This British Standard specifies requirements for a personal information
management system (PIMS), which provides a framework for maintaining
and improving compliance with data protection legislation and good
practice.
NOTE The Standard applies the “Plan-Do-Check-Act” (PDCA) cycle. See
Annex A.
This British Standard is for use by organizations of any size and sector. It
is intended to be used by those responsible for initiating, implementing
and maintaining a PIMS within an organization. It is intended to provide
a common ground for the management of personal information, for
providing confidence in its management, and for enabling an effective
assessment of compliance with data protection legislation and good
practice by both internal and external assessors.