UK-based business technology firm Bistech is the first to gain certification to the new BS 10012:2017 data protection standard with Lloyd’s Register (LR).
Ferndown-based Bistech successfully achieved BS 10012:2017 certification this month, and has been issued LR’s first certificate to this demanding new standard. This places Bistech among the first organisations in the world to be able to declare, and most importantly, demonstrate compliance with GDPR.
Bistech began the GDPR journey back in 2017, well in advance of the May 25, 2018 compliance deadline. A dedicated team not only reviewed the legislation but additionally prepared for independent third-party certification with Lloyd’s Register within weeks of BS 10012:2017 being published. With the new British Standard being revised in 2017 to address the practical implementation of GDPR, certification demonstrates Bistech’s commitment to meeting the Regulation requirements.
Following a rigorous onsite audit covering the exacting requirements of BS 10012, certification was provided by Lloyd’s Register, a leading independent professional assurance services organisation.
BS 10012 provides a best practice framework for a Personal Information Management System (PIMS) and outlines the core requirements that organisations need to consider when collecting, storing, processing, retaining or disposing of personal records related to individuals. Supplementing Bistech’s long-established ISO 27001 management system, this achievement provides the best possible assurance that their IT and physical security solutions are class leading and without compromise.
Jocelyn Brown, managing director at Bistech, said: “We have always taken the confidentiality of information very seriously at Bistech. Achieving this high standard affirms our ongoing commitment to our customers, suppliers and employees and the privacy of individuals.”
David Derrick, UK&I area operations manager at Lloyd’s Register, commented: “With personal information being the most important asset to many organisations these days, organisations need to implement the appropriate controls to safeguard their data. By Bistech achieving certification to BS 10012, it demonstrates they have implemented the appropriate controls, policies and procedures to protect their stakeholder’s personal information.”
Tim Sparey, business improvement services manager at Lloyd’s Register, concluded: “Being already approved to ISO 27001, the Information Security Management System standard, implementing the BS 10012 requirements was the logical next step for Bistech. By achieving BS 10012 and implementing policies and procedures to protect the personal information they store and process, Bistech has a firm foundation for GDPR compliance.”