BS 10012

Personal Information Management System

BS 10012 provides a framework for a Personal Information Management System standard, helping you maintain and improve compliance with data protection legislation and provide assurance to your stakeholders. BS 10012 is the only management system standard that has been updated to align with the General Data Protection Regulation (GDPR).

person working at table on laptop

BS 10012 certification

  • Ensure organisational compliance with GDPR and demonstrate effective data protection.
  • Achieve BS 10012 certification from an internationally accredited certification body.
  • Apply for contracts and tenders requiring professional data protection.
  • Protect organisational reputation and reduce risks of data breaches.
  • Suitable for all sizes and sectors of organisations that handle personal data.

What is BS 10012?

BS 10012 certification allows an organisation to demonstrate that they take data privacy seriously and manage it with industry recognised best practices. Furthermore, it demonstrates confidence, provides assurance to stakeholders and is a clear market indicator. It supports the effective control of personal data, including gathering, processing, storing and transferring information in line with legislation.

Certification is a straightforward way of demonstrating your compliance with GDPR, and BS 10012 is the standout management system standard that will facilitate compliance goals.

BS 10012 certification ensures organisations put the protection and safe use of personal data at the heart of their operations through:

  • Deploying practical security awareness training.
  • Regular risk assessments to identify threats to data security.
  • A clear understanding of best practice data retention and disposal.
  • Policies and procedures to enable the effective management of personal data.

What are the benefits of BS 10012?

Personal data protection is a vital issue for businesses that collect, process and store personal information. Investors and customers are increasingly assessing corporate ESG policies such as effective data protection to benchmark businesses. BS 10012 certification demonstrates a commitment to GDPR and data protection legislation, building customer trust and reducing the risk of reputational harm caused by data breaches.

BS 10012 can be easily integrated into other management system standards such as ISO 27001 (Information Security Management Systems).

The BS 10012 framework allows organisations to:

  • Deploy a certified standard that aligns directly with GDPR requirements.
  • Identify and manage risks and threats to personal information.
  • Meet regulatory compliance with relevant data protection legislation.
  • Enhance customer loyalty and builds trust in data systems and processes.
  • Protect the organisation’s reputation.
  • Apply for contracts and tenders requiring high-level data protection.
  • Ensure personal information management practices are recognised.
 

Nulla vitae elit libero, a pharetra augue. Duis mollis, est non commodo luctus, nisi erat.

How to become BS 10012 certified?

Achieving BS 10012 certification involves implementing a personal information management system known as a PIMS.

We’ve certified hundreds of organisations, including brands such as Diageo, Greenstar and Liverpool Victoria to BS and ISO standards across a wide variety of sectors. Certification Europe also provides training to help your organisation define, develop and implement a management system.

Our expert assessors conduct a pre-assessment to review your PIMS against British Standards requirements, including gap analysis. We operate a comprehensive multi-stage assessment process to audit your PIMS and determine if your organisation complies.

If your organisation meets the requirements, Certification Europe issues an official certificate. Your organisation can use its BS 10012 certification status in marketing and promotional materials.

Start your journey to BS 10012 certification

Contact our team for a free, no-obligation quotation from our dedicated support team to start your British Standards certification journey. We tailor our quotes to meet your requirements, and we support a range of standards, including ISO 27001, ISO 45001, ISO 9001 and Cyber Essentials.

Learn more about Certification Europe’s accreditations, discover our client testimonials and find out more about working with us.

The Certification Journey

The Certification Journey

Stage One

The initial assessment determines if the mandatory requirements of the standard are being met and if the management system is capable of proceeding to Stage 2.

1

Stage Two

The second assessment determines the effectiveness of the system, and seeks to confirm that the management system is implemented and operational.

2

Recommendation for Certification

At this point in the process we review any corrective actions taken to address findings raised at Stage 1 & 2. Certification may be recommended.

3

Certification Review & Decision

The organisations files are reviewed by an independent and impartial panel and the certification decision is made.

4

Certification Achieved

Successful certification is communicated to the client. Certificates are issued.

5

BS 10012 FAQs

BS stands for ‘British Standard’, produced by the British Standards Institution (BSI). They act as an agreed way of doing things, whether making or supplying something, managing a process or delivering a service.

BS 10012 is a standard suitable for all types and sizes of organisations – from start-ups and SMEs to charities and corporations. The internationally recognised standard is used by a large number of industry sectors such as banking, financial, health, public and IT sectors.

The standard is especially suitable for protecting information, such as in the banking, financial, health, public and IT sectors. The standard is also applicable to organisations that manage high volumes of personal data or information on behalf of other organisations such as data centres and IT outsourcing companies.

BS 10012:2017 is the latest edition of the British Standard. We only certify organisations to the latest standards to meet any legislative compliance requirements.

BS 10012 is a framework that details the requirements and implementation of PIMS to maintain and improve compliance with data protection legislation and provide assurance to your stakeholders. It is the only management system standard that has been updated to align with the General Data Protection Regulation (GDPR). Organisations can use in-house expertise or work with third-party consultants to support their implementation process.

BS 10012 certification is valid for three years and is subject to mandatory audits to ensure compliance.

We’re accredited by the INAB and meet rigorous international certification standards, delivering ISO expertise to audit and certify ISO standards.

Accreditation is the process by which a certification body is recognised to offer certification services. To become accredited, Certification Europe is required to implement a Quality Management System which is assessed by an Independent Authorised Body (Irish National Accreditation Body) to determine that it meets International Standards.

We’re audited annually to ensure our services meet the exact requirements of the relevant accreditation standards.

Get a Quote

To help us prepare the best quotation for you, please complete the form below. We will get back to you as soon as possible; but if you need immediate assistance, please call +353 1 642 9300.

Related ISO Certifications

ISO 9001

Quality Management System

Quality Management System ISO 9001 is an internationally recognised global standard that confirms an …

ISO 14001

Environmental Management System

ISO 14001 Environmental Management System ISO 14001 is the global standard for organisations wanting …

ISO 45001

Occupational Health and Safety

Occupational Health and Safety ISO 45001 is an international standard that specifies requirements for …

ISO 50001

Energy Management System

Energy Management Systems ISO 50001 is a global standard for organisations looking to improve …

ISO 27001

Information Security Management Systems

Information Security Management Systems ISO 27001 is the international standard for managing risks related …

ISO 22301

Business Continuity Management Systems

Business Continuity Management Systems ISO 22301 is the business continuity management system (BCMS) standard. …

ISO 20000-1

IT Service Management Systems

IT Service Management Systems ISO 20000-1 is the international standard for quality management specifically …

ISO 13485

Medical Devices

Medical Devices ISO 13485 is a globally recognised quality standard that identifies the requirements …

ISO 27701

Privacy Information Management Systems

Privacy Information Management Systems ISO 27701 is the global standard for Privacy Information Management …

BS 10012

Personal Information Management System

Personal Information Management System BS 10012 provides a framework for a Personal Information Management …

ISO 27018

Protection of Personally Identifiable Information (PII)

Protection of Personally Identifiable Information (PII) ISO 27018 is the global standard organisations use …

ISO 27017

Cloud Data Protection

Cloud Data Protection ISO 27017 is the global standard used by organisations to strengthen …
Previous
Next