The protection of personal information is a hot topic that’s never out of the papers.

Customers frequently now require you to demonstrate your compliance with data protection legislation.


BS 10012:2017 provides a structured, scalable management system that supports all organisations with the management of personal information. It outlines the core requirements businesses need to consider when collecting, storing, processing, retaining or disposing of personal records related to individuals.

BS 10012 was revised in 2017 to incorporate the requirements of the European Union General Data Protection Regulation (GDPR). It enables businesses to identify and manage risks aligned to personal data, driving the implementation of appropriate policies, procedures and controls.

No previous experience of running a management standard is necessary. We help you implement BS10012 into your business.

For those who are familiar with other standards such as ISO 9001, ISO 27001, ISO 14001 etc., then BS 10012 follows a similar structure. In addition to the familiar Plan-Do-Check-Act cycle, BS 10012 has adopted Annex SL and will therefore have a similar look and feel. For organisations who have adopted other main ISO standards, the use of Annex SL allows BS 10012 to be integrated into your established management system.

Why a BS10012 Management System?

The main benefits of BS 10012 include:

Benefits to you:

  • Inspires customer trust in your organisation

  • Demonstrates your commitment to identifying and mitigating risks to personal information

  • Safeguards your organisation’s reputation

  • Customers and potential customers will know you comply with the GDPR and the UK Data Protection Act (this is great for tenders)

Benefits to your customers:

  • Reassurance that risks to their information will be quickly identified and issues addressed

  • They can quickly assess your compliance with the GDPR and UK Data Protection Act

  • Provides a framework for appropriate communication methods

Benefits to your staff:

  • Visibility that you are committed to keeping their personal information safe

  • Promotes an open and supportive culture, employees fully understand their rights and responsibilities

  • Increased job security through enhanced business performance

BS 10012:2017

Personal Information Management System