• Shopping Cart
    There are no items in your cart

BS EN 16571:2014

Current

Current

The latest, up-to-date edition.

Information technology. RFID privacy impact assessment process

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

30-06-2014

€348.24
Excluding VAT

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviations
5 Structure of this European Standard
6 Field of reference for this European Standard
7 RFID operator's organizational objectives of the
   RFID PIA
8 Tools to simplify the process
9 RFID PIA - a process approach
10 Preparing the RFID functional statement
11 Preparing the description of the RFID applications
12 Risk Assessment
13 Worked example of the risk assessment process
14 The PIA summary report
15 Revision control
16 Monitoring and incident response
Annex A (normative) - Details of Registration Authority
Annex B (informative) - RFID manufacturer's product
        privacy capability statements
Annex C (informative) - RFID Privacy Impact Assessment
        Flowchart
Annex D (informative) - Template development
Annex E (informative) - Flowchart to determine the RFID
        PIA level
Annex F (informative) - RFID functional statement
Annex G (normative) - RFID application description
Annex H (informative) - Identification and valuation of
        personal privacy assets
Annex I (informative) - RFID threats
Annex J (informative) - Countermeasures
Annex K (informative) - PIA risk assessment example
Annex L (informative) - RFID Privacy Impact Assessment summary
Bibliography

Gives a standardized set of procedures for developing PIA templates, including tools compatible with the RFID PIA methodology.

Committee
IST/6
DevelopmentNote
Supersedes 13/30277454 DC. (07/2014)
DocumentType
Standard
Pages
108
PublisherName
British Standards Institution
Status
Current
Supersedes

This European Standard has been prepared as part of the EU RFID Mandate M/436. It is based on the Privacy and Data Protection Impact Assessment Framework for RFID Applications, which was developed by industry, in collaboration with the civil society, endorsed by Article 29, Data Protection Working Party, and signed by all key stakeholders, including the European Commission, in 2011.

It defines aspects of that framework as normative or informative procedures to enable a common European method for undertaking an RFID PIA.

It provides a standardized set of procedures for developing PIA templates, including tools compatible with the RFID PIA methodology.

In addition, it identifies the conditions that require an existing PIA to be revised, amended, or replaced by a new assessment process.

Standards Relationship
EN 16571:2014 Identical

CEN/TR 16673:2014 Information technology - RFID privacy impact assessment analysis for specific sectors
ISO/IEC 18000-6:2013 Information technology — Radio frequency identification for item management — Part 6: Parameters for air interface communications at 860 MHz to 960 MHz General
CEN/TR 16674:2014 Information technology - Analysis of privacy impact assessment methodologies relevant to RFID
CEN/TR 16672:2014 Information technology - Privacy capability features of current RFID technologies
ISO/IEC 21481:2012 Information technology Telecommunications and information exchange between systems Near Field Communication Interface and Protocol -2 (NFCIP-2)
ISO/IEC 18000-7:2014 Information technology Radio frequency identification for item management Part 7: Parameters for active air interface communications at 433 MHz
ISO/IEC 18000-61:2012 Information technology — Radio frequency identification for item management — Part 61: Parameters for air interface communications at 860 MHz to 960 MHz Type A
TR 187 020 : 1.1.1 RADIO FREQUENCY IDENTIFICATION (RFID); COORDINATED ESO RESPONSE TO PHASE 1 OF EU MANDATE M436
ISO/IEC 18092:2013 Information technology — Telecommunications and information exchange between systems — Near Field Communication — Interface and Protocol (NFCIP-1)
ISO/IEC 27005:2011 Information technology Security techniques Information security risk management
ISO/IEC 18000-2:2009 Information technology — Radio frequency identification for item management — Part 2: Parameters for air interface communications below 135 kHz
ISO/IEC 18000-4:2015 Information technology Radio frequency identification for item management Part 4: Parameters for air interface communications at 2,45 GHz
ISO 11785:1996 Radio frequency identification of animals — Technical concept
ISO/IEC 18046-3:2012 Information technology Radio frequency identification device performance test methods Part 3: Test methods for tag performance
CEN/TR 16670:2014 Information technology - RFID threat and vulnerability analysis
ISO/IEC 18000-62:2012 Information technology — Radio frequency identification for item management — Part 62: Parameters for air interface communications at 860 MHz to 960 MHz Type B
ISO 11784:1996 Radio frequency identification of animals Code structure
ISO/IEC 18000-64:2012 Information technology — Radio frequency identification for item management — Part 64: Parameters for air interface communications at 860 MHz to 960 MHz Type D
ISO/IEC 18000-63:2015 Information technology Radio frequency identification for item management Part 63: Parameters for air interface communications at 860 MHz to 960 MHz Type C
ISO/IEC 18000-3:2010 Information technology — Radio frequency identification for item management — Part 3: Parameters for air interface communications at 13,56 MHz
ISO/IEC 29100:2011 Information technology — Security techniques — Privacy framework

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.