Get a 20% discount on the first year of the Company Training Academy annual plan.
Limited-time offer – ends April 24, 2025
Use promo code:
CTA20

Expert Advice Community

Home / ISO 27001 & 22301 / PII and free text fields in information systems

Guest

PII and free text fields in information systems

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Sep 23, 2016 Last commented:   Sep 23, 2016

PII and free text fields in information systems

ISO 27001 & 22301
Regarding data protection – if there was a free text field, is there the risk of PII being invoked?
0 0

Assign topic to the user

ISO 27001 INFORMATION SECURITY POLICY

Define the main rules for information security management.

ISO 27001 INFORMATION SECURITY POLICY

Define the main rules for information security management.
Expert
Rhand Leal Sep 23, 2016

Answer:
The concern is valid. A sugested protection in this case would be to include a text in the page that contains the free text field explictly informing that in that specific text filed no PII is required and that by including PII the user is assuming the risk to exposed his/her information. Of course, this solution should be review by a lawyer regarding legal issues you organization must be compliant with.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 23, 2016

Sep 23, 2016

Suggested Topics
Atheer AlMartan Created:   Apr 24, 2024 ISO 27001 & 22301
Replies: 1
0 0

3.4. Handling classified information
ISO Created:   Dec 26, 2023 ISO 27001 & 22301
Replies: 1
0 0

Information Security Goals
Henrik Created:   Sep 29, 2023 ISO 27001 & 22301
Replies: 1
0 0

Apply procedure for document and record control only to information security policies in Conformio?