Data protection - Specification for a personal information management system

Document Information

GSC Classification OFFICIAL
Access Policy Open
Reference bps80736-0000-00
Alt. Reference
Digital Intelligence and Investigation DII S&R 016
British Standards Institute BS 10012
Document Status Current
Primary Classification
Author Organisation British Standards Institute
Sponsor OrganisationNot Known
Trustee NPTC Standards Working Group,

Copyright Notice Copyright (c) 2016 National Police Technology Council (NPTC) group and the persons identified as the document authors. All rights reserved.


BS 10012 provides a best practice framework for a personal information management system that is aligned to the principles of the EU GDPR. It outlines the core requirements organisations need to consider when collecting, storing, processing, retaining or disposing of personal records related to individuals. Easily integrated with other popular management system standards, BS 10012 brings big benefits to companies of all sizes, including: Helps to identify and manage risks to personal information Supports regulatory compliance with data protection legislation Inspires customer trust
Protects your organizations reputation Benchmarks your own personal information management practices with recognized best practice


This is relevant to everybody handling personal data and gives guidance on how to be GDPR compliant amongst other areas.

Normative References

bps80736-0000-00 link



2018-10-22Digital Intelligence and InvestigationInternal assurance through the DPP programme.

Obsoleted By



Standards | DII Programme IntegrationActive


We’d love you to discuss this item but please be aware that these discussions are publicly accessible.