40.20 DIS ballot initiated: 12 weeks Nov 14, 2024
CEN/CENELEC
CEN/CLC/JTC 13 Cybersecurity and Data Protection
European Norm
35.030 IT Security
Draft
The standard contains guidelines for developing and establishing policies and procedures for deletion
of PII in organizations by specifying:
— a harmonized terminology for PII deletion;
— an approach for defining deletion rules in an efficient way;
— a description of required documentation; and
— a broad definition of roles, responsibilities and processes.
This document is intended to be used by organizations where PII are stored or processed.
This document does not address:
— specific legal provision, as given by national law or specified in contracts;
— specific deletion rules for particular clusters of PII as are to be defined by PII controllers for
— processing PII;
— deletion mechanisms;
— reliability, security and suitability of deletion mechanisms;
— specific techniques for de-identification of data.
Legislation related to this standard
IN_DEVELOPMENT
prEN ISO/IEC 27555
40.20
DIS ballot initiated: 12 weeks
Nov 14, 2024
