🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BSI 21/30434316 DC:2021 Edition

BSI 21/30434316 DC:2021 Edition

$13.70

BS EN 17799. Personal data protection requirements for processing operations

Published By Publication Date Number of Pages
BSI 2021 28
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Categories: ,

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This document specifies baseline requirements for demonstrating processing activities compliance with the European personal data protection normative framework in accordance with EN ISO/IEC 17065. It does not however apply to products or management systems destined for processing personal data. This document is applicable to all organizations which, as personal data controllers and/or processors, process personal data, and its objective is to provide a set of requirements enabling such organizations to conform effectively with the European personal data protection normative framework. An organization can decide that the standard is applicable only to a specific subset of its processing activities if such a decision does not involve failure to conform with the European personal data protection normative framework. This document also provides indications for conformity assessment with the aforementioned requirements.

PDF Catalog

PDF Pages PDF Title
1 30434316-NC
30434316
2 DPCp2
3 JTC13_JT013033_enq1e
8 1 Scope
2 Normative references
3 Terms and definitions
10 4 Overview
5 Planning
5.1 General
5.2 Understanding the needs and expectations of interested parties
11 5.3 Scope of personal data processing activities
5.3.1 General
5.3.2 Records of data processing activities
5.3.3 Identification of the legal basis
12 5.3.4 Data minimization
5.3.5 Storage of data
13 5.4 Policy for personal data protection
5.5 Roles and responsibilities
5.5.1 General
14 5.5.2 Internal roles
5.5.2.1 Data protection manager
5.5.2.2 Data protection officer
15 5.5.2.3 Persons authorized to process personal data
5.5.3 External roles
5.5.3.1 Processors
5.6 Risk management
5.6.1 General
5.6.2 Data protection risk assessment and impact analysis
17 5.6.3 Evaluation of the impact on data protection
5.6.4 Risk treatment and treatment plan
5.7 Personal data protection by design and by default
18 6 Operational activities
6.1 General
6.2 Data protection notices and consent
6.2.1 Data protection notices
6.2.2 Consent
19 6.3 Update of roles
6.4 Personal data protection
6.4.1 Erasure of data
6.4.2 Implementation and maintenance of security measures
20 6.4.3 Management of personal data breaches
21 6.5 Data subjects’ requests for the application of their rights
6.5.1 General
6.5.2 Data access
6.5.3 Correction
22 6.5.4 Erasure
6.5.5 Restriction of processing
6.5.6 Data portability
6.5.7 Objections
23 6.5.8 Automated decisions, including profiling
6.5.9 Complaints and appeals
6.6 Training and awareness
7 Control
7.1 General
7.2 Internal audits
24 7.3 Periodical report
25 7.4 Nonconformities and corrective actions
26 Annex A (informative)Controllers and processors requirements mapping

Related products

BSI 21/30434316 DC
$13.70