SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / PII and free text fields in information systems

Guest

PII and free text fields in information systems

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Sep 23, 2016 Last commented:   Sep 23, 2016

PII and free text fields in information systems

ISO 27001 & 22301
Regarding data protection – if there was a free text field, is there the risk of PII being invoked?
0 0

Assign topic to the user

ISO 27001 LEAD AUDITOR COURSE

Become an ISO 27001 certification auditor.

ISO 27001 LEAD AUDITOR COURSE

Become an ISO 27001 certification auditor.
Expert
Rhand Leal Sep 23, 2016

Answer:
The concern is valid. A sugested protection in this case would be to include a text in the page that contains the free text field explictly informing that in that specific text filed no PII is required and that by including PII the user is assuming the risk to exposed his/her information. Of course, this solution should be review by a lawyer regarding legal issues you organization must be compliant with.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 23, 2016

Sep 23, 2016

Suggested Topics
ISO Created:   Dec 26, 2023 ISO 27001 & 22301
Replies: 1
0 0

Information Security Goals
Henrik Created:   Sep 29, 2023 ISO 27001 & 22301
Replies: 1
0 0

Apply procedure for document and record control only to information security policies in Conformio?
Guest user Created:   Jul 19, 2023 ISO 27001 & 22301
Replies: 1
0 0

Labelling information