Why do I need ISO27001?
Following a ruling in the recent Google Inc. v Vidal-Hall court case, there has been some clarification of the rules under the Data Protection Act 1988, which determines that even if there is no financial loss involved then a data breach causing an ‘emotional impact’ is now also punishable.
Plus, with negotiations ongoing on new EU data legislation, it’s certain that the importance of data governance and data protection is at the forefront of every marketers minds.
Unfortunately however, it often is not and data is passed by email, across USB devices and many unsecure methods that can cause a data breach.
What is ISO27001?
ISO27001 certification helps to add confidence that any company handling your data has audited processes and safeguards in place to prevent a potential data breach.
When looking at companies to assist with your database marketing it is essential that you check the credentials to handle your data securely and privately.
ISO27001 requires that a company:
- Systematically examine the organisation's information security risks, taking account of the threats, vulnerabilities, and impacts;
- Designs and implements a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
- Adopts an overarching management process to ensure that the information security controls continue to meet the organisation's information security needs on an ongoing basis.
As an ISO27001:2005 company, Blue Sheep are formally audited. We are best equipped to handle your customer data securely, build Single Customer Views and ensure that governance and auditing capabilities are in place well ahead of new legislation.
Are you concerned with changing legislation, the security of your data or your data bureau?