Home /

BS 10012 PIMS

BS 10012 PIMS

BS 10012 PIMS

BS 10012 provides a framework for a Personal Information Management System standard, helping you to maintain and improve compliance.

Personal Information Management System Certification

BS 10012 ā€“ Personal Information Management System Certification

What is BS 10012 Personal Information Management System (PIMS)?

BS 10012 provides a framework for a Personal Information Management System standard, helping you to maintain and improve compliance with data protection legislation and provide assurance to your stakeholders. BS 10012 is the only management system standard that has been updated to align with the General Data Protection Regulation (GDPR). By attaining Certification to BS 10012:2017 an organisation will be clearly stating that they take data privacy seriously and are managing it with industry recognised best practice. It will also demonstrate confidence, provide assurance and is a clear market indicator.

BS 10012 covers areas such as

  • Employee security awareness training
  • Risk assessments
  • Data retention and disposal
  • Assist in implementing policies and procedures to enable the effective management of personal information on individuals.

Certification is a clear way of demonstrating your compliance with GDPR and BS 10012:2017 is the standout management system standard which will facilitate compliance goals.

Benefits of BS 10012 PIMS?

BS 10012 can be easily integrated into other management system standards such as ISO 27001 (Information Security). BS 10012;

  • Is the only standard to align directly with GDPR
  • Helps to identify and manage risks to personal information
  • Supports regulatory compliance with data protection legislation
  • Enhances customer loyalty
  • Protects your reputation
  • Ensures your personal information management practices are recognized with best practices

What industries implement BS 10012?

BS 10012 Certification is suitable for any organisation, large or small, in any sector. The standard is especially suitable where the protection of information is critical, such as in the banking, financial, health, public and IT sectors. The standard is also applicable to organisations which manage high volumes of personal data, or information on behalf of other organisations such as data centres and IT outsourcing companies.

What to do next?

If you are starting the certification process, looking to transfer your certification or looking for other options for your business, please contact our business development team. We will devise a comprehensive quote which will be agreed in line with your requirements.

Breaching the General Data Protection RegulationĀ  GDPR requires that security incidents that might affect personal information are to be reported.Ā Ā  Learn More