scope:

This European Standard has been prepared as part of the EU RFID Mandate M/436. It is based on the Privacy and Data Protection Impact Assessment Framework for RFID Applications, which was developed by industry, in collaboration with the civil society, endorsed by Article 29, Data Protection Working Party, and signed by all key stakeholders, including the European Commission, in 2011. It defines aspects of that framework as normative or informative procedures to enable a common European method for undertaking an RFID PIA. It provides a standardized set of procedures for developing PIA templates, including tools compatible with the RFID PIA methodology. In addition, it identifies the conditions that require an existing PIA to be revised, amended, or replaced by a new assessment process.