ISO/IEC 29100:2011 provides a privacy framework which i)specifies a common privacy terminology; ii) defines the actors and their roles in processing personally identifiable information (PII); iii) describes privacy safeguarding considerations; and iv) provides references to known privacy principles for information technology.
ISO/IEC 27018:2014 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.
he DPC is the Irish supervisory authority for the General Data Protection Regulation (GDPR), and also has functions and powers related to other important regulatory frameworks including the Irish ePrivacy Regulations (2011) and the EU Directive known as the Law Enforcement Directive.
Cloud-Based environments offer many advantages to organisations. However, they also introduce a number of technical security risks which organisations should be aware of. The DPC has listed five key ways organisations can secure their Cloud-Based environments to mitigate their risk of a personal data breach.
Includes guidance on access controls, encryption and data security.