ISO 27018 and EU PDPR
Assign topic to the user
Answer:
The thoguth about go for ISO 27001 certification bringing some parts of ISO 27018 is the correct one, since ISO 27018 is not certifiable.
Concerning EU GDPR, ISO 27018 can really help to accomplish compliance, mainly with chapter IV:
Chapter II (principles): basic orientation to application of controls
Chapter III (rights of the data subject): ISO 27018 clauses can be applied in terms of service
Chapter IV (controller and processor: controls and procedures can make use of ISO 27018 recommendations. Clause 32 is of special interest.
Chapter V (transfer of personal data to third countries or international organisations): ISO 27018 clauses can be applied in terms of service.
Chapter VI (independent supervisory authorities): ISO 27018 clauses can be applied in terms of service
Chapter VII (cooperation and consistency): ISO 27018 clauses can be applied in terms of service
Chapter IX (specific data processing situations): controls and procedures can make use of ISO 27018 recommendations.
Comment as guest or Sign in
Sep 23, 2016