ISO/IEC 29100:2011(E) lnformation technology -Security techniques-Privacy framework
1scope
This lnternational Standard provides a privacy framework which
- specifies a common privacy terminology;
defines the actors and their roles in processing personally identifiable information (PIl);- describes privacy safeguarding considerations: and
provides references to known privacy principles for information technology.
This International Standard is applicable to natural persons and organizations involved in specifying,procuring,architecting,designing,developing,testing,maintaining,administering,and operatinginformation and communication technology systems or services where privacy controls are requiredfor the processing of PII.
Terms and definitions
For the purposes of this document, the following terms and definitions apply.
NOTEin order to make it easier to use the IiSonIEC 27000 family of international Standards in the specific context ofprivacy and to integrate privacy concepts in the lSO/IEc 27000 context,the table in Annex A provides the lSOlIEc 27000concepts that correspond with the lSOlIEC 29100 concepts used in this International Standard.
2.1
anonymity
characteristic of information that does not permit a personally identifiable information principal to beidentified directly or indirectly
2.2
anonymization
process by which personally identifiable information(PIl) is irreversibly altered in such a way that aPll principal can no longer be identified directly or indirectly, either by the Pll controller alone or incollaboration with any other party文章源自标准下载网-https://www.biao-zhun.cn/118692.html
ISO/IEC 29100:2011(E) lnformation technology -Security techniques-Privacy framework
