Privacy enhancing data de-identification terminology and classification of techniques
This document provides a description of privacy-enhancing data de-identification techniques, to be used to describe and design de-identification measures in accordance with the privacy principles in ISO/IEC 29100.
In particular, this document specifies terminology, a classification of de-identification techniques according to their characteristics, and their applicability for reducing the risk of…
Privacy enhancing data de-identification terminology and classification of techniques
This document provides a description of privacy-enhancing data de-identification techniques, to be used to describe and design de-identification measures in accordance with the privacy principles in ISO/IEC 29100.
In particular, this document specifies terminology, a classification of de-identification techniques according to their characteristics, and their applicability for reducing the risk of…
Artificial intelligence (AI) is continuously making inroads into domains previously reserved to humans. Robots support workers in the manufacturing sector; digital assistants automate office tasks; intelligent appliances order food based on owners’ preferences or control lighting and temperature in the home in preparation of their arrival. Increasingly sophisticated algorithms have the potential…
Information technology — Security techniques — Guidelines for privacy impact assessment
1 Scope
This document gives guidelines for
— a process on privacy impact assessments, and
— a structure and content of a PIA report.
It is applicable to all types and sizes of organizations, including public companies, private companies, government entities and not-for-profit organizations.
This document is relevant to those involved in designing or implementing projects, including the…
Information technology — Governance of IT — Governance of data — Part 1: Application of ISO/IEC 3850...
1 Scope
This document provides guiding principles for members of governing bodies of organizations (which can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient, and acceptable use of data within their organizations by
— applying the governance principles and model of ISO/IEC 38500 to the governance of data,
— assuring stakeholders that, if the…
Biological evaluation of medical devices — Part 1: Evaluation and testing within a risk management p...
This document specifies:
— the general principles governing the biological evaluation of medical devices within a risk management process;
— the general categorization of medical devices based on the nature and duration of their contact with the body;
— the evaluation of existing relevant data from all sources;
— the identification of gaps in the available data…
Information technology — Security techniques — Testing cryptographic modules in their operational en...
This document provides recommendations and checklists which can be used to support the specification and operational testing of cryptographic modules in their operational environment within an organization's security system.
The cryptographic modules have four security levels which ISO/IEC 19790 defines to provide for a wide spectrum of data sensitivity (e.g. low-value administrative data,…
Information technology — Guidance for biometric enrolment
This document consolidates information relating to successful, secure and usable implementation of biometric enrolment processes, while indicating risk factors that organisations proposing to use biometric technologies will should address during procurement, design, deployment and operation. Much of the information is generic to many types of application, e.g. from national scale commercial and…
Information technology - Security techniques - Testing cryptographic modules in their operational en...
This document provides recommendations and checklists which can be used to support the specification and operational testing of cryptographic modules in their operational environment within an organization's security system.
The cryptographic modules have four security levels which ISO/IEC 19790 defines to provide for a wide spectrum of data sensitivity (e.g. low-value administrative data,…
Information technology - Guidance for biometric enrolment
This document consolidates information relating to successful, secure and usable implementation of biometric enrolment processes, while indicating risk factors that organisations proposing to use biometric technologies will should address during procurement, design, deployment and operation. Much of the information is generic to many types of application, e.g. from national scale commercial and…