A number of personal data related regulations are in force in business world, such as GDPR by EU,  California Privacy Act, Health Insurance Portability and Accountability Act (HIPAA), Personal Data (Privacy) Ordinance in HK, and Network Security Law in Mainland, China. Does your organization has a robust management system in place to address such regulations?

Addressing such demands in the world, ISO  27701:2019 Privacy Information Management System (PIMS) Standard (with former standard number as ISO 27552) developed by Technical Committee ISO/IEC JTC 1/SC 27 has been published in Aug 2019. ISO 27701 is an extension to ISO 27001 and ISO 27002 for privacy information management.

The goal of ISO 27701 is to enhance the existing Information Security Management System (ISMS) with additional requirements in order to establish, implement, maintain, and continually improve a Privacy Information Management System (PIMS). The standard outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage privacy controls to reduce the risk to the privacy rights of individuals.

Click here to learn more about how you can benefit from the certification to ISO 27701:2019 and what supports DQS can offer.

Never be too late to prepare for business sustainability.

Be the first to know about standard development and training courses, follow DQS HK at Linkedin.

現在商業世界中已經有一系列的與個人資料相關的法規,例如歐盟的GDPR,加州隱私法,美國的健康保險隱私及責任法案(HIPAA),香港的個人資料(私隱)條例,以及中國大陸的網絡安全法。那麼, 貴組織是否有適當的管理系統來應對此類法規?

針對商界對私隱管理的需求, ISO/IEC JTC 1 / SC 27技術委員會現正開發ISO 27701:2019 私隱信息管理系統(PIMS)標準 (之前的標準編號爲ISO 27552) 已經在2019年8月發布。ISO 27701是ISO 27001和ISO 27002的擴展內容,用於私隱信息管理。

ISO 27701的目標是透過額外的要求來增強現有資訊安全管理體系(ISMS),以便建立、實施、維護和不斷改進私隱信息管理系統(PIMS)。該標準概述了適用於個人身份資訊(PII)控制者和PII處理者的框架,用於隱私控制管理,以降低對個人隱私權的各種風險。

點擊此處以了解如何從ISO 27701:2019認證中得益以及了解更多DQS可提供的技術援助。