• There are no items in your cart

EN 16571:2014

Current

Current

The latest, up-to-date edition.

Information technology - RFID privacy impact assessment process

Published date

25-06-2014

Sorry this product is not available in your region.

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviations
5 Structure of this European Standard
6 Field of reference for this European Standard
7 RFID operator's organizational objectives of the
   RFID PIA
8 Tools to simplify the process
9 RFID PIA - a process approach
10 Preparing the RFID functional statement
11 Preparing the description of the RFID applications
12 Risk Assessment
13 Worked example of the risk assessment process
14 The PIA summary report
15 Revision control
16 Monitoring and incident response
Annex A (normative) - Details of Registration Authority
Annex B (informative) - RFID manufacturer's product
        privacy capability statements
Annex C (informative) - RFID Privacy Impact Assessment
        flowchart
Annex D (informative) - Template development
Annex E (informative) - Flowchart to determine the RFID
        PIA level
Annex F (informative) - RFID functional statement
Annex G (normative) - RFID application description
Annex H (informative) - Identification and valuation of
        personal privacy assets
Annex I (informative) - RFID threats
Annex J (informative) - Countermeasures
Annex K (informative) - PIA risk assessment example
Annex L (informative) - RFID Privacy Impact Assessment summary
Bibliography

This European Standard has been prepared as part of the EU RFID Mandate M/436. It is based on the Privacy and Data Protection Impact Assessment Framework for RFID Applications, which was developed by industry, in collaboration with the civil society, endorsed by Article 29, Data Protection Working Party, and signed by all key stakeholders, including the European Commission, in 2011.It defines aspects of that framework as normative or informative procedures to enable a common European method for undertaking an RFID PIA.It provides a standardized set of procedures for developing PIA templates, including tools compatible with the RFID PIA methodology.In addition, it identifies the conditions that require an existing PIA to be revised, amended, or replaced by a new assessment process.

Committee
CEN/TC 225
DevelopmentNote
Supersedes PREN 16571. (07/2014)
DocumentType
Standard
PublisherName
Comite Europeen de Normalisation
Status
Current

Standards Relationship
NEN EN 16571 : 2014 Identical
UNI EN 16571 : 2014 Identical
NBN EN 16571 : 2014 Identical
PN EN 16571 : 2014 Identical
NS EN 16571 : 2014 Identical
SN EN 16571 : 2014 Identical
BS EN 16571:2014 Identical
DIN EN 16571 E : 2014 Identical
I.S. EN 16571:2014 Identical
NF EN 16571 : 2014 Identical
UNE-EN 16571:2014 Identical
DIN EN 16571:2014-10 Identical
PNE-prEN 16571 Identical

UNI EN 16570 : 2014 INFORMATION TECHNOLOGY - NOTIFICATION OF RFID - THE INFORMATION SIGN AND ADDITIONAL INFORMATION TO BE PROVIDED BY OPERATORS OF RFID APPLICATION SYSTEMS
UNI CEN/TS 16685 : 2014 INFORMATION TECHNOLOGY - NOTIFICATION OF RFID - THE INFORMATION SIGN TO BE DISPLAYED IN AREAS WHERE RFID INTERROGATORS ARE DEPLOYED
DIN EN 16570:2014-09 INFORMATION TECHNOLOGY - NOTIFICATION OF RFID - THE INFORMATION SIGN AND ADDITIONAL INFORMATION TO BE PROVIDED BY OPERATORS OF RFID APPLICATION SYSTEMS
S.R. CEN/TS 16685:2014 INFORMATION TECHNOLOGY - NOTIFICATION OF RFID - THE INFORMATION SIGN TO BE DISPLAYED IN AREAS WHERE RFID INTERROGATORS ARE DEPLOYED
BS EN 16570:2014 Information technology. Notification of RFID. The information sign and additional information to be provided by operators of RFID application systems
EN 16570:2014 Information technology - Notification of RFID - The information sign and additional information to be provided by operators of RFID application systems
DIN EN 16570 E : 2014 INFORMATION TECHNOLOGY - NOTIFICATION OF RFID - THE INFORMATION SIGN AND ADDITIONAL INFORMATION TO BE PROVIDED BY OPERATORS OF RFID APPLICATION SYSTEMS
I.S. EN 16570:2014 INFORMATION TECHNOLOGY - NOTIFICATION OF RFID - THE INFORMATION SIGN AND ADDITIONAL INFORMATION TO BE PROVIDED BY OPERATORS OF RFID APPLICATION SYSTEMS

CEN/TR 16673:2014 Information technology - RFID privacy impact assessment analysis for specific sectors
ISO/IEC 18000-6:2013 Information technology — Radio frequency identification for item management — Part 6: Parameters for air interface communications at 860 MHz to 960 MHz General
CEN/TR 16674:2014 Information technology - Analysis of privacy impact assessment methodologies relevant to RFID
CEN/TR 16672:2014 Information technology - Privacy capability features of current RFID technologies
ISO/IEC 21481:2012 Information technology Telecommunications and information exchange between systems Near Field Communication Interface and Protocol -2 (NFCIP-2)
ISO/IEC 18000-7:2014 Information technology Radio frequency identification for item management Part 7: Parameters for active air interface communications at 433 MHz
ISO/IEC 18000-61:2012 Information technology — Radio frequency identification for item management — Part 61: Parameters for air interface communications at 860 MHz to 960 MHz Type A
TR 187 020 : 1.1.1 RADIO FREQUENCY IDENTIFICATION (RFID); COORDINATED ESO RESPONSE TO PHASE 1 OF EU MANDATE M436
ISO/IEC 18092:2013 Information technology — Telecommunications and information exchange between systems — Near Field Communication — Interface and Protocol (NFCIP-1)
ISO/IEC 27005:2011 Information technology Security techniques Information security risk management
ISO/IEC 18000-2:2009 Information technology — Radio frequency identification for item management — Part 2: Parameters for air interface communications below 135 kHz
ISO/IEC 18000-4:2015 Information technology Radio frequency identification for item management Part 4: Parameters for air interface communications at 2,45 GHz
ISO 11785:1996 Radio frequency identification of animals — Technical concept
ISO/IEC 18046-3:2012 Information technology Radio frequency identification device performance test methods Part 3: Test methods for tag performance
CEN/TR 16670:2014 Information technology - RFID threat and vulnerability analysis
ISO/IEC 18000-62:2012 Information technology — Radio frequency identification for item management — Part 62: Parameters for air interface communications at 860 MHz to 960 MHz Type B
ISO 11784:1996 Radio frequency identification of animals Code structure
ISO/IEC 18000-64:2012 Information technology — Radio frequency identification for item management — Part 64: Parameters for air interface communications at 860 MHz to 960 MHz Type D
ISO/IEC 18000-63:2015 Information technology Radio frequency identification for item management Part 63: Parameters for air interface communications at 860 MHz to 960 MHz Type C
ISO/IEC 18000-3:2010 Information technology — Radio frequency identification for item management — Part 3: Parameters for air interface communications at 13,56 MHz
ISO/IEC 29100:2011 Information technology — Security techniques — Privacy framework

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.