Reference number of working document: ISO/IEC JTC001/SC32/WG 01 N0785
Date: 2015-01-30
Reference number of document: ISO/CD1594412
Committee identification: ISO/IEC JTC001/SC32/WG01
Secretariat: XXXX
Information technology— Business Operational View— Part12: Privacy protection requirements on information life cycle management (ILCM) and EDI of personal information
Document type: International standard
Document subtype: if applicable
Document stage: (20) Preparation
Document language: E
Technologies de l'information — Vue opérationnelle d'affaires — Partie 12: Exigences en matière de protection de la vie privée relatives à la gestion du cycle de vie de l’information (ILCM) et de l'EDI des renseignements personnels
Warning
This document is not an ISO International Standard. It is distributed for review and comment. It is subject to change without notice and may not be referred to as an International Standard.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to provide supporting documentation.
ISO/IEC 15944 CD15944-12
Copyright notice
This ISO document is a working draft or committee draft and is copyright-protected by ISO. While the reproduction of working drafts or committee drafts in any form for use by participants in the ISO standards development process is permitted without prior permission from ISO, neither this document nor any extract from it may be reproduced, stored or transmitted in any form for any other purpose without prior written permission from ISO.
Requests for permission to reproduce this document for the purpose of selling it should be addressed as shown below or to ISO’s member body in the country of the requester:
[Indicate :
the full address
telephone number
fax number
telex number
and electronic mail address
as appropriate, of the Copyright Manager of the ISO member body responsible for the secretariat of the TC or SC within the framework of which the draft has been prepared]
Reproduction for sales purposes may be subject to royalty payments or a licensing agreement.
Violators may be prosecuted.
Contents Page
Foreword viii
0 Introduction ix
0.1 Purpose and overview ix
0.2 Use of ISO/IEC 14662 “Open-edi Reference Model” and Business Operational View (BOV) perspective x
0.2.1 ISO/IEC14662 "Open-edi Reference Model" x
0.2.2 ISO/IEC15944-1 “Business Agreement Semantic Descriptive Techniques” (“Business Operational View (BOV”)) xi
0.2.3 Link to ISO/IEC 15944-5 and ISO/IEC 15944-8 xiii
0.3 Use of “Person”, “organization”, “individual” and “party” in the context of business transaction and commitment exchange xiii
0.4 Importance and role of terms and definitions xiv
0.5 Standard based on rules and guidelines xiv
0.6 Use of “identifier” (in a business transaction) and roles of an individual xv
0.7 Use of "jurisdictional domain" in the context of privacy protection and related ILCM requirements xv
0.8 Use of “privacy protection” in the context of business transaction and commitment exchange xv
0.9 Use of set of recorded information (SRI) and set of personal information (SPI) versus record, document, message, etc. xvi
0.10 Organization and description of this document xvi
1 Scope 1
1.1 Statement of scope 1
1.2 Exclusions 2
1.2.1 Functional Services View (FSV) 2
1.2.2 Internal behaviour of organizations (and public administration) 2
1.2.3 Overlap of and/or conflict among jurisdictional domains as sources of privacy protection requirements 2
1.2.4 Changes in jurisdictional domain of parties to a business transaction 3
1.2.5 Publicly available personal information 3
1.3 Aspects currently not addressed 4
1.4 IT-systems environment neutrality 6
2 Normative references 7
2.1 ISO/IEC, ISO and ITU 7
2.2 Referenced specifications 9
3 Terms and definitions 11
4 Symbols and abbreviations 45
5 Fundamental privacy protection principles 49
5.1 Introduction 50
5.2 Primary sources of privacy protection principles 50
5.3 Key eleven (11) privacy protection principles 51
5.4 Link to “consumer protection” and “individual accessibility” requirements 52
5.5 Privacy protection principles in the context of ILCM requirements 52
5.6 Requirement for tagging (or labelling) sets of personal information (SPIs) in support of privacy protection requirements 53
6 Integrated set of information life cycle management (ILCM) principles in support of information law and privacy protection requirements 55
6.1 Introduction – Primary purpose of Clause 6 55
6.2 Information life cycle management (ILCM) principles in support of privacy protection requirements 57
6.2.1 Compliance with privacy protection (and associated information law) requirements 57
6.2.2 Direct relevance, informed consent and openness 57
6.2.3 Ensuring that personal information is “under the control of” the organization throughout its ILCM 59
6.2.4 Limiting Use, Disclosure and Retention 59
