ISO/IEC 27018:2019 is a standard that specifically addresses the protection of personally identifiable information (PII) in public cloud computing environments. It provides guidelines and controls for cloud service providers (CSPs) to ensure the privacy and security of PII processed in the cloud.

In short, ISO/IEC 27018:2019 outlines requirements for:

Personally Identifiable Information (PII) Protection: It defines measures for the protection of PII processed by cloud service providers, including guidelines for data access, processing, storage, and transmission.

Transparency and Accountability: The standard emphasizes transparency and accountability by requiring CSPs to disclose their data processing practices, including how PII is handled, who has access to it, and how it is protected.

Consent and Control: ISO/IEC 27018:2019 requires CSPs to obtain consent from customers for the processing of their PII and provides controls for customers to manage their data, including the ability to access, correct, or delete their information.

Data Breach Notification: It specifies requirements for CSPs to notify customers promptly in the event of a data breach involving their PII, including details about the breach and its potential impact.

Compliance and Audit: The standard includes provisions for compliance with applicable legal and regulatory requirements related to the protection of PII in the cloud. It also outlines requirements for independent audits to verify compliance with the standard.

Apply today to book your seat fill form below and submit.

contact us:

+977 1 5903 211,  9741766637