60.60 Standard published Oct 8, 2021
ISO/IEC
ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
International Standard
35.030 IT Security
Published
This document contains guidelines for developing and establishing policies and procedures for deletion of personally identifiable information (PII) in organizations by specifying:
— a harmonized terminology for PII deletion;
— an approach for defining deletion rules in an efficient way;
— a description of required documentation;
— a broad definition of roles, responsibilities and processes.
This document is intended to be used by organizations where PII is stored or processed.
This document does not address:
— specific legal provision, as given by national law or specified in contracts;
— specific deletion rules for particular clusters of PII that are defined by PII controllers for processing PII;
— deletion mechanisms;
— reliability, security and suitability of deletion mechanisms;
— specific techniques for de-identification of data.
PUBLISHED
ISO/IEC 27555:2021
60.60
Standard published
Oct 8, 2021