I'm putting words into the privacy commissioner's mouth here, but I'm going say that I don't think the privacy commissioner is going to care one iota whether the records system holding PII in your organisation is ISO16175 compliant.