requirements for implementation for individual IT systems
29 9.5 Deletion in regular manual processes
9.6 Requirements for implementation for PII processor
9.7 Control deletion in special cases
9.7.1 Exception management
30 9.7.2 Further sets of PII
10 Responsibilities
10.1 General
31 10.2 Documentation
32 10.3 Implementation
33 Bibliography

Related products

BS ISO/IEC 27555:2021
$167.15