iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
CEN

EN 17799:2023

(Main)

Personal data protection requirements for processing operations

Personal data protection requirements for processing operations

This document specifies baseline requirements for demonstrating processing activities compliance with the European personal data protection normative framework in accordance with EN ISO/IEC 17065. It does not however apply to products or management systems destined for processing personal data.
This document is applicable to all organizations which, as personal data controllers and/or processors, process personal data, and its objective is to provide a set of requirements enabling such organizations to conform effectively with the European personal data protection normative framework.
An organization can decide that the standard is applicable only to a specific subset of its processing activities if such a decision does not involve failure to conform with the European personal data protection normative framework.
This document also provides indications for conformity assessment with the aforementioned requirements.

Anforderungen an den Datenschutz bei Verarbeitungsvorgängen

Dieses Dokument legt die grundlegenden Anforderungen für den Nachweis fest, dass die Verarbeitungs¬tätigkeiten dem europäischen normativen Bezugsrahmen für den Schutz personenbezogener Daten in Über¬einstimmung mit EN ISO/IEC 17065 entsprechen. Es gilt jedoch nicht für Produkte oder Management¬systeme, die für die Verarbeitung personenbezogener Daten vorgesehen sind.
Dieses Dokument gilt für alle Organisationen, die – als für die Datenverarbeitung Verantwortliche („Verantwortlicher“) und/oder Auftragsverarbeiter – personenbezogene Daten verarbeiten, und sein Ziel ist es, eine Reihe von Anforderungen bereitzustellen, die es diesen Organisationen ermöglichen, sich wirksam an den europäischen normativen Bezugsrahmen für den Schutz personenbezogener Daten anzupassen.
Eine Organisation kann beschließen, dass die Norm nur auf eine bestimmte Untergruppe ihrer Verarbei¬tungstätigkeiten anwendbar ist, wenn eine solche Entscheidung nicht die Nichteinhaltung des normativen europäischen Bezugsrahmens für den Schutz personenbezogener Daten beinhaltet.
Dieses Dokument enthält auch Angaben für die Bewertung der Konformität mit den vorgenannten Anforderungen.

Exigences de protection des données à caractère personnel pour les opérations de traitement

Le présent document spécifie des exigences de base pour démontrer la conformité des activités de traitement au cadre normatif européen de protection des données à caractère personnel, conformément à l'EN ISO/IEC 17065. Il ne s'applique cependant pas aux produits ou systèmes de management destinés au traitement des données à caractère personnel.
Le présent document est applicable à tous les organismes qui, en tant que responsables de traitement et/ou sous-traitants, traitent des données à caractère personnel, et son objectif est de fournir un ensemble d'exigences permettant à ces organismes de se conformer efficacement au cadre normatif européen de protection des données à caractère personnel.
Un organisme peut décider que la norme n'est applicable qu'à un sous-ensemble spécifique de ses activités de traitement si une telle décision n'implique pas une non-conformité avec le cadre normatif européen de protection des données à caractère personnel.
Le présent document fournit également des indications pour l'évaluation de la conformité avec les exigences susmentionnées.

Zahteve za varstvo osebnih podatkov za postopke obdelave

General Information

Status
Published
Publication Date
24-Oct-2023
ICS
03.120.20 - Product and company certification. Conformity assessment
03.160 - Law. Administration
Technical Committee
CEN/CLC/TC 13 - Cybersecurity and Data Protection
Drafting Committee
CEN/CLC/JTC 13/WG 5 - Data Protection, Privacy and Identity Management
Current Stage
6060 - Definitive text made available (DAV) - Publishing
Start Date
25-Oct-2023
Due Date
11-Jul-2022
Completion Date
25-Oct-2023
Ref Project
SIST EN 17799:2024 - Personal data protection requirements for processing operations

Buy Standard

EN 17799:2024EN 17799:2024
PreviousNext
Standard
EN 17799:2024
English language
25 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 17799:2024
01-april-2024
Zahteve za varstvo osebnih podatkov za postopke obdelave
Personal data protection requirements for processing operations
Anforderungen an den Datenschutz bei Verarbeitungsvorgängen
Exigences de protection des données à caractère personnel pour les opérations de
traitement
Ta slovenski standard je istoveten z: EN 17799:2023
ICS:
03.160 Pravo. Uprava Law. Administration
35.020 Informacijska tehnika in Information technology (IT) in
tehnologija na splošno general
SIST EN 17799:2024 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 17799:2024

---------------------- Page: 2 ----------------------
SIST EN 17799:2024


EUROPEAN STANDARD EN 17799

NORME EUROPÉENNE

EUROPÄISCHE NORM
October 2023
ICS 03.120.20; 03.160

English version

Personal data protection requirements for processing
operations
Exigences de protection des données à caractère Anforderungen an den Datenschutz bei
personnel pour les opérations de traitement Verarbeitungsvorgängen
This European Standard was approved by CEN on 4 September 2023.

CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for
giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical
references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to
any CEN and CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN and CENELEC member into its own language and notified to the CEN-CENELEC
Management Centre has the same status as the official versions.

CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium,
Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and United Kingdom.






















CEN-CENELEC Management Centre:
Rue de la Science 23, B-1040 Brussels
© 2023 CEN/CENELEC All rights of exploitation in any form and by any means
Ref. No. EN 17799:2023 E
reserved worldwide for CEN national Members and for
CENELEC Members.

---------------------- Page: 3 ----------------------
SIST EN 17799:2024
EN 17799:2023 (E)
Contents Page
European foreword . 4
Introduction . 5
1 Scope . 6
2 Normative references . 6
3 Terms and definitions . 6
4 Overview . 7
5 Planning . 7
5.1 General. 7
5.2 Understanding the needs and expectations of interested parties . 7
5.3 Scope of personal data processing activities . 7
5.3.1 General. 7
5.3.2 Records of data processing activities . 8
5.3.3 Identification of the legal basis . 8
5.3.4 Data minimization . 9
5.3.5 Retention periods .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
EN ISO 16739-1:2024(Main)
Industry Foundation Classes (IFC) for data sharing in the construction and facility management industries - Part 1: Data schema (ISO 16739-1:2024)
kSIST FprEN ISO 16739-1:2024

This document represents an open international standard for information used in Building Information Modeling (BIM) that is exchanged and shared among software applications used by the various participants in the construction or facility management industry sector. This document includes definitions that cover information required for buildings and infrastructure works over their life cycle. This edition of the document added coverage of information required for infrastructure facilities including bridges, roads, railways, waterways and port facilities.
This document comprises the publication of a data schema, its documentation, the property and quantity set definitions and the mechanism of an exchange file format structure.
Definitions from this document are used to support different recognized work flows in the construction and facility management industry sector, representing information deliveries. Such information deliveries can be described according to ISO 29481.
Different implementation levels of this document can be defined to better support multiple information deliveries, they are referred to as a Model View Definition (MVD). Each MVD identifies which subset of the definitions of this document imposes requirements for implementation in software applications. Conforming software applications need to identify the model view definition they conform to when applying for software certification.
The following are within the scope of this edition of this document:
BIM exchange format definitions that are required during the life cycle phases of buildings and infrastructure:
demonstrating the need;
conception of need;
outline feasibility;
substantive feasibility study and outline financial authority;
outline conceptual design;
full conceptual design;
coordinated design;
procurement and full financial authority;
production information;
construction;
operation and maintenance.
BIM exchange format definitions that are required by the various disciplines involved within the life cycle phases:
architecture and civil engineering design;
service and utilities engineering;
structural engineering;
procurement;
construction planning;
facility and utility management;
project management;
client requirement management;
industry authorities for permits and approval.
BIM exchange format definitions including:
project structure;
physical components;
spatial components;
analysis items;
processes;
resources;
controls;
actors;
context definition.

  • Draft
    406 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 17294-1:2024(Main)
Water quality - Application of inductively coupled plasma mass spectrometry (ICP-MS) - Part 1: General requirements (ISO 17294-1:2024)
kSIST FprEN ISO 17294-1:2023

This document specifies the principles of inductively coupled plasma mass spectrometry (ICP-MS) and provides general requirements for the use of this technique to determine elements in water, digests of sludges and sediments (e.g. digests of water as described in ISO 15587-1 or ISO 15587-2). Generally, the measurement is carried out in water, but gases, vapours or fine particulate matter can be introduced too. This document applies to the use of ICP-MS for aqueous solution analysis.
The ultimate determination of the elements is described in a separate International Standard for each series of elements and matrix. The individual clauses of this document refer the user to these guidelines for the basic principles of the method and the configuration of the instrument.

  • Draft
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 22435:2024(Main)
Gas cylinders - Cylinder valves with integrated pressure regulators - Specification and type testing (ISO 22435:2024)
kSIST FprEN ISO 22435:2024

This document specifies design, type test methods, marking and instruction requirements for cylinder valves with integrated pressure regulators (VIPRs) intended to be fitted to gas cylinders, pressure drums or tubes or used as a main valve for bundles of cylinders that convey compressed, liquefied or dissolved gases.
These are requirements for VIPRs that are in addition to those given in the relevant closure standard, for example, in ISO 10297 for cylinder valves, in ISO 17871 for quick-release cylinder valves, in ISO 17879 for self-closing cylinder valves or in ISO 23826 for ball valves. For ISO 17871, these requirements are only applicable to quick-release cylinder valves types B, C, D and E.
NOTE 1        If the pressure regulating system of a VIPR is acting as the primary valve operating mechanism, it is covered by the relevant closure standard, e.g. ISO 10297, ISO 17871, ISO 17879 and ISO 23826. This also includes designs where closure of the primary valve operating mechanism of a VIPR is obtained by closing the seat of the pressure regulating system.
NOTE 2        If the primary valve operating mechanism of a VIPR is located at the low-pressure side of the pressure regulating system, it is covered by the relevant closure standard, e.g. ISO 10297, ISO 17871, ISO 17879 and ISO 23826.
NOTE 3        The term “pressure receptacle” is used within this document to cover instances where no differentiation is necessary between gas cylinders, bundles of cylinders, pressure drums and tubes.
This document does not apply to VIPRs for
a)       medical applications (see ISO 10524-3);
b)       liquefied petroleum gas (LPG);
c)        cryogenic applications.
NOTE 4        Additional requirements for a VIPR with a residual pressure device (RPD) are specified in ISO 15996.
NOTE 5        Additional requirements for pressure relief valves can exist in international/regional regulations/ standards.

