BS ISO/IEC 27018:2014 Information technology. Security techniques. Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

BS ISO/IEC 27018:2014

Information technology. Security techniques. Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors

Status : Withdrawn   Published : August 2014 Replaced By : BS ISO/IEC 27018:2019

WITHDRAWN TITLE
*To ask about withdrawn titles contact the
BSI Customer Services
cservices@bsigroup.com, +44 345 086 9001


What is this standard about?

It is a sector-specific supplement to BS ISO/IEC 27001:2013 and BS ISO/IEC 27002:2013 for use by organizations providing public cloud services. It contains additional privacy controls and guidance for use when processing Personally Identifiable Information (PII).

Who is this standard for? 

It applies to any organization which provides information processing services as PII processors via cloud computing under contract. These could include:

  • Public and private companies
  • Government organizations 
  • Not-for-profit organizations 

It will also be useful to: 

  • In house IT operators/auditors/designers of information management systems
  • Data security industry
  • IT regulators

Why should you use this standard? 

The adoption of cloud computing in all sectors of the economy is being promoted in order to boost productivity; however concerns over privacy and security have acted as a barrier to migrating data to the cloud.

BS ISO/IEC 27018 was introduced to provide an auditable standard for cloud service providers, by enabling customers to meet their own regulatory obligations on data security. 

It establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect PII in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment. It specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the protection of PII which may be applicable within the context of the information security risk environment(s) of a provider of public cloud services.

It is an essential step towards ensuring compliance with the principles in the new Data Protection Act and boosting customer confidence in cloud computing technologies.




Standard NumberBS ISO/IEC 27018:2014
TitleInformation technology. Security techniques. Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
StatusWithdrawn
Publication Date31 August 2014
Withdrawn Date24 January 2019
Cross ReferencesISO/IEC 17788, ITU-T Y.3500, ISO/IEC 27000:2014, ISO/IEC 27001:2013, ISO/IEC 27002:2013, ISO/IEC 29100:2011, BS 10012:2009, ISO/IEC 17789, ISO/IEC 27005, ISO/IEC 27035, ISO/IEC 27036-4, ISO/IEC 27040, ISO/IEC 29101, ISO/IEC 29134, ISO/IEC 29191, ISO/IEC JTC 1/SC 27, JIS Q 15001:2006, NIST SP 800-53, NIST SP 800-122, NIST SP 800-144
Replaced ByBS ISO/IEC 27018:2019
International RelationshipsISO/IEC 27018:2014
Draft Superseded By13/30266767 DC
DescriptorsManagement, Data handling, Databases, Data transfer, Definitions, Data, Database languages, Data transmission, Information systems, Interfaces (data processing), Open systems interconnection, Data processing, Information exchange
ICS35.030
35.040.50
Title in FrenchTechnologies de l’information. Techniques de sécurité. Code de bonnes pratiques pour la protection des informations personnelles identifiables (PII) dans l’informatique en nuage public agissant comme processeur de PII
CommitteeIST/33/5
ISBN978 0 580 79669 2
PublisherBSI
FormatA4
DeliveryYes
Pages36
File Size1.696 MB
Price£206.00


WITHDRAWN TITLE
*To ask about withdrawn titles contact the
BSI Customer Services
cservices@bsigroup.com, +44 345 086 9001
 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


Collaborate, Innovate, Accelerate.


27 November

Organizational Resilience Annual Conference 2019


BSOL

The faster, easier way to work with standards


Customers who bought this product also bought

  • BS ISO/IEC 27017:2015
    Information technology. Security techniques. Code of practice for information security controls based on ISO/IEC 27002 for cloud services
  • BS EN ISO/IEC 27001:2017
    Information technology. Security techniques. Information security management systems. Requirements
  • BS ISO/IEC 27005:2011
    Information technology. Security techniques. Information security risk management
  • BS EN ISO/IEC 27002:2017
    Information technology. Security techniques. Code of practice for information security controls