BM Certification Obtains ISO 27701 Privacy Information Management System Accreditation
We are pleased to announce that BM Certification has obtained the ISO/IEC 27701 Privacy Information Management System (PIMS) accreditation. This accreditation marks a significant milestone in our ongoing commitment to providing top-level security and privacy management system certification services to our clients.
The rapid advancement of technology and globalization presents new challenges in the field of personal data protection. There has been a significant increase not only in the volume of personal data collection and exchange between public and private sector entities, individuals, associations, and companies but also in the cross-border flow of personal data.
The General Data Protection Regulation (GDPR) requires organizations to take measures to ensure that personal data is processed lawfully, fairly, and transparently to the data subject, and to ensure the appropriate security of personal data, including protection against unauthorized or unlawful processing, as well as against accidental loss, destruction, or damage. However, the regulation does not provide specific guidelines on how these measures should be implemented.
ISO/IEC 27701, or the Privacy Information Management System, is an extension of the widely recognized ISO/IEC 27001 and ISO/IEC 27002 standards. The standard defines requirements and provides guidelines for establishing, implementing, maintaining, and continuously improving PIMS. It is important to note that ISO 27701 certification can only be obtained together with ISO 27001 certification. This means that organizations must already have or simultaneously implement and certify an Information Security Management System in accordance with the requirements of the ISO 27001 standard.
With growing concerns about data confidentiality and security, ISO 27701 certification is an excellent way to demonstrate to your clients, employees, and other stakeholders that your organization has an effective Personally Identifiable Information (PII) management system in place, ensuring compliance with relevant privacy laws.
We will continue to proudly support our clients in ensuring compliance with data protection regulations and safeguarding personal information, thereby promoting their business success and protecting their reputation, as well as meeting client and regulatory requirements, including those of the GDPR.
To learn more about our certification services and how we can assist your organization in obtaining ISO 27001 and ISO 27701 certification, please contact us.