BSI, the business improvement company has today launched a global certification scheme to help organizations establish, implement and maintain a Privacy Information Management System (PIMS).
Accenture plc, Alibaba Cloud Computing Ltd., Alibaba.com Singapore E-Commerce Private Limited., Beijing Microlive Vision Technology Co., Ltd, Blackhawk Network Inc., Huawei Software Technologies Co., Ltd HUAWEI MOBILE SERVICES, HUAWEI CLOUD, Lotte Duty Free, PwC Mauritius, and Ribose Group Inc are the first organizations to achieve this certification with BSI.
Organizations are facing a dual-challenge - to collect and process an increasing volume of data, whilst ensuring compliance to the new and growing list of privacy regulation and new legislation being developed across the globe. This new scheme, is based on BS ISO/IEC 27701:2019 Security techniques — Extension to ISO/IEC 27001. The standard, which published in August, provides organizations with guidance on the operational controls to support the response to new privacy requirements such as the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and Brazil Lei Geral de Proteção de Dados Pessoais (LGPD). The standard is an extension to an ISO IEC 27001 Information Security Management System (ISMS).
To achieve certification to the standard, organizations undergo an independent assessment including a rigorous on-site audit covering all the requirements of BS ISO/IEC 27701. An organization complying with the requirements of the standard will generate documentary evidence of how it handles the processing of Personally Identifiable Information (PII). Such evidence can be used to facilitate agreements with business partners where the processing of PII is mutually relevant. In order to achieve certification, organizations must be certified to ISO/IEC 27001.
Ahmad Alkhatib, Assurance Business Development Director at BSI commented:
“In order to remain resilient, organizations must protect the personal data that they gather, store, access and use. This is becoming increasingly challenging given the growing volume of data that organizations have to manage and the new data privacy legislation that is increasing around the globe.
“By achieving certification to this new standard, organizations can demonstrate that they are taking a proactive approach to data protection, helping to build trust and transparency with their stakeholders. We’re delighted to present certification to these organizations as part of our global early adopters programme, which is a huge achievement.”
Organizations were presented with their certificates at the BSI drinks reception as part of the IAPP Data Protection Congress 2019 in Brussels.
Further details about the scheme can be found here: https://www.bsigroup.com/en-NZ/iso-27701-privacy-information-management/
- ENDS –
Notes to Editors:
About BSI
BSI is the business improvement company that enables organizations to turn standards of best practice into habits of excellence. For over a century BSI has championed what good looks like and driven best practice in organizations around the world. Working with 84,000 clients across 193 countries, it is a truly international business with skills and experience across a number of sectors including aerospace, automotive, built environment, food, and healthcare. Through its expertise in Standards Development and Knowledge Solutions, Assurance, Regulatory Services and Professional Services, BSI improves business performance to help clients grow sustainably, manage risk and ultimately be more resilient.
Images available to download here: https://elmmedia.shootproof.com/gallery/BSI