PLEASE NOTE: Our website uses a technology called cookies to improve your experience. One of the cookies we use is essential for parts of the site to operate and may have already been set. You may delete and block all cookies from this site, but parts of the site will not work. For more information see our privacy policy.

To accept cookies from this site (and hide this notice) please check this box and click the continue button.

HomeThe IssuesOur ServicesOur TeamPublicationsTestimonialsNewsletterContact us

BSI launches Data Protection Standard 10012 - June 2009

A new standard for Data Protection compliance has been issued by the British Standards Institution.


“BS 10012:2009 Data Protection – Specification for a personal information management system”

specifies the requirements for a personal information management system (PIMS), which provides an infrastructure for maintaining and improving compliance with the Data Protection Act 1998.


According to the BSI the standard “provides the framework which will enable effective management of personal information. It can be used by organisations of any size and sector to create a tailored management system which includes procedures in areas such as training and awareness, risk assessment, data sharing, retention and disposal of data and disclosure to third parties.” Other BSI standards cover security and processing best practice but this is the first designed specifically to establish a regime of overall compliance with the Act.


The launch comes hot on the heels of BSI’s own research into how businesses cope with the Act. In a sample of 500 small and medium sized businesses, one in five admitted to breaching the act and a third stated that the complexity of the legislation restricted their ability to comply.

Other recent items: