BS10012 is to enable organizations to put in place, as part of the overall information governance infrastructure, a personal information management system (PIMS) which provides a framework for maintaining and improving compliance with data protection legislation and good practice

The key piece of legislation in this area is The Data Protection Act. This implements a European Directive (95/46/EC) and applies to “personal data” which is defined in the DPA as information relating to identifiable living individuals. This British Standard uses the term “personal information” in place of the term “personal data” (Source: BS10012)