GDPR Compliance | BC 5701 Certification
With the new BC 5701 privacy certification, you can demonstrate your organization's compliance with regard to personal data.
Questions?
Talk to our experts
What is the new BC 5701 standard?
Our specialists:
BC 5701
The BC5701 standard outlines a set of criteria, procedures, and measures that provide organizations with guidelines for bringing the processing of personal data into line with GDPR rules. Applying the standard means that, as a controller or processor, you can have your handling of personal data assessed by an external expert. This gives you greater certainty that your GDPR compliance is demonstrably well organized. BC 5701 will be approved by the Dutch Data Protection Authority in September 2023 and published in the Government Gazette.
- We make privacy practical and self-evident, ensuring your organization becomes GDPR compliant.
- Demonstrable and verifiable compliance
- BC 5701: standard in the field of the GDPR
- The standard applied provides certainty regarding the correct handling of personal data for those involved.
What does the BC 5701 standard entail?
Other services
In recent years, organizations have implemented all kinds of processes to ensure GDPR compliance. But because of the many open standards, it is difficult to know exactly when it is good enough. The arrival of BC 5701 means that you now have a standard approved by the Dutch Data Protection Authority on how to interpret and apply the GDPR.
A privacy certificate fulfills an external function in addition to an internal one. With the BC 5701 certificate, you demonstrate to the outside world that the privacy interests of those involved are well protected. The organization's working methods have been objectively assessed and tested. This provides everyone with convincing evidence that the requirements of the GDPR have been correctly implemented.
Ultimately, the most important aspect of the BC 5701 standard is that it enables organizations to comply with the GDPR in an objective manner. The standard thus ensures demonstrable compliance and gives stakeholders confidence that personal data is properly protected.
What is the process if I choose a BC 5701 specialist from The Privacy Cooperation?
Free consultation
Click on "Request a consultation" to schedule an appointment with a consultant within two business days. Our consultants can answer your initial questions within 30 minutes.
We're going to work together
Our consultant will gather more information if necessary to gain a better understanding. After visiting your location, he/she will formulate a proposal for the further approach.
Dotting the i's and crossing the t's
Once we have agreed on what needs to be done, we will send you a quote for the work to be carried out.
We will work with you and for you
Our consultant works according to the action plan and is supervised by The Privacy CoOperation and a certified BC 5701 implementation professional.
Final assessment
We are working to obtain Brand Compliance certification for your organization. If improvements are needed after an audit, we will address them until the certificate is obtained.
BC5701
How can this privacy certification add value to your organization?
Privacy
Certainty about how privacy is safeguarded in your organization
Demonstrability
Good start to talks with regulators
USP
Competitive advantage within your industry
Future-oriented
Future advantage in tendering procedures
Questions?
Talk to our experts!BC 5701 in a broader perspective
Questions?
Talk to our experts!In July 2023 the European Court of Justice ruled that Meta/Facebook had misinterpreted part of the GDPR. The long-running lawsuits against Meta show that organizations can avoid the risk of fines by taking an objective look at the requirements and standards of the GDPR. With certification, independent auditors assess the organization's working methods, and mandatory recertifications take place. This prevents privacy protection from being implemented incorrectly or insufficiently.
Organizations can decide for themselves whether to apply BC 5701 as a voluntary standard or to go through the formal certification process. As is the case with the ISO 27001 standard for information security, some organizations will soon be working in accordance with BC 5701 but will not apply for certification. This may be because certification involves annual costs, for example.
By applying the BC 5701 methodology, an organization demonstrates to itself, the regulator, and stakeholders that it has taken GDPR compliance seriously. There is also an additional advantage to certification: there is a chance that governments will ask whether an organization has BC 5701 certification in tendering procedures. Certification then becomes a unique selling point.
The long-term benefits far outweigh the short-term investments required for certification. The certification process focuses heavily on employee training and awareness. This means that privacy and information security ultimately become part of daily work, and that employees unconsciously become proficient in the subject. This gives the subject real substance.
Contact
The specialist under BC 5701
Would you like to schedule a free consultation or do you have a quick question? We are happy to help. Fill in your details and we will get back to you within two business days.
Our privacy consultants
Anything still unclear?
Frequently asked questions
Read the frequently asked questions below. If your question is not listed, you can always reach us by phone at +31 6 58832812 or email us at Info@ThePrivacyCoOperation.nl
I am not sure whether privacy is properly implemented within my organization. How can my organization qualify for BC 5701 certification?
The level of maturity in the field of privacy can be determined using a model developed by the Center for Information Security and Privacy (CIP). Certification against BC 5701 is possible from CIP maturity level 3 onwards.
Does obtaining the BC 5701 certificate mean that my organization as a whole can be considered privacy compliant?
The BC 5701 certificate can be issued for a single independent processing of personal data (= the object of certification). All branches of the processing that is eligible for certification, both within and outside your organization, are assessed. Because processing within an organization can only be compliant if a certain system is in place (processes and procedures to properly apply privacy within processing), certification of one processing operation provides a picture of compliance within your organization.
How long does the entire process take (from determining the maturity level to certification by Brand Compliance)?
A maturity level assessment with an appropriate action plan for achieving certification is normally completed within two months. It is difficult to estimate in advance how much time it will take to bring your organization up to the required level. This depends on the size of the organization, its national or international branches, and (unfortunately) also the availability of suitable privacy and information security specialists.
What is the level of expertise of the privacy and information security specialists who will be working for my organization?
The Privacy CoOperation works exclusively with privacy and information security specialists who have at least three years of experience with GDPR implementation programs at various companies. It is also important to note that the specialists have followed training courses tailored to their work. Furthermore, a BC 5701 implementation program is always led and supervised by a BC 5701 implementation professional.
Sign up here for the monthly newsletter
Our newsletter is carefully compiled each month from reports from regulators and developments in case law and legislation. By subscribing, you can stay up to date with all the latest trends.