BS 10012 is a British Standard which came into effect on 31 March 2017. This Data Protection Standard takes into account GDPR requirements and follows ISO Management Systems structure.
Benefits of implementing BS 10012:
Achieve cost savings through fewer incidents and potential reductions in corporate insurance premiums
Gain a tender advantage and win new business
Reassure stakeholders and customers that their personal information is protected
Safeguard your organization’s reputation and avoid adverse publicity
Demonstrate compliance with data protection legislation and gain preferred supplier status
Identify risks to personal information and put controls in place to manage or reduce them
Protect you and your organization against civil and criminal liability within supply chains
Benchmark your own personal information management practices with recognized best practice
A clearer understanding of data protection issues across the business can lead to process efficiences
Many businesses struggle to follow GDPR and to understand its requirements, BS10012 makes implementation of GDPR easier.
Personally, I think it is great to have a solution to what is, the biggest change in the Data Protection legislation in recent times: GDPR.
GDPR applies to any business worldwide which processes personal data of EU citizens. Basically, it could be any information which can identify the individual, i.e. name, date of birth, job title, email address, IP address, home address, etc. For example, if the only information you have is the name Mr. Smith, but no other information related to that individual, such as date of birth, home address, IP address,etc., then the information would not be treated as a personal data under GDPR, as you won't be able to identify individual simply from his name alone, 'Mr. Smith'. There will be thousands, if not millions of Mr. Smiths around the world. On another hand, if you store Mr. Smith's job details, i.e. Quality Manager at the ABC company, then the information becomes personal data, as you could definitely identify Mr. Smith.
Many businesses outside of the EU have a misconception that GDPR does not apply to them. If a company processes personal data of EU citizens, irrelevant of that company's location, then the company must comply with GDPR.
If you are still not sure if your business should comply with the GDPR, please get in touch, and we will clarify this for you, free of charge.
We would be more than happy to highlight the importance of GDPR compliance and how you can achieve it by implementing BS 10012.
Do not wait any longer! Ensure that your business is GDPR compliant and protect personal data of your employees, customers, partners.
The deadline for GDPR compliance is 25 May 2018, after which date, your business could receive huge fines if not compliant.