BS10012 Data Protection

The first iteration of BS10012 was published in 2009 by British Standards. Our lead consultant worked with various prestigious organisations on creating PIMS (Personal Information Management Systems) to address the fundamentals of this Standard.

The purpose of BS10012 is to allow organisations to create a management system that can be integrated with other frameworks to maintain and safeguard personal data that may be retained.

The PIMS framework sets out best practice frameworks for the effective management of personal data that can be held by various parties and within differing technologies. 

Using the Annex SL model for integrating differing management systems BS10012 – Data Protection can be integrated with ISO9001 2015 QMS and ISO27001 2013 ISMS. Thus, providing a cloak of best practice Standards to manage and safeguard personal data.

The updated BS 10012:2017+A1:2018 has been re-issued to aligning with GDPR requirements. Which became implemented within the UK on May 25th, 2018, via the Data Protection Act 2018.

In the absence of the ICO’s ‘Privacy Seal’ for certification of good data protection practices, BS10012 remains the ultimate externally certified product that allows organisations small and large to demonstrate their compliance to data protection best practice Standards.