ISO/IEC DIS 27555

Information security, cybersecurity and privacy protection — Guidelines on personally identifiable information deletion

General information

Current stage: 40.20 Effective date: May 29, 2026

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 27

Type: International Standard

ICS: 35.030

Buying

Уколико желите да набавите овај документ обратите се на следећу адресу: prodaja@iss.rs

Scope

This document contains guidelines for developing and establishing policies and procedures for deletion of personally identifiable information (PII) in organizations by specifying:
—    a harmonized terminology for PII deletion;
—    an approach for defining deletion rules in an efficient way;
—    a description of required documentation;
—    a broad definition of roles, responsibilities and processes.
This document is intended to be used by organizations where PII is stored or processed.
This document does not address:
—    specific legal provision, as given by national law or specified in contracts;
—    specific deletion rules for particular clusters of PII that are defined by PII controllers for processing PII;
—    deletion mechanisms;
—    reliability, security and suitability of deletion mechanisms;
—    specific techniques for de-identification of data.

Life cycle

PREVIOUSLY

PUBLISHED
ISO/IEC 27555:2021

NOW

PROJECT
ISO/IEC DIS 27555
40.20 DIS ballot initiated: 12 weeks
May 29, 2026

National adoptions

naSRPS EN ISO/IEC 27555:2026

ISS

Information security, cybersecurity and privacy protection - Guidelines on personally identifiable information deletion (ISO/IEC DIS 27555:2026)

40.20 DIS ballot initiated: 12 weeks

I224 more

Preview

To view the full content, you need to register or to log in to your account by clicking on the "Log in" button