Protect your customers' personal data with BS 10012.
With the BS 10012 certificate you will build a meaningful and effective PIMS (Personal Information Management System) and fulfil the legal obligation of personal data protection, which has been regulated by the General Regulation on Personal Data Protection or GDPR since May 2018. In addition, by taking appropriate measures, you will strengthen customer confidence and increase the credibility of your entire organization.
At TAYLLORCOX, we have been performing personal data protection audits for over 10 years. As one of the few Czech companies who offer the BS 10012 certification, we also provide a unique mix of advantages:
Why get certified to the BS 10012 standard?
The legislation imposes an obligation to protect personal data but provides no guidance to help companies comply with the measures. That is why the BS 10012 certification was created and brings a number of benefits for your organization:
You will set up effective privacy procedures and processes.
It will be easier to assess whether your PIMS complies with legislation.
You will identify possible risks associated with personal data protection.
You will get a standardized benchmark for auditing your privacy level.
You will make it clear that you take privacy seriously.
With this certification you will secure a competitive advantage in tenders.
You will increase the credibility of your company in the eyes of customers and business partners.
You will protect your organization's reputation.
BS 10012 certification process in 3 steps
At TAYLLORCOX we have developed a unique three-phase certification process that allows us to proceed with unrivalled speed and efficiency.
We will pass the necessary knowledge to your employees.
One of the conditions for obtaining BS 10012 is demonstrable PIMS knowledge of your employees. All necessary training is conducted by internationally accredited auditors with extensive experience.
We have prepared a supporting materials package for you. This will facilitate your path to successful certification.
The package contains a full set of templates, samples and forms that will guide you through the compilation of a key BS 10012 manual for the entire company, including checklists. With these, you will ensure that you have optimized all processes in the company as required by legislation and certification. The authors of the toolkit are our accredited auditors, leading experts on BS 10012, who guarantee the factual accuracy and quality of all materials.
Get a confirmation that your business processes meet the strict requirements of BS 10012.
The certification will be performed by our lead auditor. The first stage of the internal audit - desktop review - will focus on the description of the current state of security documentation in terms of its complexity and completeness. It will be followed by a process review, where we will evaluate the compliance of the documentation with reality and compile a list of necessary measures.
Why choose TAYLLORCOX for your BS 10012 certification?
We will analyse your situation and we will design a specific certification procedure to ensure it meets your real needs. Moreover, we can flexibly respond to your ad-hoc requests during the certification process.
We are part of an international company which is the basis of our know-how and background. Our auditors are top experts taking part in the creation of relevant laws.
We will take over most of the administrative burden for you and thanks to our experience and detailed customization we can implement the certification process up to 75% faster than our competition.
As the only accreditation body on the market, we will also provide training for you and your employees. This is one of the reasons why the vast majority of our certifications result in success.
We offer the best quality : certification price ratio. We manage to adapt to corporations as well as start-ups, and our outputs are always just as precise.
Although our team is full of renowned specialists from a wide range of industries we are completely normal people. We provide clients with the best customer care and devote our energy to their education.
We constantly bring news and important information (not only) about PIMS on our blog.
More details about BS 10012
BS 10012 is a British standard that contains best practices for the implementation of personal data management systems.
PIMS is based on a set of approved rules, which are in particular:
information classification policy
information security policy
information storage and archiving policy
policy for controlling access to and proper use of information
Specifically, BS 10012 defines:
PIMS planning, policy preparation and content (internal regulation), definition of responsibilities and integration of measures into the organization.
Implementation of the PIMS, the role of management and day-to-day administration of the PIMS in accordance with legislation and policy.
Ensuring the proper collection, processing and use of personal data.
Risk analysis and adaptation of PIMS to changing conditions.
Monitoring and evaluation of PIMS, requirements for audit and compilation of evaluation reports for the management of the organization, preventive and corrective measures, continuous improvement of PIMS.
Legislative framework
The protection of personal data in the Czech Republic was previously enshrined in Act No. 101/2000 Coll. At the same time, Directive 95/46 / EC applied to the Member States of the European Union. However, in May 2018, the General Data Protection Regulation (GDPR) came into force, replacing the original legislation. BS 10012 certification confirms that the organization meets the requirements set by the GDPR.
FAQ
Is it really important to get the BS 10012 certification?
Modern technologies make it possible to collect and evaluate huge amounts of data, which increases the risk of invading the privacy of those who provide information about themselves. We should therefore be interested in the protection of personal data. In addition, it has been established by an EU regulation, which we know as GDPR, and the BS 10012 standard significantly helps to comply with its requirements.
Our organisation works with personal data, what does that mean?
The law imposes a number of obligations on controllers and processors of personal data, the proper fulfilment of which in practice is not entirely simple.
The controller or processor must "put in place appropriate technical and organizational measures to protect personal data against accidental or unauthorized access, destruction, loss, unauthorized modifications, unauthorized disclosure and any other form of unlawful processing". These measures must be based on the environment in which the personal data are processed, be proportionate to the risk, be processed, be documented and reflect the technologies used.
What are the most common problems in organisations that do not have the BS 10012 certification?
In consulting and auditing we often encounter helplessness among responsible staff who do not know how to apply personal data protection requirements. Some organizations believe that it is enough to issue an internal regulation containing quotations from the law, thus avoiding legal liability. But how to implement its requirements factually, organizationally and technically? The BS 10012 certification will answer this question, incl. process settings.
