Alcance
This document contains guidelines for developing and establishing policies and procedures for deletion of personally identifiable information (PII) in organizations by specifying:— a harmonized terminology for PII deletion;— an approach for defining deletion rules in an efficient way;— a description of required documentation;— a broad definition of roles, responsibilities and processes.This document is intended to be used by organizations where PII is stored or processed.This document does not address:— specific legal provision, as given by national law or specified in contracts;— specific deletion rules for particular clusters of PII that are defined by PII controllers for processing PII;— deletion mechanisms;— reliability, security and suitability of deletion mechanisms;— specific techniques for de-identification of data.