BS 10012 - Personal Information Management System
BS 10012 is a Personal Information Management System (PIMS). This standard can be integrated with existing management systems or be implemented on its own. The standard has been written inline with the requirements of the GDPR and specifically cross-references the requirements of the GDPR. For anyone who has read the GDPR and knows what a lengthy and daunting document it is, this standard is an excellent tool for approaching the requirements in a methodical way.
Obtaining certification to the Standard will enable you to demonstrate measures and actions which you have taken in order to drive compliance with the requirements around Data Protection. Whilst no Standard can guarantee a breach will not take place, it should certainly mitigate the likelihood. It’s also an excellent response if asked by the Authority (ICO), existing clients and/or future clients what action you’ve taken to ensure GDPR compliance.
The Standard itself ensures that you have the necessary documentation in place. This includes; data flows, data inventories, data protection impacts assessments, privacy policies. All of these documents are critical to assist with GDPR compliance.
BS 10102 was written by the British Standards Institute (BSI) and was last updated in 2017 to come in line with the requirements of the GDPR. To understand more about BS 10012 click here
Contact us today to discuss the the personal information management requirements for your business.