How to avoid the legal pitfalls of information storage with BS 10008
Your HR team handles large quantities of sensitive data every single day. From employee salaries and insurance numbers, to sensitive personal information—it’s up to HR to manage and maintain every employee’s file.
Failing to outline these handling processes can result in non-compliance with the law, which can result in heavy fines and legal trouble. To help businesses like yours navigate these legal challenges, there’s the code of practice encapsulated in the BS 10008.
What is BS 10008 and how does it help your business avoid legal pitfalls?
BS 10008 is a British standard that identifies the best practices for deploying and handling electronic information management systems. This includes how to store and transfer information from one system to another, or from a physical location to a digital one.
The core purpose of BS 10008 is to help you verify all your electronic information. This ensures that your documents will be legally admissible should they be called for as evidence. For example, imagine you have to present information to a court. The BS 10008 ensures you have the correct processes in place to find what you need when you need it, which could help you avoid any penalties or fines.
Let’s dig deeper and show how BS 10008 helps your business avoid legal troubles.
1. It documents the electronic transfer of information
BS 10008 requires your HR teams to identify the best process for transferring electronic information between systems. This includes migrating physical records to digital files.
For example, when the Newcastle Upon Tyne NHS Trust experienced difficulties with its legacy systems and paper-based processes, the organisation contracted Datatron to digitise its 1.5 million sets of patient notes within five years.
Datatron followed the BS 10008 guidelines when migrating all these paper records to their digital system. We also helped the Trust stay compliant by outlining how authorised individuals could access the information they required, regardless of where it was in the digitisation process.
For the Newcastle Upon Tyne NHS Trust, this resulted in complete business continuity. It also allowed the Trust to present records as called upon by legal stakeholders.
2. It provides verification for electronic identity
One of BS 10008’s greatest strengths is the verification of electronic information when dealing with copyright or tracking concerns. Should your business need to verify that records are real — for example, if you’re facing a contract dispute with a freelance employee — BS 10008 outlines ways to authenticate encrypted information and electronic signatures.
Verifying information becomes even easier if you integrate electronic signature capabilities into your document management software. This allows you to obtain signatures in a hassle-free way. It also provides an audit trail, so you can tell who viewed the documents, as well as when.
Again, take the example of a contract dispute with a freelance employee. Perhaps the work you’re dealing with is extremely sensitive by nature, requiring a confidentiality agreement. This would be a separate document, stipulating the restrictions in sharing information, as well as outlining what would happen if the freelancer fails to adhere to these restrictions.
If the freelancer fails to sign this document, and then goes on to disclose information they shouldn’t, they could say they weren’t aware of the agreement. But with an electronic signature integration into an EDMS like Therefore, you can tell that they did in fact view the document. You can also pinpoint the date and time—information crucial to proving their contract breach.
Yet with Therefore, this kind of situation should be rare. As soon as someone signs a contract, Therefore’s automated workflows will send the document directly to the person responsible for reviewing it. So if a freelancer fails to sign everything they’re required to, you can flag this issue before giving them access to your assets.
How Datatron helps your business achieve BS 10008 compliance
BS 10008 applies to every business, regardless of size or industry. For HR teams, this standard is a must-have item on the compliance agenda.
At Datatron, we help businesses that use electronic filing systems achieve BS 10008. This enables you to develop a robust audit trail that acts as the single source of truth when faced with legal concerns.
To learn more about how Datatron can help your business achieve compliance with BS 10008, contact us or request a free quote today.