6.2.5 Timely, accurate, relevant 62
6.2.6 Data integrity and quality 63
6.2.7 Safeguards for non-authorized disclosure requirements 64
6.2.8 Back-up, retention and archiving 65
6.2.9 Disposition and expungement 65
6.2.10 Organizational archiving 66
6.2.11 Historical, statistical and/or research value 66
6.3 Requirement for tagging (or labelling) data elements in support of privacy protection requirements 68
7 Rules governing ensuring accountability for and control of personal information 69
7.1 Introduction 69
7.2 Key aspects of Open-edi requirements. 69
7.3 Key aspects of “under the control of” 70
7.4 “under the control of” in support of privacy protection requirements and in an ILCM context 70
7.5 Implementing “under the control of” and accountability 71
8 Rules governing the specification of ILCM aspects of personal information 77
8.1 Introduction 77
8.2 Rules governing establishing ILCM responsibilities for personal information 78
8.3 Rules governing establishing specifications for retention of personal information – applicable “SRI retention triggers” 80
8.4 Rules governing identification and specification of state changes of personal information 84
8.4.1 Introduction 84
8.4.2 Specification of state changes allowed to personal information 85
8.4.3 Specification of store change type 88
8.4.4 Rules governing specification of source of state changes 90
8.5 Rules governing disposition of personal information 91
9 Data conversion, data migration, and data synchronization 97
9.1 Introduction 97
9.2 Rules governing data conversion and data migration of personal information 97
9.3 Rules governing requirements for data synchronization of personal information 98
10 Rules governing EDI of personal information between primary ILCM Person, i.e., the seller, and its “agent”, “third party” and/or “regulator” 101
10.1 Introduction 101
10.2 ILCM rules pertaining to use of an “agent” 101
10.3 ILCM rules pertaining to use of a “third party” 102
10.4 ILCM rules pertaining to involvement of a “regulator” 103
11 Conformance statement 105
11.1 Introduction 105
11.2 Conformance to the ISO/IEC 14662 Open-edi Reference Model and the multipart ISO/IEC15944 eBusiness standard 105
11.3 Conformance to ISO/IEC 15944-12 105
11.4 Conformance by agents and third parties to ISO/IEC 15944-12 105
AnnexA (normative) Consolidated list of terms and definitions with cultural adaptability: ISO English and ISO French language equivalency 107
A.1 Introduction 107
A.2 ISO English and ISO French 107
A.3 Cultural adaptability and quality control 107
A.4 Organization of Annex A – Consolidated list in matrix form 108
A.5 List of added Part 12 terms and definitions with cultural adaptability: ISO English and ISO French 109
AnnexB (informative) Consolidated set of rules in existing Parts of ISO/IEC 15944 of particular relevance to privacy protection requirements as external constraints on business transactions which apply to personal information in an ILCM requirements context 119
B.1 Introduction 119
B.2 Organization of AnnexB: Consolidated list in matrix form 119
B.3 Consolidated list of rules in ISO/IEC15944-1 pertaining to external constraints relevant to supporting privacy protection requirements 120
B.4 Consolidated list of rules in ISO/IEC15944-2 pertaining to external constraints of relevance to supporting privacy protection requirements 123
B.5 Consolidated list of rules in ISO/IEC15944-5 pertaining to external constraints of relevance to supporting privacy protection requirements 124
B.6 Consolidated list of rules in ISO/IEC15944-7 pertaining to external constraints of relevance to supporting privacy protection requirements 128
B.7 Consolidated list of rules in ISO/IEC15944-8 pertaining to external constraints of relevance to supporting privacy protection requirements 134
AnnexC (informative) Linking ILCM to process phases of a business transaction 145
C.1 Introduction 145
C.2 Rules governing linkages of ILCM process to process component of the Business Transaction Model (BTM) 145
C.3 Figurative overview of linking the five phases of the process component of the Business Transaction Model (BTM) to ILCM requirements 146
AnnexD (informative) Generic approach to ILCM decisions in a privacy protection requirements context – ILCM decision template 149
D.1 Introduction 149
D.2 Generic approach to ILCM decisions in a privacy protection requirements context 149
D.2.1 Link to applicable records and retention and disposal of personal information and “transitory records” 149
D.2.2 ILCM link to “post actualization” requirements 151
AnnexE (informative) Generic approach to identification of properties and behaviours of personal information as SRI transitory records and their disposition/expungement 153
E.1 Introduction 153
