< Previous standard      ^ Up a level ^      Next standard >

 ISO/IEC TS 27560:2023 — Privacy technologies — Consent record information structure
(first edition)

Abstract

 “This document specifies an interoperable, open and extensible information structure for recording PII principals' consent to PII processing. This document provides requirements and recommendations on the use of consent receipts and consent records associated with a PII principal's PII processing consent, aiming to support the: provision of a record of the consent to the PII principal; exchange of consent information between information systems; management of the life cycle of the recorded consent.”

[Source: ISO/IEC TS 27560:2023]

Introduction

This Technical Specification specifies an interoperable, open and extensible information structure for recording and potentially sharing PII Principals' (data subjects') consent to data processing.

Scope of the standard

In addition to the specification, the standard provides requirements and recommendations on the use of consent receipts and consent records associated with a PII Principal’s data processing consent to support the:

• Provision of a record of the consent to the PII Principal;
• Exchange of consent information between information systems; and
• Management of the lifecycle of the recorded consent.

The standard does not specify an exchange protocol for receipts and records, nor an exact data structure for such exchange.

Content of the standard

 The main sections cover:

5. Overview
6. Consent record structure and consent receipt

Plus 8 appendices.
 

Status

 The Technical Specification was published in August 2023.

< Previous standard      ^ Up a level ^      Next standard >