7 Additional ISO/IEC 27002 guidance for PII controllers 附加到ISO/IEC 27002的个人身份信息(PII)控制者的指南/7.4 Privacy by design and privacy by default 隐私设计和隐私默认保护/7.4.3 Accuracy and quality 准确性和质量
7.4.3 Accuracy and quality 准确性和质量Control 控制The organization should ensure and document that PII is as accurate, complete and up-to-date as is necessary for the purposes for which it is processed, throughout the life-cycle of the PII.在个人身份信息(PII)的整个生命周期中,组织应确保个人身份信息(PII)是准确的,完整的和最新的,以满足个人身份信息(PII)处理目的的需要,并文件化相关信息。Implementation guidance 实施指南The organization should implement policies, procedures and/or mechanisms to minimize inaccuracies in the PII it processes. There should also be policies, procedures and/or mechanisms to respond to instances of inaccurate PII. These policies, procedures and/or mechanisms should be included in the documented information (e.g. through technical system configurations, etc.) and should apply throughout the PII lifecycle.组织宜实施策略,规程和/或机制以将在其处理的个人身份信息(PII)中的不准确减少到最低的程度。也宜有策略,规程和/或机制以响应不准确的个人身份信息(PII)的事例。这些策略,规程和/或机制宜被包含在文件化的信息中(例如,通过技术系统的配置文件),以及宜适用于个人身份信息(PII)的整个生命周期。Additional information 附加信息For further information on the PII processing life-cycle, see ISO/IEC 29101:2018, 6.2.有关个人身份信息(PII)处理的生命周期的进一步信息,请见ISO/IEC 29101:2018, 6.2。
还没有评论,来说两句吧...