International Organization for Standardization

Information technology - Business Operational View - Part 8: Identification of privacy protection requirements as external constraints on business transactions - First Edition
 N ISO/IEC 15944-8

Annotation

Statement of scope

This part of ISO/IEC 15944:

• provides method(s) for identifying, in Open-edi modelling technologies and development of scenarios, the additional requirements in Business Operational View (BOV) specifications for identifying the additional external constraints to be applied to recorded information in business transactions relating to personal information of an individual, as required by legal and regulatory requirements of applicable jurisdictional domains having governance over the personal information exchanged among parties to a business transaction;

• integrates existing normative elements in support of privacy and data protection requirements as are already identified in the current editions of ISO/IEC 14662 and ISO/IEC 15944-1, ISO/IEC 15944-2, ISO/IEC 15944-4, and ISO/IEC 15944-5 which apply to information concerning identifiable living individuals as buyers17 in a business transaction or whose personal information is used in the transaction;

• provides overarching operational ‘best practice' statements for associated (and not necessarily automated) processes, procedures, practices and governance requirements that must act in support of implementing and enforcing technical mechanisms needed to support privacy/data protection requirements necessary for the implementation in Open-edi transaction environments;

• identifies and provides a sample scenario and implementation (use case) for one or more use cases of privacy/data protection in business transactions; and,