ISO/IEC 15944-8:2026

Information technology — Business operational view — Part 8: Identification of privacy protection requirements as external constraints on business transactions

Scope

This document:

provides method(s) for identifying, in Open-edi modelling technologies and development of scenarios, the extra requirements in Business Operational View (BOV) specifications for identifying the additional external constraints to be applied to recorded information in business transactions relating to personal information of an individual, as required by legal and regulatory requirements of applicable jurisdictional domains having governance over the personal information exchanged among parties to a business transaction;
integrates existing normative elements in support of privacy protection requirements as are already identified in ISO/IEC 14662 and ISO/IEC 15944-1, ISO/IEC 15944-2, ISO/IEC 15944-4 and ISO/IEC 15944-5, which apply to information concerning identifiable living individuals as buyers in a business transaction or whose personal information is used in the business transaction;
provides overarching operational "best practice" statements for associated (and not necessarily automated) processes, procedures, practices and governance requirements that need to act in support of implementing and enforcing mechanisms needed to support privacy/data protection requirements necessary for the implementation in Open-edi transaction environments;
identifies and provides a sample scenario and implementation (use case) for one or more use cases of privacy/data protection in business transactions;
provides guidelines on the need for procedural mechanisms in the event that mandatory disclosure rules of transactional information that needs to be implemented.

This document does not specify the technical mechanisms needed to implement the Functional Services View. Detailed exclusions to the scope of this document are provided in Annex H.