Data Privacy Standards

Data privacy standards featured on this post:

  • ISO/IEC 27701
  • ISO/IEC 27018
  • GAPP
  • OECD Privacy Standards

ISO/IEC DIS 27701

ISO/IEC 27701 is an extension to ISO/IEC 27001 and 27002 (both about creating and maintaining an ISMS) that focuses on privacy.

Version history:

  • ISO/IEC DIS 27701
  • ISO/IEC 27701:2019

ISO/IEC DIS 27018

ISO/IEC DIS 27018 is specific to protect privacy in cloud environments.

You can read more about it on this post about cloud security.

GAPP

Generally Accepted Privacy Principles (GAPP) is a joint effort of the accounting organizations American Institute of Certified Public Accountants (AICPA) and Canadian Institute of Chartered Accountants (CICA).

Do not confuse GAPP with Generally Accepted Accounting Practices (GAAP), also published by AICPA and CICA.

GAPP principles are:

  1. Management
  2. Notice
  3. Choice and Consent
  4. Collection
  5. Use, Retention and Disposal
  6. Access
  7. Disclosure to Third Parties
  8. Security for Privacy
  9. Quality
  10. Monitoring and Enforcement

OECD Privacy Guidelines

OECD Privacy Guidelines were first published in 1980 and updated in 2013.

OECD Privacy Guidelines

You might also be interested in…

Leave a Reply

Your email address will not be published. Required fields are marked *