ISO/IEC 27555:2021

Information security, cybersecurity and privacy protection — Guidelines on personally identifiable information deletion

OVERVIEW

This document contains guidelines for developing and establishing policies and procedures for deletion of personally identifiable information (PII) in organizations by specifying:

—    a harmonized terminology for PII deletion;

—    an approach for defining deletion rules in an efficient way;

—    a description of required documentation;

—    a broad definition of roles, responsibilities and processes.

This document is intended to be used by organizations where PII is stored or processed.

This document does not address:

—    specific legal provision, as given by national law or specified in contracts;

—    specific deletion rules for particular clusters of PII that are defined by PII controllers for processing PII;

—    deletion mechanisms;

—    reliability, security and suitability of deletion mechanisms;

—    specific techniques for de-identification of data.

COMMENTS

-

PRODUCT DETAILS

Status Current
Edition 2021
No. of Pages 25
ICS Classification 35.030 IT Security
Committee ISO/IEC JTC 1/SC 27
Available for Purchase For sale in Singapore only
Adoption ISO

Managed by TOPPAN NEXT Pte. Ltd.

Enterprise Singapore's appointed distributor of

EnterpriseSG Standards Publications and Overseas Standards.

© 2026 TOPPAN NEXT

All Rights Reserved