We take data seriously: that is why we obtained accreditation under ISO/IEC 27001:2013, the international standard for establishing, implementing, maintaining and continually improving an information security management system. It is also why we aim to be GDPR-compliant well before the May 2018 deadline.
ISO 27001:2013 Hymans Robertson’s Information Security Management System is certified to ISO 27001:2013. (Certificate Identity Number: 14125886)
We provide actuarial services to pension schemes. If you are a member of one of the pension schemes that we advise, you can read about how your personal information is used. Click here for further details.
We’ve been preparing for GDPR since May 2016. Our GDPR programme is well underway and has been gathering pace over the recent months. We’re well-placed to be ready to demonstrate compliance with GDPR from May 2018. You can read our latest update to find out more on our progress.
We've also prepared some short Sixty Second Summaries on specific GDPR issues. You can read more about these below.
One of the significant changes in UK data protection law arising from GDPR is the need for greater transparency when processing personal data. Privacy notices will be an important tool in meeting the requirements. You can find out more about the privacy requirements in our sixty second summary.
For data protection purposes, actuarial firms and individual scheme actuaries (as specialist service providers) may be considered to be ‘joint controllers’ of personal data, together with the pension schemes’ trustees. The actuarial firm, scheme actuary and the trustees need to agree their respective responsibilities. You can find out more on the Joint Controller issue in our sixty second summary.
The European Union’s General Data Protection Regulation will (despite Brexit) replace the UK’s existing data protection legislation when it becomes applicable on 25 May 2018. Its requirements are more onerous than current rules in many areas, including higher fines for serious breaches. As data controllers, the trustees or managers of occupational pension schemes need to begin their preparations now. Find out more in our sixty second summary.