UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

CEN - EN 17799

Personal data protection requirements for processing operations

active, Most Current
Organization: CEN
Publication Date: 1 October 2023
Status: active
Page Count: 28
ICS Code (Product and company certification. Conformity assessment): 03.120.20
ICS Code (Law. Administration): 03.160
scope:

This document specifies baseline requirements intended to support the data protection certification mechanism requested by Article 42 of the GDPR to demonstrate compliance in accordance with EN ISO/IEC 17065.

It does not however apply to products or management systems destined for processing personal data.

This document is applicable to all organizations which, as personal data controllers and/or processors, process personal data, and its objective is to provide a set of requirements supporting such organizations in demonstrating compliance with the EU personal data protection normative framework

This document is applicable to all of an organization's processing activities or to a specific subset of these if such a decision does not involve failure to conform with the EU personal data protection normative framework.

This document also provides indications for conformity assessment with the aforementioned requirements.

Document History

EN 17799
October 1, 2023
Personal data protection requirements for processing operations
This document specifies baseline requirements intended to support the data protection certification mechanism requested by Article 42 of the GDPR to demonstrate compliance in accordance with EN...

References

This document references:
EN 17740 - Requirements for professional profiles related to personal data processing and protection
Published by CEN on October 1, 2023
This document specifies the requirements related to the professional activity of persons active in the processing and protection of personal data, namely the intellectual profession that is pursued...
This document references:
EEC/2016/679 - REGULATIONS OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
Published by EU/EC on April 27, 2016
A description is not available for this item.
This document references:
EEC/95/46 - DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of individuals with regard to the processing of personal data and on the free movement of such data
Published by EEC on November 20, 2003
A description is not available for this item.
This document references:
TR 31700-2 - Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases
Published by ISO on January 1, 2023
This document provides illustrative use cases, with associated analysis, chosen to assist in understanding the requirements of 31700-1. The intended audience includes engineers and practitioners who...
This document references:
ISO/IEC 27555 - Information security, cybersecurity and privacy protection — Guidelines on personally identifiable information deletion
Published by ISO on October 1, 2021
This document contains guidelines for developing and establishing policies and procedures for deletion of personally identifiable information (PII) in organizations by specifying: — a harmonized...
View Less
View All
Advertisement