Already a subscriber?
MADCAD.com Free Trial
Sign up for a 3 day free trial to explore the MADCAD.com interface, PLUS access the
2009 International Building Code to see how it all works.
If you like to setup a quick demo, let us know at support@madcad.com
or +1 800.798.9296 and we will be happy to schedule a webinar for you.
Security check
Please login to your personal account to use this feature.
Please login to your authorized staff account to use this feature.
Are you sure you want to empty the cart?
BS ISO/IEC 15944-12:2020 Information technology. Business operational view - Privacy protection requirements (PPR) on information life cycle management (ILCM) and EDI of personal information (PI), 2020
- undefined
- Foreword
- Introduction
- 1 Scope
- 2 Normative references
- 3 Terms and definitions
- 4 Abbreviated terms
- 5 Fundamental privacy protection principles
- 5.1 Overview
- 5.2 Primary sources of privacy protection principles
- 5.3 Key eleven (11) privacy protection principles
- 5.4 Link to “consumer protection” and “individual accessibility” requirements (see ISO/IEC 15944-8:2012, 6.3)
- 5.5 Privacy protection principles in the context of ILCM requirements
- 5.6 Requirement for tagging (or labelling) sets of personal information (SPIs) in support of privacy protection requirements (PPR) in accordance with ISO/IEC 15944-8:2012, 5.4
- 5.7 Requirements for making all personal information (PI) available to the buyer where the buyer is an individual
- 5.8 Rules governing ILCM aspects of personal information profiles (PIPs)
- 6 Integrated set of information life cycle management (ILCM) principles in support of information law and privacy protection requirements (PPR)
- 6.1 Primary purpose of Clause 6
- 6.2 Information life cycle management (ILCM) principles that support privacy protection requirements (PPR)
- 6.2.1 Compliance with privacy protection requirements (PPR) and associated information law requirements
- 6.2.2 Direct relevance, informed consent and openness
- 6.2.3 Ensuring that personal information is “under the control of” the organization throughout its ILCM
- 6.2.4 Limiting use, disclosure and retention
- 6.2.5 Timely, accurate, relevant
- 6.2.6 Data integrity and quality
- 6.2.7 Safeguards for non-authorized disclosure requirements
- 6.2.8 Back-up, retention and archiving
- 6.2.9 Disposition and expungement
- 6.2.10 Organizational archiving
- 6.2.11 Historical, statistical and/or research value
- 6.3 Requirement for tagging (or labelling) data elements in support of privacy protection requirements (PPR)
- 7 Rules governing ensuring accountability for and control of personal information (PI)
- 7.1 Purpose
- 7.2 Key aspects of Open-edi requirements
- 7.3 Key aspects of “under the control of”
- 7.4 “under the control of” in support of PPR and in an ILCM context
- 7.5 Implementing “under the control of” and accountability
- 8 Rules governing the specification of ILCM aspects of personal information
- 8.1 Overview
- 8.2 Rules governing establishing ILCM responsibilities for personal information (PI)
- 8.3 Rules governing establishing specifications for retention of personal information (PI) — applicable “SRI retention triggers”
- 8.4 Rules governing identification and specification of state changes of personal information (PI)
- 8.4.1 General requirements
- 8.4.2 Specification of state changes allowed to personal information (PI)
- 8.4.3 Specification of store change type
- 8.4.4 Rules governing specification of source of state changes
- 8.5 Rules governing disposition of personal information (PI)
- 8.6 Rules governing the establishment and maintenance of record retention and disposal schedules (RRDS) for sets of personal information (SPIs)
- 9 Data conversion, data migration and data synchronization
- 9.1 Purpose
- 9.2 Rules governing data conversion of set(s) of personal information (SPI)
- 9.3 Rules governing requirements for data synchronization of sets of personal information (SPI)
- 10 Rules governing EDI of personal information (PI) between primary ILCM Person, i.e., the seller, and its “agent”, “third party” and/or “regulator”
- 10.1 General requirements
- 10.2 ILCM rules pertaining to use of an “agent”
- 10.3 ILCM rules pertaining to use of a “third party”
- 10.4 ILCM rules pertaining to involvement of a “regulator”
- 11 Conformance statement
- 11.1 Overview
- 11.2 Conformance to the ISO/IEC 14662 Open-edi reference model and the ISO/IEC 15944 series
- 11.3 Conformance to ISO/IEC 15944-12
- 11.4 Conformance by agents and third parties to ISO/IEC 15944-12
- Annex A (normative) Consolidated list of terms and definitions with cultural adaptability: ISO English and ISO French language equivalency
- Annex B (normative) Consolidated set of rules in the ISO/IEC 15944 series of particular relevance to privacy protection requirements (PPR) as external constraints on business transactions which apply to personal information (PI) in an ILCM requirements c
- Annex C (informative) Business transaction model (BTM): Classes of constraints
- Annex D (informative) Linking ILCM to process phases of a business transaction
- Annex E (informative) Generic approach to ILCM decisions in a PPR context — ILCM compliance decision tree
- Annex F (informative) Generic approach to identification of properties and behaviours of personal information (PI) as transitory records and their disposition/expungement
- Annex G (informative) Notes on referential integrity and privacy protection transactional integrity (PPTI) in Open-edi among IT systems
- Annex H (informative) Exclusions to the scope of ISO/IEC 15944-12
- Annex I (informative) Aspects not currently addressed in this document
- Annex J (informative) List of parts of the ISO/IEC 15944 series
- Annex K (informative) Abstract of ISO/IEC 15944-12: ISO English, ISO French and ISO Chinese
- Bibliography [Go to Page]