On August 6, 2019, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) released ISO/IEC 27701 (ISO 27701), a privacy extension to ISO/IEC 27001 and ISO/IEC 27002, designed to help organizations protect and control the personal information they handle. Similar to the existing ISO standards ISO 27701 supplements, this new ISO standard may become the de facto standard of care for organizations to protect personally identifiable information (PII) and may be used to demonstrate compliance with privacy regulations around the globe, including the General Data Protection Regulation (EU) 2016/679 (GDPR).
