Editing Data security (section)

=== International standards ===

The international standards [[ISO/IEC 27001]]:2013 and [[ISO/IEC 27002]]:2013 cover data security under the topic of [[information security]], and one of its cardinal principles is that all stored information, i.e. data, should be owned so that it is clear whose responsibility it is to protect and control access to that data.<ref>{{Cite web |title=ISO/IEC 27001:2013 |url=https://www.iso.org/cms/render/live/en/sites/isoorg/contents/data/standard/05/45/54534.html |access-date=2022-11-03 |website=ISO |date=16 December 2020 |language=en}}</ref><ref>{{Cite web |title=ISO/IEC 27002:2013 |url=https://www.iso.org/cms/render/live/en/sites/isoorg/contents/data/standard/05/45/54533.html |access-date=2022-11-03 |website=ISO |date=15 April 2021 |language=en}}</ref> The following are examples of organizations that help strengthen and standardize computing security:

The [[Trusted Computing Group]] is an organization that helps standardize computing security technologies.

The [[Payment Card Industry Data Security Standard]] (PCI DSS) is a proprietary international information security standard for organizations that handle cardholder information for the major [[Debit card|debit]], [[Credit card|credit]], prepaid, [[e-purse]], [[Cash machine|automated teller machines]], and point of sale cards.<ref>{{cite web|title=PCI DSS Definition|url=https://www.pcmag.com/encyclopedia/term/59104/pci-dss|access-date=1 March 2016|url-status=live|archive-url=https://web.archive.org/web/20160302073624/http://www.pcmag.com/encyclopedia/term/59104/pci-dss|archive-date=2 March 2016}}</ref>

The [[General Data Protection Regulation|General Data Protection Regulation (GDPR)]] proposed by the European Commission will strengthen and unify data protection for individuals within the EU, whilst addressing the export of personal data outside the EU.