BS ISO/IEC 27555:2021

This standard BS ISO/IEC 27555:2021 Information security, cybersecurity and privacy protection. Guidelines on personally identifiable information deletion is classified in these ICS categories:

• 35.030 IT Security

This document contains guidelines for developing and establishing policies and procedures for deletion of personally identifiable information (PII) in organizations by specifying:

• a harmonized terminology for PII deletion;

• an approach for defining deletion rules in an efficient way;

• a description of required documentation;

• a broad definition of roles, responsibilities and processes.

This document is intended to be used by organizations where PII is stored or processed.

This document does not address:

• specific legal provision, as given by national law or specified in contracts;

• specific deletion rules for particular clusters of PII that are defined by PII controllers for processing PII;

• deletion mechanisms;

• reliability, security and suitability of deletion mechanisms;

• specific techniques for de-identification of data.