GDPR

GDPR

BIC GDPR Statement

In May a new European privacy law comes in effect that requires all organisations to make changes in line with the General Data Protection Regulation (GDPR), imposing new rules in regards to the collection, processing and security of data linked to EU establishments, (such as North East BIC).

The North East BIC are proactively working towards meeting the guidelines and standards set out by the information Commissioners Office (ICO) in readiness for May 2018. To ensure our staff, systems and internal processes reach the levels expected, we are reviewing and updating in preparation. This includes senior management meetings with legal bodies, product and infrastructure reviews and informing personnel through training and awareness programs.

Within the North East BIC, the senior management team is responsible for information security, however in regards to GDPR we have an independent team headed by out Data Protection Officer. Our clients are at the forefront of everything we do in preparation for GDPR compliance. We are also certified and monitored by IS09001 certification, HMRC tested and recognised, BACS accredited and their respective authorities.

All of our electronic data is held by Pulsant

Pulsant are certified to ISO27001, CSA-STAR and PCI-DSS and the controls for these standards are built in to their day to day operating processes, which are applicable to all areas of their business.