GB/Z 28828-2012 Information security technology - Guideline for personal information protection within information system for public and commercial services (English Version)
1 Scope
This standard standardizes the process that personal information is wholly or partially handled by way of the information system and provides guidance for the protection of personal information in different stages for personal information handling in the information system.
This standard is applicable to the protection of personal information in the information system performed by various organizations and institutes except government agency and other institutes exercising public administration duty, such as facilitating agencies concerning telecommunication, finance and medical treatment.
2 Normative References
The following documents are essential for the application of this document. For dated reference, only the edition cited applies. For undated references, the latest edition (including any amendments) applies.
GB/Z 20986-2007 Information Security Technology - Guidelines for The Category and Classification of Information Security Incidents
3 Terms and Definitions
For the purpose this standard, terms and definitions in GB/Z 20986-2007 and those below apply.
Foreword I
Introduction II
1 Scope
2 Normative References
3 Terms and Definitions
4 Overview of Personal Information Protection
5 Personal Information Protection During Information Handling
Bibliography
GB/Z 28828-2012 Information security technology - Guideline for personal information protection within information system for public and commercial services (English Version)
Standard No.
GB/Z 28828-2012
Status
valid
Language
English
File Format
PDF
Word Count
3000 words
Price(USD)
60.0
Implemented on
2013-2-1
Delivery
via email in 1 business day
Detail of GB/Z 28828-2012
Standard No.
GB/Z 28828-2012
English Name
Information security technology - Guideline for personal information protection within information system for public and commercial services
1 Scope
This standard standardizes the process that personal information is wholly or partially handled by way of the information system and provides guidance for the protection of personal information in different stages for personal information handling in the information system.
This standard is applicable to the protection of personal information in the information system performed by various organizations and institutes except government agency and other institutes exercising public administration duty, such as facilitating agencies concerning telecommunication, finance and medical treatment.
2 Normative References
The following documents are essential for the application of this document. For dated reference, only the edition cited applies. For undated references, the latest edition (including any amendments) applies.
GB/Z 20986-2007 Information Security Technology - Guidelines for The Category and Classification of Information Security Incidents
3 Terms and Definitions
For the purpose this standard, terms and definitions in GB/Z 20986-2007 and those below apply.
Contents of GB/Z 28828-2012
Foreword I
Introduction II
1 Scope
2 Normative References
3 Terms and Definitions
4 Overview of Personal Information Protection
5 Personal Information Protection During Information Handling
Bibliography