20 November 2019
BSI, the business improvement company, has today launched a global certification program to help organizations establish, implement, and maintain a Privacy Information Management System (PIMS).
Accenture plc, Alibaba Cloud Computing Ltd., Alibaba.com Singapore E-Commerce Private Limited., Beijing Feishu Technology Co. Ltd., Beijing Microlive Vision Technology Co., Ltd, Blackhawk Network Inc., Huawei Software Technologies Co., Ltd, Huawei Mobile Services, Huawei Cloud, Lotte Duty Free, PwC Mauritius, and Ribose Group Inc. are the first organizations to achieve this certification with BSI and were presented with their certificates at the BSI reception as part of the IAPP Data Protection Congress 2019 in Brussels.
Organizations are facing a dual-challenge - to collect and process an increasing volume of data, while ensuring compliance to the new and growing list of privacy regulations and new legislation being developed across the globe. This new program is based on ISO/IEC 27701:2019 Security techniques — Extension to ISO/IEC 27001. The standard, which was published in August, provides organizations with guidance on the operational controls to support the response to new privacy requirements such as the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and Brazil Lei Geral de Proteção de Dados Pessoais (LGPD). The standard is an extension to an ISO /EC 27001 Information Security Management System (ISMS).
To achieve certification to the standard, organizations undergo an independent assessment including a rigorous on-site audit covering all the requirements of ISO/IEC 27701. An organization complying with the requirements of the standard will generate documentary evidence of how it handles the processing of Personally Identifiable Information (PII). Such evidence can be used to facilitate agreements with business partners where the processing of PII is mutually relevant. In order to achieve certification, organizations also must be certified to ISO/IEC 27001.
“This certification serves as a significant milestone in our continuing journey to protect Accenture information. We have always believed that information security and data privacy are core elements of Accenture’s DNA,” said Andrew Vautier, Chief Information Security Office, Accenture. “As one of the first organizations – and the largest global organization – to achieve this certification, Accenture continues to demonstrate its commitment and vigilance to upholding GDPR, as well as other global privacy requirements. We believe this achievement recognizes our robust company-wide information security and data privacy network, driven by our work to strengthen our security posture and create a culture that puts security first.”
Ahmad Alkhatib, Assurance Business Development Director at BSI commented: “In order to remain resilient, organizations must protect the personal data that they gather, store, access, and use. This is becoming increasingly challenging given the growing volume of data that organizations have to manage and the new data privacy legislation that is increasing around the globe.
“By achieving certification to this new standard, organizations can demonstrate that they are taking a proactive approach to data protection, helping to build trust and transparency with their stakeholders. We’re delighted to present certification to these organizations as part of our global early adopters program, which is a huge achievement.”
Further details about the program can be found here: https://www.bsigroup.com/en-US/iso-27701-privacy-information-management/
- ENDS –
Notes to Editors:
BSI is the business improvement company that enables organizations to turn standards of best practice into habits of excellence. For over a century BSI has championed what good looks like and driven best practice in organizations around the world. Working with 84,000 clients across 193 countries, it is a truly international business with skills and experience across a number of sectors including aerospace, automotive, built environment, food, and healthcare. Through its expertise in Standards Development and Knowledge Solutions, Assurance, Regulatory Services and Professional Services, BSI improves business performance to help clients grow sustainably, manage risk and ultimately be more resilient.
To learn more, please visit: bsigroup.com
Images available to download here: https://elmmedia.shootproof.com/gallery/BSI
571 758 8638