ISO/IEC 27701:2019: An introduction to privacy information management

CHAPTER 4: LEGAL, REGULATORY AND CONTRACTUAL REQUIREMENTS AND BUSINESS RISK

As noted above, the processing of personal information is covered in most countries by legislation and/or regulations. Hence, any processing needs to be carried out within the local rules. Further, where the organisation is acting as a data processor, contractual requirements will be in place that dictate how the organisation is to act to ensure that the local rules are not compromised.

Thus, the specific requirements of a privacy information management system (PIMS) need to be determined in light of the appropriate local rules and contractual requirements. These requirements will need to be devised by the organisation, using whatever resources are available. This could ...

Get ISO/IEC 27701:2019: An introduction to privacy information management now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISO/IEC 27701:2019: An introduction to privacy information management by Alan Shipman, Steve Watkins

CHAPTER 4: LEGAL, REGULATORY AND CONTRACTUAL REQUIREMENTS AND BUSINESS RISK

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly