prEN ISO/IEC 27555

Information security, cybersecurity and privacy protection - Guidelines on personally identifiable information deletion (ISO/IEC 27555:2021) prEN ISO/IEC 27555

General information

40.20 DIS ballot initiated: 12 weeks   Nov 14, 2024

CEN/CENELEC

CEN/CLC/JTC 13 Cybersecurity and Data Protection

European Norm

35.030   IT Security

Scope

The standard contains guidelines for developing and establishing policies and procedures for deletion
of PII in organizations by specifying:
— a harmonized terminology for PII deletion;
— an approach for defining deletion rules in an efficient way;
— a description of required documentation; and
— a broad definition of roles, responsibilities and processes.
This document is intended to be used by organizations where PII are stored or processed.
This document does not address:
— specific legal provision, as given by national law or specified in contracts;
— specific deletion rules for particular clusters of PII as are to be defined by PII controllers for
— processing PII;
— deletion mechanisms;
— reliability, security and suitability of deletion mechanisms;
— specific techniques for de-identification of data.

Related legislation

Legislation related to this standard

2016/679

Life cycle

NOW

IN_DEVELOPMENT
prEN ISO/IEC 27555
40.20 DIS ballot initiated: 12 weeks
Nov 14, 2024

Relations

Adopted from ISO/IEC 27555:2021 IDENTICAL