Protecting personal information has never been so important. As legal requirements such as the European Data Protection Regulation (EU GDPR) are developed and enforced by 25 May 2018, businesses need to demonstrate that they take managing privacy seriously. And that’s where BS 10012 can help.

The BS 10012:2017 and ISO/IEC 27701:2019 standard sets out the requirements for a personal information management system (PIMS) and aligns with the principles of the European General Data Protection Regulation (EU GDPR). It outlines the core requirements organizations need to consider when collecting, storing, processing, retaining or disposing of personal records related to individuals. 

What is a Personal Information Management System (PIMS)?

Every organization that processes personal information should set out to protect the privacy of the people it affects. It covers areas such as employee security awareness training, risk assessments, data retention, and disposal, helping you to put in place policies and procedures to enable the effective management of personal information on individuals.

The standards like BS 10012:2017 and ISO/IEC 27701:2019 provides a framework for a Personal Information Management System (PIMS), helping you to maintain and improve compliance with data protection legislation and provide assurance to your stakeholders. 

Easily integrated with other popular management system standards, including:

• Helps to identify and manage risks to personal information
• Supports regulatory compliance with data protection legislation
• Inspires customer trust
• Protects your organizations' reputation
• Benchmarks your own personal information management practices with recognized best practice