  • Draft
    39 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 683-2:2024(Main)
Aluminium and aluminium alloys - Finstock - Part 2: Mechanical properties
kSIST FprEN 683-2:2024

This document specifies the mechanical properties of wrought aluminium and wrought aluminium alloy finstock.
The chemical composition limits of these materials are specified in EN 573 3, unless otherwise agreed between supplier and purchaser.
The designations of wrought aluminium and wrought aluminium alloys and the temper designations used in this document are specified in EN 573 3, and the temper designations are defined in EN 515.

  • Draft
    12 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 81060-2:2019/A2:2024(Amendment)
Non-invasive sphygmomanometers - Part 2: Clinical investigation of intermittent automated measurement type - Amendment 2 (ISO 81060-2:2018/Amd 2:2024)
SIST EN ISO 81060-2:2020/A2:2024
  • Draft
    7 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 16783:2024(Main)
Thermal insulation products - Environmental Product Declarations (EPD) - Product Category Rules (PCR) complementary to EN 15804 for factory made and in-situ formed products
kSIST FprEN 16783:2024

This document provides the product category rules (PCR) for Type III environmental declarations (as in EN 15804:2012+A2:20191) for factory made and in situ thermal insulation products.
Complementary to EN 15804:2012+A2:20191, the PCR described in this document:
-   specify the declared unit to be used;
-   define the system boundaries for thermal insulation products;
-   specify/describe the default scenarios and rules for defining scenarios for certain life cycle information modules.
These PCR are intended to be used for cradle to gate, cradle to gate with options or cradle to grave assessment, provided the intention is properly stated in the system boundary description.

  • Draft
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 16021:2024(Main)
Absorbent incontinence products for urine and/or faeces - Basic principles for evaluation of single-use adult products from the perspective of users and caregivers (ISO 16021:2024)
SIST EN ISO 16021:2024

This document provides guidelines and requirements for designing and conducting an evaluation of single-use adult incontinence absorbing products. It provides guidelines and requirements on creating data collection tools. In particular, it provides a framework for eliciting and recording the views of users and their carers on the acceptability of products. In addition, a product diary is described which can help to quantify some parameters of product use, such as wear times, the mass of urine absorbed by the product and the severity of any leakage from it.
This document does not cover direct comparison between products based on statistical parameters, neither does it provide guidelines on measuring the clinical efficacy of products; that is available in ISO 14155.

  • Draft
    15 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 2620:2024(Main)
Analysis of natural gas - Biomethane - Determination of VOCs by thermal desorption gas chromatography with flame ionization and/or mass spectrometry detectors (ISO 2620:2024)
kSIST FprEN ISO 2620:2024

This document describes a method for sampling and analysis of volatile organic compounds (VOCs), including siloxanes, terpenes, organic sulfur compounds, in natural gas and biomethane matrices, using thermal desorption gas chromatography with flame ionization and/or mass spectrometry detectors (TD-GC-FID/MS).

  • Draft
    13 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 7029:2017/A1:2024(Amendment)
Acoustics - Statistical distribution of hearing thresholds related to age and gender - Amendment 1: Correction of parameter values for estimating the hearing threshold distribution (ISO 7029:2017/Amd 1:2024)
SIST EN ISO 7029:2017/oprA1:2023
  • Draft
    6 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 18134-2:2024(Main)
Solid biofuels - Determination of moisture content - Part 2: Simplified method (ISO 18134‑2:2024)
kSIST FprEN ISO 18134-2:2024

This document specifies a method of determining the moisture content of a test sample of solid biofuels by drying in an oven and is used when the highest precision is not needed, e.g. for routine production control on site. The method described in this document is applicable to all solid biofuels. The moisture content of solid biofuels (as received) is always reported based on the total mass of the test sample (wet basis).
NOTE            Biomass materials can contain small amounts of volatile organic compounds (VOC) which can evaporate when determining moisture content by oven drying (see References [1] and [2]). The release of such compounds is quite small relative to the overall moisture content as determined by this method and is disregarded in this document.

  • Draft
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day