Information technology. RFID privacy impact assessment process

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

30-06-2014

Publisher

British Standards Institution

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviations
5 Structure of this European Standard
6 Field of reference for this European Standard
7 RFID operator's organizational objectives of the
   RFID PIA
8 Tools to simplify the process
9 RFID PIA - a process approach
10 Preparing the RFID functional statement
11 Preparing the description of the RFID applications
12 Risk Assessment
13 Worked example of the risk assessment process
14 The PIA summary report
15 Revision control
16 Monitoring and incident response
Annex A (normative) - Details of Registration Authority
Annex B (informative) - RFID manufacturer's product
        privacy capability statements
Annex C (informative) - RFID Privacy Impact Assessment
        Flowchart
Annex D (informative) - Template development
Annex E (informative) - Flowchart to determine the RFID
        PIA level
Annex F (informative) - RFID functional statement
Annex G (normative) - RFID application description
Annex H (informative) - Identification and valuation of
        personal privacy assets
Annex I (informative) - RFID threats
Annex J (informative) - Countermeasures
Annex K (informative) - PIA risk assessment example
Annex L (informative) - RFID Privacy Impact Assessment summary
Bibliography

Gives a standardized set of procedures for developing PIA templates, including tools compatible with the RFID PIA methodology.

This European Standard has been prepared as part of the EU RFID Mandate M/436. It is based on the Privacy and Data Protection Impact Assessment Framework for RFID Applications, which was developed by industry, in collaboration with the civil society, endorsed by Article 29, Data Protection Working Party, and signed by all key stakeholders, including the European Commission, in 2011.

It defines aspects of that framework as normative or informative procedures to enable a common European method for undertaking an RFID PIA.

It provides a standardized set of procedures for developing PIA templates, including tools compatible with the RFID PIA methodology.

In addition, it identifies the conditions that require an existing PIA to be revised, amended, or replaced by a new assessment process.

Committee	IST/34
DevelopmentNote	Supersedes 13/30277454 DC. (07/2014)
DocumentType	Standard
Pages	108
PublisherName	British Standards Institution
Status	Current
Supersedes	13/30277454 DC : 0

Standards	Relationship
EN 16571:2014	Identical

CEN/TR 16673:2014	Information technology - RFID privacy impact assessment analysis for specific sectors
ISO/IEC 18000-6:2013	Information technology — Radio frequency identification for item management — Part 6: Parameters for air interface communications at 860 MHz to 960 MHz General
CEN/TR 16674:2014	Information technology - Analysis of privacy impact assessment methodologies relevant to RFID
CEN/TR 16672:2014	Information technology - Privacy capability features of current RFID technologies
ISO/IEC 21481:2012	Information technology Telecommunications and information exchange between systems Near Field Communication Interface and Protocol -2 (NFCIP-2)
ISO/IEC 18000-7:2014	Information technology Radio frequency identification for item management Part 7: Parameters for active air interface communications at 433 MHz
ISO/IEC 18000-61:2012	Information technology — Radio frequency identification for item management — Part 61: Parameters for air interface communications at 860 MHz to 960 MHz Type A
TR 187 020 : 1.1.1	RADIO FREQUENCY IDENTIFICATION (RFID); COORDINATED ESO RESPONSE TO PHASE 1 OF EU MANDATE M436
ISO/IEC 18092:2013	Information technology — Telecommunications and information exchange between systems — Near Field Communication — Interface and Protocol (NFCIP-1)
ISO/IEC 27005:2011	Information technology Security techniques Information security risk management
ISO/IEC 18000-2:2009	Information technology — Radio frequency identification for item management — Part 2: Parameters for air interface communications below 135 kHz
ISO/IEC 18000-4:2015	Information technology Radio frequency identification for item management Part 4: Parameters for air interface communications at 2,45 GHz
ISO 11785:1996	Radio frequency identification of animals — Technical concept
ISO/IEC 18046-3:2012	Information technology Radio frequency identification device performance test methods Part 3: Test methods for tag performance
CEN/TR 16670:2014	Information technology - RFID threat and vulnerability analysis
ISO/IEC 18000-62:2012	Information technology — Radio frequency identification for item management — Part 62: Parameters for air interface communications at 860 MHz to 960 MHz Type B
ISO 11784:1996	Radio frequency identification of animals Code structure
ISO/IEC 18000-64:2012	Information technology — Radio frequency identification for item management — Part 64: Parameters for air interface communications at 860 MHz to 960 MHz Type D
ISO/IEC 18000-63:2015	Information technology Radio frequency identification for item management Part 63: Parameters for air interface communications at 860 MHz to 960 MHz Type C
ISO/IEC 18000-3:2010	Information technology — Radio frequency identification for item management — Part 3: Parameters for air interface communications at 13,56 MHz
ISO/IEC 29100:2011	Information technology — Security techniques — Privacy framework

View more information

£298.00

Excluding VAT

Product format

I agree to the DRM document license rules apply against the PDF selection made.

Please confirm that you agree to the document license rules for this document.

I agree to the document license rules .

Please confirm that you agree to the document license rules for this document.

Access your standards online with a subscription

Features

Simple online access to standards, technical information and regulations.
Critical updates of standards and customisable alerts and notifications.
Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

Get in touch with us

BS EN 16571:2014

Information technology. RFID privacy impact assessment process

Table of Contents

Abstract

Scope

General Product Information

International Equivalents

Standards Referencing This Book

Category

Subcategory