beqom, the provider of a cloud based total compensation solution, announced today that it has achieved the ISO 27001 certification, for its information security management system, supporting the beqom solution.
ISO 27001 standard provides requirements for establishing, implementing, maintaining, and continually improving a documented information security management system aligned with overall organization’s business risk. Internationally recognized, it focuses on risk-based implementation of security controls to adequately protect data assets.
Hery Andrianjafy, Head of Risk and Compliance at beqom, commented “We are extremely proud of this achievement, as it demonstrates our commitment to providing the highest level of data security to our clients. ISO 27001 certification provides a measure of trust and credibility for our customers, in showing that our security controls and processes adhere to the most widely recognized security standard.”
In addition to ISO 27001 certification, beqom is committed to developing best practice standards across its organization. In recognizing personal data as a company asset, ISO 27001 certification provides the best starting framework for beqom to achieve full observance of the General Data Protection Regulation (GDPR) when it comes into effect on May 25, 2018.
The GDPR is being introduced to protect the privacy and security of EU residents online. The regulation is dedicated to ensuring they have the highest confidence in the custodianship of their personal data, with measures to enhance protection—including the right to erasure, and privacy by design and by default—in place. The GDPR applies to EU residents data wherever it is processed, so organizations need to comply with the law regardless of where they are based. Most importantly, it will give residents the right to bring legal action against any organization that mistreats their data.
Through obtaining ISO 27001 certification, beqom has met many of the GDPR requirements when processing customer personal data, including:
- Responsibility and accountability
- Gaining consent for holding and using data
- Appointing a Data Protection Officer
- Recording and investigating data breaches
The beqom solution features privacy by design and by default, further aligning the company with GDPR requirements. Designed in a data-minimising way, beqom ensures that only personal data which is necessary for each specific purpose is collected and processed.
“The GDPR’s requirements are significant, and we’re working diligently to bring beqom in line for full observance. With compliance and privacy a key component in all aspects of the business, our primary goal is to instill customers with confidence that beqom has done everything it can to ensure data protection.”
— Hery Andrianjafy, Head of Risk and Compliance, beqom