E.2 Definition of the concept of “SRI transitory record” 153
E.3 Information on examples of “SRI transitory records” 154
AnnexX (informative) “VANs”, “outsourcing, “Clouds” etc., and information life cycle management (ILCM) and EDI of personal information 157
X.1 Introduction 157
X.2 Purpose 157
X.3 Summary of role of “agent” or “third party” by a buyer in executing business transactions 158
X.4 Information life cycle management (ILCM) aspects 158
X.5 Summary of “Cloud computing” in ICT 158
X.6 Conclusions - Cloud computing services and protection of personal information 159
Bibliography 160
Abstracts 162
Figures Page
Figure1 — Open-edi environment – Open-edi Reference Model x
Figure2 — Integrated view - Business operational requirements: External constraints focus xii
Figure3 — Primary sources for privacy protection principles 51
Figure 4 — Illustration of roles and relationships between a “privacy protection officer (PPO)” and a “personal information controller (PIC)” in an Open-edi business transaction indicating the link between the BOV and FSV. 72
Figure C.1 ─ Overview - linking the five phases of the process component of the Business Transaction Model (BTM) to ILCM requirements for personal information 147
Figure D.1 ─ Decision Tree Diagram for the identification and disposition of a SPI from an ILCM requirements perspective (including it being declared a transitory record”) 151
Tables Page
Table 1 — ISO/IEC15944-12:01 Codes representing specification of records retention responsibility for personal information 79
Table 2 — ISO/IEC 15944-12:02Codes representing SRI retention triggers for retention of personal information 81
Table 3 — ISO/IEC 15944-12:03Codes representing the specification of types of record retention period 83
Table 4 — ISO/IEC 15944-12:04Codes for specifying whether state changes allowed for the content values of SRIs containing personal information 87
Table 5 — ISO/IEC 15944-12:05Codes representing store change type for SPIs (and SRIs) 89
Table 6 — ISO/IEC 15944-12:06Codes representing source of state change type ID code for SRIs 90
Table 7 — ISO/IEC15944-12:07Codes representing disposition types as actions of personal information (as SPIs) 94
Table A.1 — Columns in Table A.2 108
Table A.2 — List of added Part 12 terms and definitions with cultural adaptability of: ISO English and ISO French language equivalency 109
Project Co-Editors’ Notes:
1. This CD ballot document applies the results of the JTC1/SC32/WG1 Interim Toronto Meeting, 17-19 November, 2014. At the Toronto meeting the WD for this Part 12, i.e., document SC32/WG1 N0759, was reviewed and discussed in detail. The result of this review and decisions taken by SC32/WG1 at its Toronto interim meeting are found in document SC32/WG1/ N0779.
2. It is important that P-members review the coded domains presented as tables in this document and particular the entries (or rows) in each coded domain. Many of the coded domains in the Part 12 are based on those of a more generic nature as found in Part 5 and/or Part 8. IN this Part 12, they are further developed in an ILCM context and at a more granular level. P-members are therefore requested to review them in detail and recommend any changes or additions as may be required.
3. Finally, the Project Co-Editors for Part 12 have undertaken a detailed review of possible applicable standards of ISO TC46/SC11 Archives/Records Management and in particular the following:
· ISO 13008-12 Information and document - Digital records conversion and migration practice;
· the multipart ISO 15489 – Information and document management:
- Part 1 (2001) – General Concepts and principles (being revised and renamed)
- Part 2 (2001) Guidelines (being revised)
4. The Project Co-Editors have reviewed these ISO standards as to their applicability to the development of this Part 12. Further, it is important to note that the Canadian expert contribution on “under the control of”, these three ISO TC 46 standards were reviewed and their applicability to Part 12 identified. {See document SC32/WG1 N0786}
5. Reorganization of Clauses 5+ and link to Part 8
P-members are requested to read the “Project Co-Editors Notes” at the start of Clause 5 below in order to understand the reorganization and contents of Clauses 5+.
6. Due to the re-organization and re-numbering of many rules, any internal cross references will be reviewed before the DIS stage and updated and changed accordingly. (Some have already been highlighted in the text for further action. Time and resources did not allow for a thorough review at this time).
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IECJTC1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part2.
The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75% of the national bodies casting a vote.