ДСТУ EN 17529:2022 Захист даних і конфіденційність за проєктом і за замовчуванням (EN 17529:2022, IDT)

ДСТУ EN 17529:2022
(EN 17529:2022, IDT)

Захист даних і конфіденційність за проєктом і за замовчуванням

 
   
 
Не є офіційним виданням.
Офіційне видання розповсюджує національний орган стандартизації
(ДП «УкрНДНЦ» http://uas.gov.ua)

Contents

European foreword

Introduction

1 Scope

2 Normative references

3 Terms, definitions and abbreviations

3.1 Terms and definitions

3.2 Abbreviated terms

4 General

4.1 Preparing the grounds for data protection and privacy by design and by default

4.2 Structure for disassembling product and service into applicable categories

4.3 Self-declaration and levels of achievement

5 Privacy-aware development of products and services

5.1 Leadership and market intelligence

5.2 Preparation

5.3 Design

5.4 Performance evaluation

5.5 Improvement

6 Data protection capability requirements on the design of products and services

6.1 Access

6.2 Accountability

6.3 Accuracy

6.4 Data de-identification

6.5 Data minimization

6.6 Data portability

6.7 Confidentiality

6.8 Erasure

6.9 Consent and Children

6.10 Information security

6.11 Lawfulness

6.12 Objection to processing

6.13 Automated decision making

6.14 Restriction of processing

6.15 Storage limitation

6.16 Transparency

7 Requirements to the self-declaration of privacy-aware design

7.1 Process requirements

7.2 Self-declaration statement

Annex A (informative) Applicability mapping between Clause 6 requirements and perspectives or elements

Annex В (informative) Approach for a specification

Annex C (informative) Guidelines related to EN ISO 9001

Annex ZA (informative) Relationship between this European Standard and the data protection by design and by default requirements of Regulation EU 2016/679 aimed to be covered

Bibliography