MENU

BS 10012: Information management for personal data

  1. Certification
  2. System Certification
  3. Information Technology
  4. BS 10012

Efficient protection for personal data

Companies working with personal data must ensure that the data and the private sphere of the people to whom the data refers are suitably protected. BS 10012:2017 is a voluntary standard which supports companies in the development and operation of an effective data protection management system. The current version of the standard already takes the requirements of the changed EU General Data Protection Regulation (EU-GDPR) into account. This means that the management system covers the basic principles of data protection and is therefore accepted throughout the EU.

The BS 10012:2017 standard helps companies to establish the rules and processes which are needed for efficient administration of personal data. It covers areas like safety awareness training of employees, risk assessments, data retention and data destruction. Existing risks to data protection are identified, analysed and eliminated. This means that companies can increase the trust of their customers, partners and stakeholders, and also enhance their image.

Adhering to basic principles of data protection

Each individual organization is responsible for adherence to the specified data protection rules and regulations. In this context, certification according to BS 10012 offers an effective framework which takes the following basic data protection principles of the EU-GDPR into consideration:

  • Legal compliance, processing in good faith, transparency
  • Use for the specified purpose only
  • Data minimisation
  • Accuracy
  • Storage duration
  • Integrity and confidentiality

Standard BS 10012 can be combined with an information security management system based on ISO 27001, for example, or with a quality management system according to ISO 9001. Most importantly, the aspects of risk assessment and risk management are taken from ISO 27001, providing ease of integration.

TÜV NORD CERT offers support in adhering to data protection requirements and improving your data protection systems. Let us help you to protect one of your most valuable company assets and improve your competitive situation.  

Please feel free to contact us if you have any questions

We use cookies to optimize the functionality of the website and for web analysis. If you use our website, you agree.