ISO/IEC 27001 : 2022 附录 A 5.34 PII隐私保护
PII is any data which can be used to identify an individual.
PII 是可用于识别个人身份的任何数据。
Examples include: 示例包括:
Driver’s licence. 驾照。
Financial information, including bank accounts.
财务信息,包括银行账户。
Medical records. 病案。
Address. 地址。
National Insurance Number or Social Security Number.
国民保险号码或社会安全号码。
PII is a fundamental element of an organisation’s data oversight plan and brings with it an array of distinct regulatory, legislative, and contractual dangers.
PII 是组织数据监督计划的基本要素,并带来了一系列明显的监管、立法和合同风险。
ISO 27001:2022 Annex A 5.34 covers the protection of Personally Identifiable Information (PII) in three distinct areas:
ISO 27001:2022 附录 A 5.34 涵盖了三个不同领域的个人身份信息 (PII) 保护:
Privacy. 隐私。
Protection. 保护。
Preservation. 保存。
Purpose of ISO 27001:2022 Annex A 5.34
ISO 27001:2022 附录 A 5.34 的目的
ISO 27001:2022 Annex A 5.34 is a preventive measure that helps keep risk at bay, through the production of guidelines and procedures that meet the legal, statutory, regulatory and contractual obligations of an organisation with respect to the storage, privacy and protection of Personal Identifiable Information (PII) in all its forms.
ISO 27001:2022 附录 A 5.34 是一项预防措施,通过制定符合组织在存储、隐私和保护各种形式的个人身份信息 (PII) 方面的法律、法定、监管和合同义务的指南和程序,帮助降低风险。
