ISO 27701 Clause 7.4.1 – Limit Collection
Purpose of Clause 7.4.1
Organisations should limit their collection of PII based on three factors:
- Relevance.
- Proportionality.
- Necessity.
Guidance on Clause 7.4.1
Organisations should only collect PII – either directly or indirectly – in accordance with the above factors, and only for purposes that are relevant and necessary towards their stated purpose.
As a concept, ‘privacy by default’ should be adhered to – i.e., any optional functions should be disabled by default.
ISO 27701 Clause 7.4.2 – Limit Processing
Purpose of Clause 7.4.2
To accompany ISO 27701 7.4.1, organisations should also only process PII if it is relevant, proportional and necessary to fulfil a stated purpose.
Guidance on Clause 7.4.2
PII processing includes:
- Disclosure.
- Storage.
- Accessibility.
All of the above functions should be carried out to the minimum levels that are required to fulfil an objective.
Organisations should limit the processing of PII in conjunction with published information security processes, policies and procedures (see ISO 27701 Clause 6.2).
Relevant ISO 27701 Clauses
- ISO 27701 6.2
ISO 27001 made easy
An 81% Headstart from day one
We’ve done the hard work for you, giving you an 81% Headstart from the moment you log on. All you have to do is fill in the blanks.
ISO 27701 Clause 7.4.3 – Accuracy and Quality
Purpose of Clause 7.4.3
Organisations should take steps to ensure that PII is accurate, complete and up-to-date, throughout its entire lifecycle.
Guidance on Clause 7.4.3
Organisational information security policies and technical configurations should contain steps that seek to minimise errors throughout its PII processing operation, including controls on how to respond to inaccuracies.
ISO 27701 Clause 7.4.4 – PII Minimization Objectives
Purpose of Clause 7.4.4
Organisations need to construct ‘data minimisation’ procedures, including mechanisms such as de-identification.
Guidance on Clause 7.4.4
Data minimisation should be used to ensure that PII collection and processing is limited to the ‘identified purpose’ of each function (see ISO 27701 Clause 7.2.1).
A large part of this process involves documenting the extent to which a PII principals information should be directly attributable towards them, and how minimisation is to be achieved via a variety of available methods.
Organisations should outline the specific techniques use to de-identify PII principals, such as:
- Randomisation.
- Noise addition.
- Generalisation.
- Attribute removal.
Relevant ISO 27701 Clauses
- ISO 27701 7.2.1
ISO 27701 Clause 7.4.5 – PII De-identification and Deletion at the End of Processing
Purpose of Clause 7.4.5
Organisations either need to completely destroy any PII that no longer fulfils a purpose, or modify it in a way that prevents any form of principal identification.
Guidance on Clause 7.4.5
As soon as the organisation established that the PII doesn’t need to be processed at any time in the future, the information should be deleted or de-identified, as the circumstances dictate.
Free yourself from a mountain of spreadsheets
Embed, expand and scale your compliance, without the mess. IO gives you the resilience and confidence to grow securely.
ISO 27701 Clause 7.4.6 – Temporary Files
Purpose of Clause 7.4.6
Temporary files are created for a number of technical reasons, throughout the PII processing and collection lifecycle, across numerous applications, systems and security platforms.
Organisations need to ensure that these files are destroyed within a reasonable amount of time, in accordance with an official retention policy.
Guidance on Clause 7.4.6
A simple way to identify the existence of such files is to perform periodic checks of temporary files across the network. Temporary files often include:
- Database update files.
- Cached information.
- Files created by applications and bespoke software packages.
Organisations should adhere to a so-called garbage collection procedure that deletes temporary files when they’re no longer needed.
ISO 27701 Clause 7.4.7 – Retention
Purpose of Clause 7.4.7
It is vitally important that organisations acknowledge their obligations to delete and/or dispose of PII that is no longer necessary in achieving a stated purpose.
Guidance on Clause 7.4.7
Organisations should draft and adhere to categorical retention schedules that outline the exact period of time that PII principals can expect their data to be stored for.
Retention schedules should be tailored around any legal, statutory or contractual requirements that govern how long PII should be stored for on any given platform.
ISO 27701 Clause 7.4.8 – Disposal
Purpose of Clause 7.4.8
Organisations need to have clear policies and procedures that govern how PII is disposed of.
Guidance on Clause 7.4.8
Data disposal is a wide-ranging topic that features a host of different variables, based on the required disposal technique and the nature of the data that’s being disposed of.
Organisations need to consider:
- What the PII includes.
- Any residual metadata that needs to be erased alongside the principal data.
- The type of storage media the PII is held on.
Manage all your compliance, all in one place
ISMS.online supports over 100 standards and regulations, giving you a single platform for all your compliance needs.
ISO 27701 Clause 7.4.9 – PII Transmission Controls
Purpose of Clause 7.4.9
Any PII that is set to be transferred to a third party organisation should be done so with the utmost of care for the information being sent, using secure means.
Guidance on Clause 7.4.9
Organisations need to ensure that only authorised personnel are able to access transmission systems, and are doing so in a way that is easily audited with the sole purpose of getting the information to where it needs to go without incident.
Supporting GDPR Articles
Various elements of ISO 27701 Clause 7.4 are applicable within UK GDPR legislation. Take a look at the below table for the corresponding references.
| ISO 27701 Clause Identifier | ISO 27701 Clause Name | Associated GDPR Articles |
|---|---|---|
| 7.4.1 | Limit Collection | Article (5) |
| 7.4.2 | Limit Processing | Article (25) |
| 7.4.3 | Accuracy and Quality | Article (5) |
| 7.4.4 | PII Minimisation Objectives | Article (5) |
| 7.4.5 | PII De-identification and Deletion at the End of Processing | Articles (5), (6), (11), (32) |
| 7.4.6 | Temporary Files | Article (5) |
| 7.4.7 | Retention | Articles (13), (14) |
| 7.4.8 | Disposal | Article (5) |
| 7.4.9 | PII Transmission Controls | Article (5) |
How ISMS.online Helps
The ISMS.online platform offers integrated assistance at every stage, and our ‘Adopt, Adapt, Add’ implementation approach to ISO 27701, to make the process much easier.
You will also benefit from a variety of time-saving features.
If for any reason you experience a lack of confidence, ability or the drive to take action during your journey to ISO 27701, we can make our team of in-house experts available.
Find out more by booking a demo.
