ISO/IEC 27555:2021 

Information security, cybersecurity and privacy protection - Guidelines on personally identifiable information deletion


Do you need a multi-user copy?




This document contains guidelines for developing and establishing policies and procedures for deletion of personally identifiable information (PII) in organizations by specifying:
- a harmonized terminology for PII deletion;
- an approach for defining deletion rules in an efficient way;
- a description of required documentation;
- a broad definition of roles, responsibilities and processes.
This document is intended to be used by organizations where PII is stored or processed.
This document does not address:
- specific legal provision, as given by national law or specified in contracts;
- specific deletion rules for particular clusters of PII that are defined by PII controllers for processing PII;
- deletion mechanisms;
- reliability, security and suitability of deletion mechanisms;
- specific techniques for de-identification of data.

Look inside

Relevant for

cyber security

smart city

Additional information

Publication typeInternational Standard
Publication date2021-10-08
Available language(s)English
TC/SCISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protectionrss
ICS35.030 - IT Security
File size1832 KB

The following test report forms are related:

Share this page

Share your publications

Learn how to share your publications with your colleagues, using networking options.

Payment information

Our prices are in Swiss francs (CHF). We accept all major credit cards (American Express, Mastercard and Visa, JCB and CUP), PayPal and bank transfers as form of payment.

Keep in touch

Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.

Contact customer services

Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 17:00 CET Monday to Friday.