GDPR

Mandatory cookies

Mandatory cookies enable the main website functions. Without the aforementioned cookies the website cannot function properly. These cookies can be turned off only by changing the browser settings.

Statistics cookies

Analytical cookies allow us to improve the website by collecting and providing information about its usage.

Newsletter subscription

projektai-lsd Lithuanian Standards Board
Portal for draft standards
Register

ISO/DIS 30439

Human Resource Management — Safe Handling of Data

Draft Public enquiry
Comment end date 2025-12-20
Export comments Read draft and comment

Project stage codes

1. CD study/ballot initiated
2. Viešoji apklausa
From 2025-10-21 till 2025-12-20
3. Closure of enquiry

Organisation

ISO Tarptautinė standartizacijos organizacija

ICS

35.030 - IT Security

Technical Committee

TK 90 Human resource and knowledge management

ForeignTC'S

ISO/TC 260

Number of comments

0

Comment start date

2025-10-21

Scope

This standard establishes guidelines for organizations in the safe handling of HRM data. This standard pertains to data derived for, from, or used within HRM activities and processes. This standard applies to both for- and non-profit organizations of any size and applies in all sectors and geographies. This standard covers the safe handling of HRM data, in any format, whether collected, maintained, or used by a Human Resources department or an alternative party such as third parties, vendors, or non-HR departments (e.g., Finance, Operations, etc.). This standard concerns only the safe handling of HRM data; characteristics of the HRM data itself such as the quality, reliability, and validity are not within the scope of this standard (See ISO/FDIS 30435:2023 Workforce Data Quality). This standard includes the safe handling of data related to any individual for whom information (regardless of format) is utilized as part of the HRM data life cycle. This may include past and present employees, contractors, directors/board members, applicants, and formerly or indirectly associated individuals. It does not include privacy for customers, suppliers, or other third parties when the data exists outside of HRM (See ISO 27001 and 27002 for data privacy standards non-specific to HRM data and ISO 38505 IT Governance for standards related to data governance in general). In addition to the safe handling recommendations for HRM data included within this standard, other standards may provide additional guidance and actions recommended for the general management and protection of certain types of HRM data. For example, ISO 10667 (Assessment service delivery - Procedures and methods to assess people in work and organizational setting) focuses on the systematic method and procedure for ascertaining or measuring work‑related knowledge, skills, abilities, performance, or other characteristics of an individual or group of individuals provides suggestions for ensuring assessment participants' data protection and appropriate use of personal data.