We are regularly audited to ensure that we retain all of the necessary credentials and certifications to conduct background checks. We are certified to ISO 27001 and our practices conform to the requirements of the Freedom of Information Act 2000. Following an impact assessment, we have a programme in place to manage the changes which will be brought about by the General Data Protection Regulation 2018.
Together with our ISO 27001 commitment we also take the Data Protection Act seriously. We have controls in place to ensure the data we are processing is safe and secure – this is achieved through system controls and education of our employees. Our Information Security Policy MG(P)009 outlines the security and the protection of our information assets from threats, whether internal or external, deliberate or accidental. It applies to all employees, in all our operating countries.
We also have formal Data Protection Procedures MG(P)010 which outline our responsibilities to the Data Protection Act from our baseline workforce to our upper management levels. It also outlines the training we provide to our employees via e-learning to educate them on our responsibilities. Procius is committed to complying fully with its legal obligations under the Data Protection Act 1998 and generally to ensuring appropriate handling of personal data which it obtains or generates as part of its business operations. We are in the process of transferring our Data Protection Act policies and procedures to the new GDPA legislation and are working with our interested parties and suppliers in doing so.