Information technology — Identification of privacy protection requirements pertaining to learning, education and training (LET) — Part 1: Framework and reference model

ISO/IEC 29187-1:2013 has been developed to support modelling generic international requirements for identifying and providing privacy protection of personal information throughout any kind of ICT-based learning transaction where the individual has the role of an individual learner. It provides users and designers with a methodology and tools addressing privacy protection and related requirements imposed by applicable jurisdictional domains. ISO/IEC 29187-1:2013 takes the "learning operational view" (LOV) aspects based on the ISO/IEC 14662 Open-edi Reference Model (a freely available ISO standard) together with applicable ISO standards including ISO/IEC 15944-1 and ISO/IEC 15944‑5 (also available without charge) as well as many other international referenced specifications. ISO/IEC 29187-1:2013 models the requirements of jurisdictional domains as external constraints upon the creation, use, interchange, and information life cycle management of personal information. ISO/IEC 29187-1:2013 addresses the specified context of public policy requirements of jurisdictional domains controlling the use of personal information (PI). These include regulations for consumer protection, privacy protection, individual accessibility, etc. ISO/IEC 29187-1:2013 in a LET context identifies and expands upon eleven generic, primitive, international principles that have been associated with privacy protection requirements by international, regional, and UN member states. It models them with respect to the "collaboration space" of a learning transaction and commitment exchange involving an individual acting in the role of an individual learner. In a LET context, it provides principles and rules governing the establishment, management and use of identifiers of that individual, including the use of legally recognized names (LRNs), recognized individual identity (rii), and methods of non-identification, such as the use of anonymization and pseudonymization of personal information. ISO/IEC 29187-1:2013 also sets out principles governing information lifecycle management (ILCM) as well as the rules and associated coded domains for obtaining informed consent for collection, specifying state changes, records retention, record deletion and related matters in support of privacy protection requirements.

Technologies de l'information — Identification des exigences de protection privée concernant l'apprentissage, l'éducation et la formation (AÉF) — Partie 1: Cadre général et modèle de référence

General Information

Status
Published
Publication Date
05-Feb-2013
Current Stage
9092 - International Standard to be revised
Completion Date
13-Apr-2021
Ref Project

Relations

Buy Standard

Standard
ISO/IEC 29187-1:2013 - Information technology -- Identification of privacy protection requirements pertaining to learning, education and training (LET)
English language
181 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 29187-1
First edition
2013-02-15


Information technology — Identification
of privacy protection requirements
pertaining to learning, education and
training (LET) —
Part 1:
Framework and reference model
Technologies de l'information — Identification des exigences de
protection privée concernant l'apprentissage, l'éducation et la formation
(AÉF) —
Partie 1: Cadre général et modèle de référence





Reference number
ISO/IEC 29187-1:2013(E)
©
ISO/IEC 2013

---------------------- Page: 1 ----------------------
ISO/IEC 29187-1:2013(E)

COPYRIGHT PROTECTED DOCUMENT


©  ISO/IEC 2013
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2013 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 29187-1:2013(E)
Contents Page
Foreword . vii
0  Introduction . ix
0.1  Purpose and overview . ix
0.2  Benefits of using a multipart ISO/IEC 29187 standard approach . ix
0.3  Informed consent and learning transaction . x
0.4  Use of "jurisdictional domain", jurisdiction, country . xi
0.5  Use of “Person”, “individual”, “organization”, “public administration” and “person” in
the context of a learning transaction . xii
0.6  Importance of definitions and terms . xiii
0.7  Standard based on rules and guidelines . xiv
0.8  Size of document and role of “Part 1 Framework and Reference Model” . xiv
0.9  Use of “identifier” (in a learning transaction) . xv
0.10  Use of “privacy protection” in the context of a commitment exchange and learning
transaction . xv
0.11  Organization and description of document . xv
1  Scope . 1
1.1  Statement of scope – ISO/IEC 29187 multipart standard . 1
1.2  Statement of scope – part 1: Framework and Reference Model . 1
1.3  Exclusions . 1
1.3.1  Functional services view (FSV) . 1
1.3.2  Overlap of and/or conflict among jurisdictional domains as sources of privacy protection
requirements . 2
1.3.3  Publicly available personal information. 2
1.4  Aspects currently not addressed . 3
1.5  IT-systems environment neutrality . 6
2  Normative references . 7
2.1  ISO/IEC, ISO and ITU .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.