The world’s first International Standard for privacy information management – ISO 27701 – will assist organisations to meet privacy-specific requirements, irrespective of the jurisdictions in which they operate. In addition, the privacy standard may assist organisations in demonstrating compliance and accountability with various privacy regimes throughout the world, including the General Data Protection Regulation (GDPR), and highlights the importance of looking beyond Australian law when approaching privacy compliance and the management of personal information. Specifically, ISO 27701 sets out requirements for organisations that are implementing privacy protections for the processing of Personal Identifiable Information (PII), which applies to all sizes and types of organisations, specific to both the controllers and processors.
