Infosys today announced that it has been awarded the accredited certification on ISO 27701, the international standard on data privacy, by Bureau Veritas Certification (BVC). Infosys is one of the first companies in the world to have earned this certification with accreditation.
The ISO 27701 standard, which came into effect in August 2019, provides an overarching framework on Privacy Information Management Systems (PIMS), to help companies fine-tune their data privacy practices and keep pace with the changing privacy threat and regulatory landscape through a rigorous risk and compliance driven approach, while being focused on measurement and continuous improvement. This is the world?s first International Standard on PIMS and incorporates a mapping against the requirements of EU GDPR – considered the gold standard in data privacy laws. Being certified to this global standard demonstrates Infosys? ability to effectively and consistently deliver solutions and services to clients in compliance with data privacy regulations and contractual requirements in applicable countries.
Srinivas Poosarla, Chief Privacy Officer and Data Protection Officer, Infosys, said, ?This is a significant accomplishment for us, given that we could get an accredited certification for the globally recognized, certifiable data privacy standard in such a short span of time. This was possible only because of the maturity of our data privacy processes resulting from the establishment of an independent, dedicated data privacy function that we set up almost a decade ago. I?m confident this certification will go a long way in being a differentiator and in increasing the trust our clients and other stakeholders place in Infosys for our privacy and data protection practices.?
Jagdheesh Manian, Head – Business (CER) , South Asia, BVC, said, ?We at Bureau Veritas are extremely proud to present our first accredited certificate against ISO/IEC 27701:2019 Standard on Privacy Information Management System (PIMS) to Infosys Limited. Infosys would probably be one of the first few companies globally, to have been awarded an accredited certificate on this standard.?
Manian further added, ?Data privacy is emerging as one of the strategic areas of focus for organizations processing personal information, given the increasing use of digital technologies, innovation, and enactment of stronger data protection laws, and we believe adopting a PIMS standard like ISO 27701 significantly reduces risk of non-compliance while instilling greater stakeholder confidence and trust. We are delighted to be accredited by NABCB while auditing Infosys, which in the shortest possible time implemented the PIMS with necessary controls as part of their initiative to be an early implementer of this standard – a remarkable achievement that demonstrates Infosys?s matured privacy practices and agility.?Nike